The main benefit of adaptive authentication is that, thanks to its flexibility, the ideal balance between security, costs and usability can be obtained. Furthermore, it gets rid of unnecessary complexity in the authentication process that amounts to an obstacle for users, which further promotes the use of the Web channel and reduces the costs involved.
Until now, implementing an authentication system entailed a dilemma. You either favored simplicity at the expense of security and used the most economical and easiest authentication methods but with a low level of assurances (e.g., static passwords). Or, on the other hand, you chose security over simplicity and implemented complex and expensive authentication methods that had high levels of assurance (e.g., double-factor authentication using a hardware token requiring a PIN to be enabled that contained a private key or generated OTPs). In the first case, you either severely restricted the options for deploying resources and services via the Web channel or were exposed to unacceptable risks and the costs that these risks could give rise to (e.g., damaged reputation, fines and civil liability). In the second case, while theoretically the full potential of the Internet could be harnessed for providing services and resources, in practice, access via Web channels was severely underused owing to the reluctance of users to use the authentication methods required and to the logistical difficulties and high costs entailed in using these methods (e.g., cost of support for helping users to correctly use the methods and cost of purchasing the devices used in the methods).
Adaptive authentication allows providing the optimal point between these two extremes in each situation. When the risk of identity theft is low or the operation is not critical, both of which are determined without affecting the user experience, it is entirely acceptable to use an authentication method with a relatively low level of assurance that is economical and easy to use. On the other hand, when there is a high risk of identity theft or the user wants to perform a critical operation, using an authentication method with a high level of assurance is advisable even though it may be more complicated to use. As it tailors the security level provided to the risk level detected, adaptive authentication maximizes usability in the authentication procedures used and minimizes the total cost of implementation.
Widespread use of the Web channel is in itself a cost reducer. This use, and the associated reduction in costs, has been, in many cases, impeded up until now because of the reluctance of users to use complicated authentication methods that they did not understand or that required technical knowledge beyond what can be learned through daily use. Adaptive authentication allows, in many cases, users to authenticate using very simple methods that do not entail an unacceptable reduction in security. So, deploying an adaptive authentication system can remove the reluctance that, until now, many users have had to using Web channels.