{"componentChunkName":"component---src-templates-blog-list-template-js","path":"/67","result":{"data":{"allMarkdownRemark":{"edges":[{"node":{"excerpt":"In modern websites that serve different kinds of users, there is a need to create a distinction between users to determine what kind of…","fields":{"slug":"/engineering/guest-post/role-based-user-authentication-with-loginradius-and-reactjs/"},"html":"

In modern websites that serve different kinds of users, there is a need to create a distinction between users to determine what kind of privileges are assigned to them. You can achieve this with authentication. Through authentication, we validate user-specific credentials to determine if the user is genuine and then assign a specific role, which could be a simple client or administrator access, for example.

\n

React user authentication is usually carried out by using a trusted third-party customer identity and access management (CIAM) software. This tutorial uses LoginRadius API to carry out user authentication with React application.

\n

Prerequisites

\n

You should know React to be able to follow this tutorial. Also, you should have the node package manager or yarn installed on your PC.

\n

Overview

\n

First, you need to install the LoginRadius React SDK. You can then configure it to provide authentication and role assignment for use within your React application.

\n

Introduction

\n

What is LoginRadius?

\n
\n

LoginRadius is a SaaS-based customer identity and access management (CIAM) system with features to manage customer identity, privacy, and access. It is a simple, implementable solution for adding user authentication and authorization to your website.

\n
\n

LoginRadius has features to add different login authentication options, including email, phone, and social network logins, such as Google and Facebook. It also provides security on these data. Some security features it offers include:

\n\n

LoginRadius comes with different SDKs, including reactjs authentication, to support different frameworks. One of them is the LoginRadius ReactJS SDK, which allows you to add authentication within your React app.

\n

Getting Started

\n

Creating a LoginRadius Account

\n

First, you need to create a LoginRadius account with a Developer Pro plan selected instead of the free plan. This is to be able to access role management features, which are only available in the Developer Pro plan.

\n

You'll get a page requesting you to create a new application. Click on \"create a new application\". After which, a page comes up where you should enter the name of your app and the URL to your app. Here, Input any name and URL of your choice.

\n

\"Naming

\n

Auth Page (IDX)

\n

LoginRadius allows you to create a custom login page (an auth page that you can customize from the dashboard), which you can then preview. This is a page provided by LoginRadius that you can easily customize to contain different form contents. Features like user log in, signup, email, and password have been pre-implemented on this page. You'll be using this page for registration and authentication with react application. To learn more on how to customize this page to contain more form contents, refer to customizing Auth Page.

\n

\"A

\n

To be able to use user roles within your app, you first have to set up these roles and their respective privileges from the dashboard. In this tutorial, you'll set up two roles, namely Admin and Client.

\n

To set up roles, navigate to your dashboard, click on \"user management\".

\n

Click on \"manage roles\" and click on \"add roles\". A popup opens in which you add the role name. And in the permission tab, add what permissions that role should have.

\n

This tutorial has added a \"client\" role with a permission called \"view\" and an \"admin\" role with permissions: \"view, edit, delete\". Enable \"set as default\" for the client role to automatically assign the client role to any user in our app by default.

\n

\"Role

\n

Integrate LoginRadius into React

\n

Creating a React Application

\n

To build your application, you'll be using the command-line interface (CLI) with create-react-app

\n

For node users:

\n
npx create-react-app {project name}
\n

Alternatively, if you're using yarn, write:

\n
yarn add create-react-app {project name}
\n

Next, cd into the directory with the command below:

\n
cd {project name}
\n

Configuring LoginRadius for React

\n

Next, you'll install the LoginRadius React dependency using the CLI:

\n

For node users:

\n
npm install loginradius-react
\n

yarn:

\n
yarn add loginradius-react
\n

To use the react-router components, you need to install react-router-dom using CLI. Run the following code to achieve this:

\n

For node:

\n
npm install react-router-dom
\n

yarn:

\n
yarn add react-router-dom
\n

Setup a .env file in the root directory with the following details:

\n
REACT_APP_LR_APP_NAME={app name}\nREACT_APP_API_KEY={your app key}\nREACT_APP_SECRET={your secret key}
\n

You can find the keys required above in your dashboard within react user authentication configuration: API key and secret.

\n

Building Login Components

\n

The Auth Page(IDX) is a web page created for you that reflects the configurations you create in our dashboard. You'll utilize this page as the login and signup page within your app and set up routes to route users to a different page based on their roles.

\n

Go to the index.js file and add:

\n
import React from "react";\nimport ReactDOM from "react-dom";\nimport App from "./App";\nimport { LRAuthProvider } from "loginradius-react";\n\nReactDOM.render(\n<React.StrictMode>\n  <LRAuthProvider\n    appName={process.env.REACT_APP_LR_APP_NAME || ""}\n    apiKey={process.env.REACT_APP_API_KEY || ""}\n    redirectUri={window.location.origin}\n  >\n    <App />\n  </LRAuthProvider>\n</React.StrictMode>,\ndocument.getElementById("root")\n);
\n

In the above code, you made imports for required modules, set up your LRAuthProvider component with parameters appname and apikeys from your .env file, and also created your redirect URI. In this case, it is equal to your current window.location.origin, which is the URL of the webpage -- in this case, it is our localhost.

\n

Localhosts are whitelisted by default. If you're building your app using a hosted site, you have to whitelist the URL in your dashboard. The entry component in the code is set to the App component.

\n

In the App.js component, add the following code:

\n
import React from 'react';\nimport './App.css';\nimport {\nBrowserRouter as Router,\nSwitch,\nRoute\n} from "react-router-dom";\nimport Auth from "./Landing";\nimport CallAPI from './Return';\n\nfunction App() {\nreturn (\n <Router>\n      <div className="App">\n        <Switch>\n          <Route exact path="/">\n            <div>{"Application home"}</div>\n            <Auth />\n          </Route>\n          <Route path="/login">\n          <CallAPI />\n          </Route>\n        </Switch>\n      </div>\n    </Router>\n);\n}\n\nexport default App;
\n

Here, you've set up your routes using Browser routes, Switch, and Route components imported from the react-router-dom module. The path to your home page is blank (\"/\"). It displays the text Application home. It runs an Auth component that was earlier imported. A second route is made for a second page with a path of \"/login\" that runs the CallAPI component on the new page.

