Oracle moves into Risk-based Access Management by acquiring Bharosa

So the big identity management news coming out of Redwood Shores today (where I happen to be this week) is the acquisition announcement of Bharosa by Oracle. Bharosa is a global provider of proactive, real-time fraud detection and multifactor online authentication security solutions for the enterprise. (Read the press release here).

By agreeing to acquire Bharosa, the access management capabilities in the Oracle IAM suite will now expand to add risk profiling to the mix of criteria for making authentication and authorization decisions. This means that it will be possible to look at the activity being done by a user and assign that activity a risk score, which can then determine the level of authentication needed to continue, or make authorization decisions that take the risk score into account.

Bharosa would also bring real-time fraudulent activity detection and prevention to the suite, and protect against common identity theft techniques like phishing, MITM attacks and keylogging trojans.