Oracle Adaptive Access Manager

Rapid growth in online commerce has brought increasing sophistication of internet fraud. Threats from Phishing, Pharming, Trojans, Key Logging, and Proxy Attacks, combined with regulations and mandates (such as FFIEC, HIPAA, PCI) governing online data privacy, place online security at a premium. Customers must feel protected for online business channels to grow.^[1]

Oracle Adaptive Access Manager (OAAM) is part of the Oracle Identity Management product suite that provides protection for businesses and their customers through strong yet easy-to-deploy multifactor authentication and proactive, real-time fraud prevention. Oracle acquired the company "Bharosa" which means 'trust' in the Hindi language to extend Oracle's ability to offer its customers comprehensive web-based access management solutions. Combined with Oracle's identity management products, these innovative solutions deliver the next generation of adaptive, risk-based access management providing its customers with a comprehensive set of tools to protect and manage access to their assets..

Bharosa was founded by Thomas Varghese, a research scientist and a serial entrepreneur by background, in 2003. Don Bosco Durai and Jon Fisher later came on board as co-founders. The premise was simple in that the existing authentication technologies were not satisfactory and not very difficult to compromise. No authentication technology can really provide its full and intended security benefits unless the computer and computer network are re-designed from the grounds up. This is because originally, Computers were designed for Computing and Networks for Communication. It is the Internet revolution which has brought these insecure systems together as one system and these days one can hardly be separated from the other. Yet security is still an after-thought in such systems. Thomas Varghese thought of this lacuna when he was about to use his credit card in a foreign country on a Internet Kiosk and later invented the Bharosa platform to provide a two-way trust between the end user and vice-versa to operate within a compromised (phishing, pharming, keyloggers, malware, etc) environment. Oracle acquired Bharosa within three years of its incorporation as they were the leaders in their space and succeeded in securing some of the top financial institutions, health-care research organizations and some large eCommerce and SAAS offerings in the industry. Some of the software installations within the United States Air Force also place their trust in Bharosa.

Today most of the security vendors that offer authentication solutions also offer similar offerings in this space as this has been a proven solution for deterring fraudsters in the Internet age.

Oracle Adaptive Access Manager has two components, the strong Authentication-agnostic security component and the application-agnostic Risk component. One simple example of the Strong Authentication component is that a User can choose a personalized keypad and use mouse clicks to enter password to prevent passwords being stolen with key loggers and being phished or pharmed. The Risk Component analyzes the authentication and transaction data for abnormalities and anomalies in real-time to prevent fraud and also in off-line mode to identify and detect internet fraud.