\n

You'll then create a page that will serve as the landing page for your site. To do this, create a Landing.js file in your src folder and input the following code:

\n
import { useLRAuth } from "loginradius-react";\n\nconst Auth = () => {\n\nconst {isAuthenticated,loginWithRedirect,logout } =  useLRAuth();\n  if (isAuthenticated) {\n    return (\n      <div>\n        <button onClick={() => logout()}>\n          Log out\n        </button>\n      </div>\n    );\n  } else {\n    \n    return <button onClick={() => loginWithRedirect("/login")}>Login/Register</button>;\n\n  }\n}; \n\nexport default Auth;
\n

In the code written above, you've used loginWithRedirect, loginWithPopup, and logout authentication methods from the useLRAuth hook in your components to set up the authentication flow within your React application. You can also get access to the authentication state using isAuthenticated. The isAuthenticated method is used to check if the user is already logged into the app; it true, it returns true and displays a log out button that is connected to a logout function. Else, it returns false and displays a Login/Register button, which when clicked is set up to redirect to the path /login. The loginWithRedirect() and logout() methods use the Auth Page (IDX), where registration and login functionality is already implemented to perform these tasks.

\n

You can style the button to make it easier to see by adding the following code within your App.css file:

\n
//for our login button on our landing page \nbutton{\n  background-color: #2d56da;\n  color: #fff;\n  padding: 20px;\n  border-radius: 8px;\n}\n//for the output in our login route which we will cover later\nspan{\n  font-size: 24px;\n  height: 80vh;\n  width: 100%;\n  display: flex;\n  justify-content: center;\n  align-items: center;\n  text-align: center;\n}
\n

Using the LoginRadius API

\n

As an additional feature, you can use the LoginRadius React SDK to access the API to get parameters that are assigned upon logging in using the login form. You can use this method to check if a user is a client or administrator. Whenever a user creates an account using the form, the user is assigned a unique user-id called Uid, which you can view in your dashboard under \"manage users\". You can reference this user-id to determine your users’ roles. To do this, you need to fetch and return the Uid of the current user. The fetch request for the user role requires the Uid and your app secret key as parameters within the URL.

\n

In your src folder, create a file name return.js, and populate it with the following code:

\n
import React, { useEffect, useState } from "react";\nimport { useLRAuth, withAuthenticationRequired } from "loginradius-react";\n\nconst CallAPI = () => {\n\n  const [resp, setResp] = useState(null);\n    const { user } = useLRAuth();\n    const uid = user["Uid"];\n    \n\n  useEffect(() => {\n    (async () => {\n      try {\n        const response = await fetch(\n          `https://api.loginradius.com/identity/v2/manage/account/${uid}/role?apiKey=${process.env.REACT_APP_API_KEY}&apiSecret=${process.env.REACT_APP_SECRET}`,\n          {}\n        );\n        setResp(await response.json());\n      } catch (e) {\n        console.error(e);\n      }\n    })();\n  });\n\n  if (!resp) {\n    return <div>Loading...</div>;\n  }\n\n  return <span>{JSON.stringify(resp, null, 2)}</span>;\n};\n\nexport default withAuthenticationRequired(CallAPI, {\n  onRedirecting: () => <div>Loading...</div>,\n});
\n

Here, within your CallAPI component, you've used usestate hook to create two states resp and setResp to check if you have received a response from the API. A constant user was made to use the LAuth method to get the current user data, and then the next line gets the id of the current user. The useeffect React hook that runs after the render contains an asynchronous function is used to fetch the role of the current user uid. It returns the data and outputs it in JSON form, which value is given to SetResp. Else, it throws an error if the fetch request fails.

\n

Since it is an asynchronous function, the code below it runs while fetching and awaiting a response. resp is false during this time while waiting for the result of the asynchronous function. Therefore, it outputs \"Loading...\" on the screen until the async returns the data that it then outputs.

\n

The last code block: export is simply used to show \"Loading...\" on the screen during redirecting.

\n

Running the Code

\n

You can run the present code by cd into your parent directory and running:

\n
npm start
\n

When it successfully starts the server, you would have a similar page as follows:

\n

\n Auth component and is your / path in your routes within App.js. If you click on the \"login/register\" button, you'll be redirected to your custom Auth Page (IDX) provided by LoginRadius, where you can create a user account and login. You can manage the users who have accounts from your dashboard in \"manage users\".

\n

After logging in auth react js, with your user, you'll get redirected to the /login route that then runs the CallAPI component and gives you a result similar to the following:

\n

\n \n \n

\n

This is the current role of the user. Any user would have the role of client assigned since you've set to assign the client role by default to all our users from your dashboard during the creation of roles.

\n

Managing User Authentication and Data

\n

User Authentication

\n

In the above section, you've created a user account with different parameters for the email and password. Upon creation of an account, you get directed to the login page, where you can sign in using the credentials of the created account. Authentication was carried out on the parameters in the input field by the LoginRadius API set up in the Auth Page.

\n

Your user authentication is carried out by the API. This checks the input details against the registered user details. If any input not matching this is put in the form, you'll get an alert \"user does not exist\" upon clicking the login button. Upon logging in, your app key and secret are sent by your app to the authentication server. Upon authentication, the server responds with an access token and authorizes the user. To view this token, you can create a new file called Token.js and insert the following code into it:

\n
import React, { useEffect, useState } from "react";\nimport { useLRAuth, withAuthenticationRequired } from "loginradius-react";\n\nconst CallAPI = () => {\n  const { getAccessTokenSilently } = useLRAuth();\n  const [resp, setResp] = useState(null);\n\n  useEffect(() => {\n    (async () => {\n      try {\n        const token = await getAccessTokenSilently();\n        const response = await fetch(\n        `https://api.loginradius.com/identity/v2/auth/access_token/validate?access_token=${token}&apiKey=${process.env.REACT_APP_API_KEY}`,\n          {}\n        );\n        setResp(await response.json());\n      } catch (e) {\n        console.error(e);\n      }\n    })();\n  }, [getAccessTokenSilently]);\n\n  if (!resp) {\n    return <div>Loading...</div>;\n  }\n\n  return (\n    <span>{JSON.stringify(resp, null, 2)}</span>\n  );\n};\n\nexport default withAuthenticationRequired(CallAPI, {\n    onRedirecting: () => <div>Loading...</div>, \n    });
\n

The code above runs a fetch request for the access token and displays it when the data is returned. To view the output of this code, import the newly created file into your App.js file. Since the name of the function component in the code is still CallAPI, you don't need to edit the component called in the login route. You just need to comment out the former import for the component from your return.js file as shown below:

\n
import "./App.css";\nimport { BrowserRouter as Router, Switch, Route } from "react-router-dom";\nimport Auth from "./Landing";\n// import Login from "./Login";\nimport React from 'react';\n// import CallAPI from './Return';\n import CallAPI from './Token';\n\nfunction App() {\n  return (\n    <Router>\n      <div className="App">\n        <Switch>\n          <Route exact path="/">\n            <div>{"Application home"}</div>\n            <Auth />\n          </Route>\n          <Route path="/login">\n            <CallAPI />\n          </Route>\n        </Switch>\n      </div>\n    </Router>\n  );\n}\nexport default App;
\n

You then need to run the code by starting the server using the npm start command. Upon starting the server, when you log in, you'll have your user token displayed on the screen. Your output will be similar to the following:

\n

\n \n \n

\n

Here, you can see the access token and its details. You can then return your code to the previous CallAPI component imported from Return.js.

\n

User Data

\n

You can view and manage user accounts from the dashboard. You can find the panel for this under \"User management\":

\n

\"User

\n

Manage users:

\n

\"Manage

\n

Here, you can view the account information of your users, search for a particular user details using the email, Uid, or phone number as the query in the search box. Also, the panel provides an option to reset the password of a user, block users, and delete users as the above image shows. You can create new users by clicking on the \"add user\" button and filling in the details of the new user.

\n

Viewing User Permissions

\n

To view all roles and permissions for your app, change the URL in the fetch request to https://api.loginradius.com/identity/v2/manage/role, keeping the rest of the URL the same. That is, it still contains your appkey and appsecret parameters.

\n

Reload your page, and you'll have an output similar as follows:

\n

\n \n

\n \n \n

\n

The user has both client and admin roles because you've added client roles by default to all our users.

\n

Assigning Client and Admin roles

\n

To assign specific roles to different people, first you should uncheck the set as default in the \"manage roles\" section of your dashboard. You can then run an if block to check if the users’ logged-in emails are equal to a particular set of emails and then perform the assignment of admin roles to them; else, assign the client roles instead. Modify your return.js file as below:

\n
import React, { useState } from "react";\nimport { useLRAuth, withAuthenticationRequired } from "loginradius-react";\n\nconst CallAPI = () => {\n\n  const [resp, setResp] = useState(null);\n  const { user } = useLRAuth();\n  const uid = user["Uid"];\n  var response;\n  const email = user["Email"];\n  var emailmain = email[0].Value;\n  \n  \n  (async () => {\n    if (emailmain.toLowerCase() === "admin@example.com"){\n      try {\n          \n        \n        response = await fetch(\n          `https://api.loginradius.com/identity/v2/manage/account/${uid}/role?apiKey=${process.env.REACT_APP_API_KEY}&apiSecret=${process.env.REACT_APP_SECRET}`,\n          {\n            method: "PUT",\n            headers: {\n              'Content-Type': 'application/json',\n            },\n            body: JSON.stringify({\n              roles: ["Admin"],\n            }),\n          }\n        );\n        setResp(await response.json());\n      } catch (e) {\n        console.error(e);\n      }\n    }\n    else {\n       try {\n         response = await fetch(\n           `https://api.loginradius.com/identity/v2/manage/account/${uid}/role?apiKey=${process.env.REACT_APP_API_KEY}&apiSecret=${process.env.REACT_APP_SECRET}`,\n           {\n             method: "PUT",\n             headers: {\n               "Content-Type": "application/json",\n             },\n             body: JSON.stringify({\n               roles: ["Client"],\n             }),\n           }\n         );\n         setResp(await response.json());\n       } catch (e) {\n         console.error(e);\n       }\n    }\n  })();\n  \n\n  if (!resp) {\n    return <div>Loading...</div>;\n  }\n\n   return <span>\n    Welcome user : {uid}<br/>\n    Email : {emailmain}<br/>\n    {JSON.stringify(resp, null, 2)}\n  </span>;\n};\n\nexport default withAuthenticationRequired(CallAPI, {\n  onRedirecting: () => <div>Loading...</div>,\n});
\n

In the code above, you've created a const email that returned an array containing the user email. To get the email specifically, you've created another variable emailmain which gets the value at a particular array position containing the user email.

\n

The async request block has now been modified to check if the user email being used for logging in is equivalent to a particular email which you've declared. Alternatively, you can have your emails pulled from a database and assign the admin roles to the ones you want. The else block assigns a client role to emails that do not meet the first criteria. When you create a new account with an email similar to what I have in the if block, that is admin@example.com; when rerouted to the /login path, you'll discover that the role of admin was assigned while any other email will have the client role assigned upon login. The return statement returns the user id of the logged-in user, the email, and then the role in a JSON format. The output would be similar to the following:

\n

\n \n \n

\n

Conclusion

\n

This tutorial covered:

\n\n

These privileges can be used to give users certain permissions as to what they can do on your website.

\n

LoginRadius is a great tool and is easy to implement if you want to implement authentication in your application.

\n

A working version of the code used in this tutorial is available on Github.

\n","frontmatter":{"date":"September 03, 2021","updated_date":null,"description":"This tutorial illustrates how to perform user authentication and assign roles to users in React apps using LoginRadius.","title":"How to Implement Role-Based Authentication with React Apps","tags":["Authentication","React","User Roles"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/fcf79f1a32f1d204a52c31c37957f8b4/ee604/coverImage.png","srcSet":"/static/fcf79f1a32f1d204a52c31c37957f8b4/69585/coverImage.png 200w,\n/static/fcf79f1a32f1d204a52c31c37957f8b4/497c6/coverImage.png 400w,\n/static/fcf79f1a32f1d204a52c31c37957f8b4/ee604/coverImage.png 800w,\n/static/fcf79f1a32f1d204a52c31c37957f8b4/f3583/coverImage.png 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Victory Tuduo","github":"Victory-ET","avatar":null}}}},{"node":{"excerpt":"The authentication services market is seeing enormous growth in recent times and is only projected to increase. Most reports state that by…","fields":{"slug":"/growth/future-of-authentication-service-market/"},"html":"

The authentication services market is seeing enormous growth in recent times and is only projected to increase. Most reports state that by 2026, the authentication security market will reach an exponential high of USD 2,411.45 million. The market at present is valued at around 731.34 million dollars. This means that the market is projected to increase at a current annual growth rate or CAGR of 22%.

\n

This article will aim to determine what makes the advanced authentication security market so potent and what developments will take place shortly.

\n

What does Authentication Services Mean?

\n

The authentication services refer to the process where a user requests access to information from a certain authenticating party. A user can do so by disclosing certain details like login credentials which are only privy to the user and the authenticating party. When they do so, the authenticating party will cross verify if the details provided by the user align or match with the details in an on-premises directory.

\n

Almost every website uses some form of authentication service to allow users to access the data they have to offer. In recent times, authentication services have seen implementation on the cloud which is now known as Authentication-as-a-service. AaaS makes it possible for organisations to control the access of users to applications through services like multi-factor authentication, single sign-on and password management, all in the cloud.

\n

The Segmentation of the Authentication Services Market

\n

The analysis of the authentication services market takes place after segmenting it on the basis of its types. These types include:

\n\n

\n \n \n

\n

By analysing the market through different segments, it becomes possible to obtain a better understanding of the digital identity trends.

\n

An Overview of the Authentication Services Market

\n

The authentication services market is seeing enormous growth for specific reasons and technologies. The reason for this growth is due to the following reasons:

\n\n

In 2020 alone, there were around 304 million ransomware attacks worldwide. This was a 62% increase from the previous year. Even tech giants like Microsoft became victims of ransomware attacks. For this reason, enterprises have implemented a variety of authentication tools for extra protection.

\n\n

The amount of data that enterprises and organisations are deploying over the cloud is increasing exponentially. For this reason, the vulnerability of data loss through hacking is increasing as well.

\n\n

Most employees also work from home. Therefore, causing gaps in the existing cybersecurity protocols that enterprises may have like unsecured devices and more. For this reason, authentication services make it possible for enterprises to plug these gaps.

\n

Of the many technologies that authentication services have to offer, Multi-factor authentication is seeing more adoption in comparison to others. This is because:

\n\n

Before the advent of advanced authentication services, users were only protected through passwords. The unauthorised sharing of passwords became the most common cause of data breaches. For this reason, multi-factor authentication or MFA acts as a more stringent form of login security.

\n\n

This form of authentication can combine with other technologies like authentication applications, biometric technologies and more for better protection.

\n

According to analysis, from a geographical standpoint, North America will be the most prominent contributor. To be more precise, the United States is most likely to adopt authentication services in comparison to any other country. This is because of the increased use of devices and the storage of data on electronic databases.

\n

Therefore, authentication services have a lot to offer every sector possible, from healthcare to even defense. It is essentially the future of login security and will play an important role in reducing ransomware attacks.

\n

\n \n \n

\n","frontmatter":{"date":"September 02, 2021","updated_date":null,"description":"Authentication services have a lot to offer every sector possible, from healthcare to even defense. It is essentially the future of login security and will play an important role in reducing ransomware attacks.","title":"How Does the Future Look Like for the Authentication Services Market?","tags":["data security","authentication","mfa","cybersecurity"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7391304347826086,"src":"/static/e38e059bd8a6938fc97e9b740cdfb540/eec3f/future-of-authentication-market.jpg","srcSet":"/static/e38e059bd8a6938fc97e9b740cdfb540/f836f/future-of-authentication-market.jpg 200w,\n/static/e38e059bd8a6938fc97e9b740cdfb540/2244e/future-of-authentication-market.jpg 400w,\n/static/e38e059bd8a6938fc97e9b740cdfb540/eec3f/future-of-authentication-market.jpg 612w","sizes":"(max-width: 612px) 100vw, 612px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},{"node":{"excerpt":"An Overview With growing numbers of websites and consumers on those websites, authenticating each one of them becomes an arduous task. Also…","fields":{"slug":"/identity/sms-authentication-protect-business/"},"html":"

An Overview

\n

With growing numbers of websites and consumers on those websites, authenticating each one of them becomes an arduous task. Also, it becomes an important aspect to protect and secure the consumer's data available on your application. To protect sensitive consumer data, two-factor authentication became a mandatory requirement in today's digital world.

\n

Two-factor authentication can be done via multiple channels. One is by using google authenticator codes, and the other is sending OTP on the consumer's email. But the easiest and convenient way is to do it via SMS.

\n

SMS stands for Short Messaging Service, which you guessed right. The text messages that we get on our mobile phones. This SMS holds an One Time Password (OTP), used to validate the consumer login. So basically, it can be used as a backend agent who reaches out to the original consumer and provides him access to any network, system, or web application.

\n

How does SMS Authentication Work?

\n

A short messaging service (SMS) is generally used to carry any information to the end-user. It can be information like promotional messages, notifications, or personal texts, but they also carry authentication codes (OTPs).

\n

Using SMS authentication is quite simple and easy to understand. When a consumer tries to log in to a website, system, or network, he provides the login credentials. On successfully authenticating the login credentials, the server now does a two-factor authentication. It ensures that the consumer trying to log in is who he says he is. To authenticate the user, a text SMS and an OTP are sent to the consumer's registered mobile number. When that OTP is entered, the consumer gets authenticated, and then only they can access the contents of the system/application.

\n

SMS authentication is based on one of the three types of multifactor authentication, i.e., Possession based authentication. In this type of MFA, the consumer is authenticated via something that only he can possess, which is the mobile handset.

\n

Merits and Demerits of Using SMS Authentication

\n

Everything in this world holds both the concepts of merits and demerits, and so does SMS authentication. Let's first discuss the merits that it has.

\n
    \n
  1. Additional Layer of security: Two-factor authentication is now widely used to protect consumers' account data. SMS authentication provides an extra layer of protection that too without any complexity. At least it is far better than having no additional security check.
    2. \n
  2. Ease of usage: It is the human behaviour that we always look for an easy way to get our work done. Now imagine having a complex two factor authentication setup. Users will end up frustrated doing complex authentications. Here SMS authentication rises as an easy and secure option.
    3. \n
  3. Ease of usage: It is human behavior that we always look for an easy way to get our work done. Now imagine having a complex two-factor authentication setup. Users will end up frustrated doing complex authentications. Here SMS authentication rises as an easy and secure option.
    4. \n
  4. Low Cost: Sending SMS to consumers includes minor charges, which helps a lot for the organization with a large consumer base.
    5. \n
\n

Even after being so convenient and easy to operate, there are some demerits also. These demerits are capable enough to make the organizations think that it is enough to protect the business. Let's discuss them one by one:

\n
    \n
  1. SIM Highjacking or Device theft: It looks effortless to send the verification code on a mobile number and authenticate consumers based on that. But the Option of SMS authentication can be harmful if the SIM/device got lost or stolen by someone. As in this case, SIMs can easily be used on other mobile phones, and they will still receive the validation code.
    2. \n
  2. Hacking: Earlier, it was complicated to intercept GSM-based SMS, but as the technologies are evolving, hackers have also got more power in their hands. The regular text which is sent and received over mobile phones can easily be intercepted today.
    3. \n
  3. Social Engineering Attacks: Compared to earlier days, more devices are now connected to the internet today. Today, a simple phishing link via a text msg or any advertisement will do the job. If a consumer clicks on the link by mistake or falls into any such trap, all his data will be gained by hackers, including SMS.
    4. \n
\n

\n \n \n

\n","frontmatter":{"date":"September 02, 2021","updated_date":null,"description":"Protecting your business with two-factor/ multi-factor authentication is a great way to keep unauthorized users away from your confidential data. But are SMS secure enough for this purpose? Are there any other security flaws involved in using SMS for authentication? Let’s find out.","title":"SMS Authentication — Can it Really Protect Your Business?","tags":["security"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.6666666666666667,"src":"/static/1eeb09974e808e86297ec44977490ac5/14b42/sms-authentication-protect-business-cover.jpg","srcSet":"/static/1eeb09974e808e86297ec44977490ac5/f836f/sms-authentication-protect-business-cover.jpg 200w,\n/static/1eeb09974e808e86297ec44977490ac5/2244e/sms-authentication-protect-business-cover.jpg 400w,\n/static/1eeb09974e808e86297ec44977490ac5/14b42/sms-authentication-protect-business-cover.jpg 800w,\n/static/1eeb09974e808e86297ec44977490ac5/16310/sms-authentication-protect-business-cover.jpg 1024w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Ashish Kumar Yadav","github":null,"avatar":null}}}},{"node":{"excerpt":"The restaurant industry is still adapting to the digital-first paradigm brought on by the pandemic, but online order volume is growing for…","fields":{"slug":"/growth/how-mfa-makes-qsr-promotions-fraud-free/"},"html":"

The restaurant industry is still adapting to the digital-first paradigm brought on by the pandemic, but online order volume is growing for quick-service restaurant QSR chains and is not going away anytime soon. In fact, it is becoming mission-critical for QSR restaurants to take advantage of marketing opportunities afforded by this new normal.

\n

Mobile-savvy restaurant owners are seeing a boom in engagement, but so are the scammers looking to get a piece of the pie. Restaurants have made security a primary concern, with many implementing multifactor authentication (MFA) methods to stop such attacks.

\n

Multi-factor authentication is a type of authentication service that requires a user to give two or more verifications to obtain access to a resource like an application, an online account, or a VPN. Robust identity and access management policy should include multi-factor authentication.

\n

MFA needs one or more additional verification criteria in addition to the login and secure password, which reduces the chances of a successful cyber attack.

\n

Why Should Restaurants Implement MFA?

\n

The major benefit of MFA is that it increases the security of your business by forcing users to identify themselves with more than just a username and password. Despite been for a long time, usernames and passwords can be stolen by third parties and are vulnerable to brute force attacks.

\n

Enforcing the use of multi-factor authentication (MFA) features like a fingerprint or a genuine hardware key boosts your restaurant’s confidence in its capacity to defend itself from hackers.

\n

How Does MFA Work?

\n

MFA works by seeking further information to verify its claims (factors). One-time passwords (OTP) are one of the most prevalent MFA elements that consumers face. OTPs are four to eight-digit codes that you may get by email, SMS, or a mobile app.

\n

When using OTPs, a new code is produced regularly or whenever an authentication request is made. The code is produced using a seed value provided to the user when they initially register and another element, such as an incremental counter or a time value.

\n

Three Factors of MFA

\n

The majority of MFA authentication methods rely on one of three sorts of extra data:

\n\n

In an interview with PYMNTS, Vikram Dhawan, vice president and senior product leader at Kount, an Equifax business, warned that QSRs and other merchants must safeguard their promotions and customers' accounts to strengthen their defenses against an assault of faceless, digitally-mounted attackers.

\n

\n \n \n

\n

The news came as PYMNTS research revealed that 44 percent of respondents indicated they were more likely to order from restaurants that offered specials or discounts. According to Dhawan, this circumstance allows for marketing misuse and fraud.

\n

“Anytime you have the option to give anything out for free or at a very low cost,” Dhawan added, “you will draw traffic.” And the question is, \"How much traffic is good and how much is bad?\"

\n

It's not simple to tell which is which, especially when a good campaign may increase traffic dramatically.

\n

He recalled how one of the restaurants Kount now works with ran into issues when it started giving free things and noticed an \"enormous\" amount of signups for free products.

\n

Monitoring Endpoints

\n

Fraudsters discover ways to try account takeover tactics in the face of such volume increases, he added. The endpoints of a transaction are the first thing merchants must understand to prevent account takeovers.

\n

He mentioned Kount's technology, allowing clients to see how many accounts are generated from the same endpoint device, such as a phone, laptop, or tablet. A few accounts arriving may be acceptable, but hundreds, if not thousands, of accounts arriving from a single endpoint, indicate a problem.

\n

Many shops require that email addresses be used for signups, but he pointed out that creating an email account can be done for free and indefinitely these days. Criminals can generate several fake emails to sign up for an offer and take advantage of it.

\n

He claims that his company's \"Email Insights\" service may provide information on an email's \"reputation,\" such as if it was produced lately and how frequently it could be utilized. Restaurants and shops can choose whether to halt account creations or redirect them to a secondary authentication method.

\n

He believes that modern technology — such as internet platforms — may also be used to halt promo code misuse. He claims that bad actors are aware of a promotional code or 17-digit alphanumeric string structure and go out of their way to find current promo codes.

\n

He said, \"When they locate an active promo code, they disseminate it across their networks, which is how promo code abuse happens.\" Tracking many such attempts to a single device can help detect whether a fraudster is attempting to apply \"brute force\" on a code.

\n

The Balancing Act

\n

When it comes to anti-fraud measures and consumer experiences, there is a delicate balance to be struck. Raising the barrier excessively high so that no one can get in harm, real customers.

\n

Merchants must determine how high to elevate the threat level and at what degree to implement payment authentication difficulties based on their business operations.

\n

“Perhaps it's dependent on the pricing or the amount of money you spend,” Dhawan said, citing an example of a customer who previously spent $5 and $10 each transaction but suddenly spent $5,000 on order. That's a good sign that suggests we should \"double-check that it's you.\"

\n

In an age where, even after the pandemic, digital transformation, online ordering, and online marketing, particularly among QSRs, will endure, he added, the necessity to employ modern technology and acceptable levels of friction remain especially essential.

\n

“Consumers who order items and services from QSRs using digital technology are not going away,” Dhawan told PYMNTS. They appreciated how the systems work since they didn’t have to wait in lines, said another participant.

\n

Consumers may now eat these goods in a variety of ways. So it would be fascinating for merchants to react to that change and that dynamic nature.”\n\n \n \n

\n","frontmatter":{"date":"September 01, 2021","updated_date":null,"description":"Quick-Service Restaurants are seeing a boom in engagement, but so are the scammers. Read this blog to find out how to boost your restaurant’s confidence in its capacity to defend itself from hackers.","title":"How MFA Makes Quick Service Restaurants (QSR) Promotion Fraud-Free","tags":["mfa","digital transformation","biometric authentication"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/7637183f5147c43df2add0a6b6622601/eec3f/qsr-payment-ciam-loginradius.jpg","srcSet":"/static/7637183f5147c43df2add0a6b6622601/f836f/qsr-payment-ciam-loginradius.jpg 200w,\n/static/7637183f5147c43df2add0a6b6622601/2244e/qsr-payment-ciam-loginradius.jpg 400w,\n/static/7637183f5147c43df2add0a6b6622601/eec3f/qsr-payment-ciam-loginradius.jpg 612w","sizes":"(max-width: 612px) 100vw, 612px"}}},"author":{"id":"Navanita Devi","github":null,"avatar":null}}}},{"node":{"excerpt":"According to recent research, it takes 5 to 7 impressions\n for people to remember your brand, meaning that customers will recognize your…","fields":{"slug":"/growth/how-consumer-identity-influence-brand-recognizability/"},"html":"

According to recent research, it takes 5 to 7 impressions\nfor people to remember your brand, meaning that customers will recognize your brand after they have seen it at least five times on different platforms. Your brand could be seen through many different formats, from banner ads to video ads - but depending on the consumer identity, your brand will be perceived differently.

\n

Brand recognizability depends on various aspects, and consumer identity is one of the integral components on the way to your company's popularity.

\n

Let’s explore more about how people's self-perception influences brand choice and the types of consumer identities for you to consider.

\n

\n \n \n

\n

Image Source: Live Inspired Mag

\n

What is Brand Recognizability?

\n

Brands are constantly competing to stand out and attract larger clientele. Marketers and advertisers develop new strategies to increase brands' visibility and make them recognizable.

\n

Today, it is extremely easy to promote brands and sell products on different online platforms, but the problem lies in uniqueness and the possibility of staying in people’s memory.

\n

We find a plethora of brand promotions on social media, news, YouTube videos, films, but sometimes they are annoying. Thus, instead of getting interested in a brand, our brain creates negative associations with it, especially when the product or service is too strange and unnecessary for us.

\n

Therefore, brand promotions should be targeted at specific groups of consumers, taking into account not only their needs and preferences but something more sophisticated - their identities.

\n

Consumer Identity Importance

\n

There’s no doubt that purchases consumers make are directly influenced by the image individuals have of themselves. People have these images in their heads, and they determine the choice of the brand.

\n

The things we buy help us to better express who we are. Sounds fantastic, isn’t it? But many researchers in the field of marketing and psychology prove the credibility of this connection between self-and product-image.

\n

Consumers try to express their internal feelings with external means such as brands. We can conclude that purchase is the form of self-expression, and brand is the symbol of our inner self.

\n

\n \n

In this article, we’ll try to figure out what brand recognizability is made up of and how it is connected to consumer identity. Let’s move on to discover how it works.

\n

Image-Oriented Consumers

\n

The visual component is integral for brand recognizability, making it visible and popular. As a rule, it’s simple and memorable, allowing a brand to stand out from the crowd of powerful competitors.

\n

This type of consumer pays attention to symbols and color, and it was found out that a consistent color palette on the logo increases brand recognizability by 80%.

\n

A logo is the company's face, and a considerable number of consumers recognize a brand visually. Thus, if the brand logo corresponds to their personal image of beauty and attractiveness, they will choose you.

\n

Audio-Oriented Consumers

\n

Many people better perceive information aurally, meaning that customers easily recognize a brand by melody or song accompanying its advertising.

\n

Audio-oriented consumers better recognize short catchy melodies of high quality. Provide consumers with a great audio experience and work on sound clearness and recognizability. It must be unique or resemble popular songs, but the main task is to trigger in their memory your brand.

\n

Text-Oriented Consumers

\n

Statistics say that 82% of consumers feel more positive about a brand after reading meaningful content. If you want to increase brand recognizability, pay attention to customers’ preferences and publish customizable content regularly, whether that’s through blog articles or newsletters.

\n

With Write my essay, brands can improve their visibility and convey unique messages to existing and potential consumers.

\n

Emotion-Oriented Consumers

\n

Emotions mean a lot to many of us, but the emotion-oriented type of consumers find this criterion crucial when recognizing a brand. There is a survey indicating that more than 65% of respondents were emotionally connected to a brand. They felt like the company or business cared about people like them. People feel interested, optimistic, and joyous when they are connected to a brand.

\n

Conclusion

\n

Now you understand the concept of brand recognizability and its bounds with customer identity. We explored four types of consumer identities you should pay attention to and defined their main preferences.

\n

Brand recognizability is based on the self-perceptions of potential consumers, and you should target their self-concepts properly. These findings can help you build stronger connections with consumers and increase your brand's success.\n\n \n \n

\n","frontmatter":{"date":"August 31, 2021","updated_date":null,"description":"People are more likely to pay attention to your offer if they recognize your brand among hundreds of others and consider it trustworthy.","title":"How Consumer Identity Influence Brand Recognizability","tags":null,"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/c03fac2de467066d44b4061099e705cf/eec3f/brand-identity.jpg","srcSet":"/static/c03fac2de467066d44b4061099e705cf/f836f/brand-identity.jpg 200w,\n/static/c03fac2de467066d44b4061099e705cf/2244e/brand-identity.jpg 400w,\n/static/c03fac2de467066d44b4061099e705cf/eec3f/brand-identity.jpg 612w","sizes":"(max-width: 612px) 100vw, 612px"}}},"author":{"id":"Conrad Sturdy","github":null,"avatar":null}}}},{"node":{"excerpt":"We all have witnessed the sudden paradigm shift where movie theatres have been replaced by OTT (over the top) platforms and books and…","fields":{"slug":"/identity/poor-login-concurrency-impact-ott-platforms/"},"html":"

We all have witnessed the sudden paradigm shift where movie theatres have been replaced by OTT (over the top) platforms and books and magazines by e-books amid the global pandemic.

\n

As social isolation continues to be the new normal amidst remote working and social distancing measures, the popularity of OTT streaming apps – both video and audio has jumped exponentially to meet the surging demand.

\n

The latest stats reveal that the number of users in the OTT Video segment is expected to reach 462.7 million by 2025.

\n

However, with the increase in subscriptions and the number of audiences online, several underlying threats have severely impacted the OTT businesses.

\n

One such issue is poor login concurrency, which can lead to severe identity theft issues for individuals and OTT platforms.

\n

Login concurrency refers to a situation where a user is logged into multiple devices from a single identity.

\n

Login concurrency can be pretty risky as two or more users using the same credentials have access to resources and critical information, and it becomes difficult for service providers to identify the unauthorized user that may have wrong intentions.

\n

Let’s understand this in-depth and understand the harmful consequences of poor concurrency management for OTT platforms and how OTT platform providers can leverage identity management.

\n

What is a Concurrent Login?

\n

Concurrent login is a situation where a user is logged into a network through a single identity from multiple devices and has access to resources and information.

\n

The user can be a single individual or two or even multiple individuals using the same identity on a platform to access services from different locations or devices.

\n

There can be multiple reasons for concurrent login: the user’s negligence, poor session management by vendors, or a sneak into a consumer’s identity.

\n

How Concurrent Login Affects OTT Platform?

\n

Various live streaming cloud OTT providers face challenges where concurrent login issues hamper user experience and eventually become a threat.

\n

Cybercriminals are exploiting consumer identities of OTT subscribers and are accessing critical consumer information and trying to exploit business data for diverse purposes.

\n

Moreover, the most subscribed OTT platform globally has reported users sharing access credentials beyond permitted limits with their friends and families, which is the leading cause of revenue loss.

\n

Thus, to overcome the situation where concurrent login is exploited in OTT services, there needs to be a stringent mechanism that provides real-time insights regarding a user’s login details and adequately manages login sessions for each sign-in and sign-out.

\n

Here’s where the role of a robust CIAM (Consumer Identity and Access Management) comes into play.

\n

\n \n \n

\n

Let’s dig deeper into this.

\n

Poor Session Management by OTT Platforms

\n

If a user interacts with a platform and makes several interactions, the web application issues a session ID. This session ID is issued whenever a user logs in and records all their interactions.

\n

It is through this ID that the application communicates with users and responds to all their requests.

\n

The OWASP broken authentication recommendations state that this session ID is equivalent to the user’s original login credentials. If hackers steal a user’s session ID, they can sign in by impersonating their identity. This is known as session hijacking.

\n

The following points list the scenarios that can cause broken authentication.

\n
    \n
  1. Weak usernames and passwords.
    2. \n
  2. Session fixation attacks.
    3. \n
  3. URL rewriting.
    4. \n
  4. Consumer identity details aren't protected when stored.
    5. \n
  5. Consumer identity details are transferred over unencrypted connections.
    6. \n
\n

Impact of Broken Authentication and Session Management

\n

If a hacker successfully logs in by stealing a user’s credentials using any of the above-mentioned broken authentication techniques, they can misuse their privileges and impact the company's sustainability.

\n

Cybercriminals can have various intentions of hijacking a user’s web application, such as:

\n\n

In short, hackers can use broken authentication attacks and session hijacking to gain access to the system by forging session data, such as cookies, and stealing login credentials.

\n

Thus, it would be best to never compromise with your web applications' security.

\n

How LoginRadius Protects Against Broken Authentication

\n

LoginRadius has been at the forefront of offering a multilevel security web app environment. Here is how LoginRadius applications protect against broken authentication:

\n\n

Final Thoughts

\n

With increasing OTT subscriptions and user expectations, OTT platforms need to gear up to deliver a flawless user experience in a way that doesn’t hamper their overall security mechanism quickly.

\n

Adding stringent layers of security through a robust CIAM solution becomes the immediate need of the hour for OTT platforms facing concurrent login issues that affect their brand reputation and overall business revenues.

\n

\n \n \n

\n","frontmatter":{"date":"August 31, 2021","updated_date":null,"description":"With the increase in subscriptions and the number of audiences online, several underlying threats have severely impacted the OTT businesses. One such issue is poor login concurrency. Learn how login concurrency is affecting OTT platforms and how they can overcome this dilemma.","title":"How Poor Login Concurrency can Impact OTT Platforms' Business","tags":["data security","ciam solution","broken authentication"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.8867924528301887,"src":"/static/67d644bfd92d905d271f935ae6eca665/14b42/poor-login-concurrency-impact-ott-platforms-cover.jpg","srcSet":"/static/67d644bfd92d905d271f935ae6eca665/f836f/poor-login-concurrency-impact-ott-platforms-cover.jpg 200w,\n/static/67d644bfd92d905d271f935ae6eca665/2244e/poor-login-concurrency-impact-ott-platforms-cover.jpg 400w,\n/static/67d644bfd92d905d271f935ae6eca665/14b42/poor-login-concurrency-impact-ott-platforms-cover.jpg 800w,\n/static/67d644bfd92d905d271f935ae6eca665/16310/poor-login-concurrency-impact-ott-platforms-cover.jpg 1024w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}}]},"markdownRemark":{"excerpt":"Identity is evolving, and developers are at the forefront of this transformation. Every day brings a new learning—adapting to new standards…","fields":{"slug":"/identity/developer-first-identity-provider-loginradius/"},"html":"

Identity is evolving, and developers are at the forefront of this transformation. Every day brings a new learning—adapting to new standards and refining approaches to building secure, seamless experiences.

\n

We’re here to support developers on that journey. We know how important simplicity, efficiency, and well-structured documentation are when working with identity and access management solutions. That’s why we’ve redesigned the LoginRadius website—to be faster, more intuitive, and developer-first in every way.

\n

The goal? Having them spend less time searching and more time building.

\n

What’s New and Improved on the LoginRadius Website?

\n

LoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve spent the last few months redesigning our interface— making navigation more intuitive and reassuring that essential resources are easily accessible.

\n

Here’s a closer look at what’s new and why it’s important:

\n

A Developer-Friendly Dark Theme

\n

\"This

\n

Developers spend long hours working in dark-themed IDEs and terminals, so we’ve designed the LoginRadius experience to be developer-friendly and align with that preference.

\n

The new dark mode reduces eye strain, enhances readability, and provides a seamless transition between a coding environment and our platform. Our new design features a clean, modern aesthetic with a consistent color scheme and Barlow typography, ensuring better readability. High-quality graphics and icons are thoughtfully placed to enhance the content without adding visual clutter.

\n

So, whether you’re navigating our API docs or configuring authentication into your system, our improved interface will make those extended development hours more comfortable and efficient.

\n

Clear Categorization for LoginRadius Capabilities

\n

\"This

\n

We’ve restructured our website to provide a straightforward breakdown of our customer identity and access management platform capabilities, helping you quickly find what you need:

\n\n

This structured layout ensures you can quickly understand each capability and how it integrates into your identity ecosystem.

\n

Developer-First Navigation

\n

\"This

\n

We’ve been analyzing developer workflows to identify how you access key resources. That’s why we redesigned our navigation with one goal in mind: to reduce clicks and make essential resources readily available.

\n

The new LoginRadius structure puts APIs, SDKs, and integration guides right at the menu bar under the Developers dropdown so you can get started faster. Our Products, Solutions, and Customer Services are also clearly categorized, helping development teams quickly find the right tools and make informed decisions.

\n

Quick Understanding of Integration Benefits

\n

\"This

\n

Developers now have a clear view of the tech stack available with LoginRadius, designed to support diverse business needs.

\n

Our platform offers pre-built SDKs for Node.js, Python, Java, and more, making CIAM integration seamless across popular programming languages and frameworks.

\n

Over to You Now!

\n

Check out our revamped LoginRadius website and see how the improved experience makes it easier to build, scale, and secure your applications.

\n

Do not forget to explore the improved navigation and API documentation, and get started with our free trial today. We’re excited to see what you’ll build with LoginRadius!

\n","frontmatter":{"date":"February 21, 2025","updated_date":null,"description":"LoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve redesigned our website interface, making navigation more intuitive and reassuring that essential resources are easily accessible.","title":"Revamped & Ready: Introducing the New Developer-First LoginRadius Website","tags":["Developer tools","API","Identity Management","User Authentication"],"pinned":true,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7857142857142858,"src":"/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp","srcSet":"/static/80b4e4fbe176a10a327d273504607f32/61e93/hero-section.webp 200w,\n/static/80b4e4fbe176a10a327d273504607f32/1f5c5/hero-section.webp 400w,\n/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp 800w,\n/static/80b4e4fbe176a10a327d273504607f32/99238/hero-section.webp 1200w,\n/static/80b4e4fbe176a10a327d273504607f32/7c22d/hero-section.webp 1600w,\n/static/80b4e4fbe176a10a327d273504607f32/1258b/hero-section.webp 2732w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.jpg"}}}},"pageContext":{"limit":6,"skip":396,"currentPage":67,"type":"///","numPages":161,"pinned":"ee8a4479-3471-53b1-bf62-d0d8dc3faaeb"}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}