Reduce friction at mobile login with location behavioral biometrics
Incognia leverages the strongest risk signal available on mobile - location. Using device intelligence and anonymized location behavior Incognia delivers frictionless authentication at login and during other high-risk transactions. Incognia’s highly precise risk scoring increases security while reducing friction throughout the user journey. It enables mobile apps in financial services and mcommerce to provide users with frictionless multi-factor and passwordless authentication experiences.
Incognia’s lightweight mobile SDK and intuitive APIs are easy to integrate, can be used alone or as an input into existing risk engines, and provide financial services and mcommerce applications with actionable intelligence from day 1.
Increase Mobile Security
Secures mobile accounts against account takeover attacks by leveraging device intelligence and location behavior to recognize anomalous behavior at login.
Reduce Login Friction
Leverages location behavior for persistent mobile account security that reduces friction for trusted users and detects high risk login attempts.
Detect Fraudulent Behavior
Stops sophisticated account takeover attacks by layering device intelligence and location behavior ensuring you can differentiate between trusted and fraudulent users.
Incognia verifies login attempts by analyzing the location behavioral pattern of each user and matching it to their login history. Logins initiated at familiar locations will decrease the Incognia risk score and can be used as a silent authentication layer working in the background.
This guide details how to use Incognia to authenticate logins in combination with Auth0, by installing both SDKs into your mobile app and activating an Auth0 Action to communicate to Incognia servers.
As soon as your app starts, the Incognia SDK must be initialized. When the user logs in, your app gets the Installation ID (provided by the SDK) to pass them through Auth0 as a custom parameter. Your app then initiates an authentication request to Auth0.
When executed, the Incognia Auth0 Action communicates with the Incognia Transaction API to gather the risk assessment for both the device and user account.
- An Auth0 account and tenant. Sign up for free.
- An Incognia account. Sign up here.
- A mobile app to install the Incognia SDK. The app must ask the user for location permission. Foreground location permission is mandatory and background is preferred.
Add the Auth0 Action
- Select Add Integration (at the top of this page).
- Read the necessary access requirements and click Continue.
- Configure the integration using the following fields:
- Client ID: The client ID obtained from Incognia's dashboard (My Apps > API Credentials)
- Client Secret: The client secret obtained from Incognia's dashboard (My Apps > API Credentials)
- Incognia Region: Optional: If you chose Brazil as the country when signing up at Incognia, please choose
Brazil. Otherwise, choose
- Click Create to add the integration to your Library.
- Click the Add to flow link on the pop-up that appears.
- Drag the Action into the desired location in the flow.
- Click Apply Changes.
Integrate the Incognia mobile SDK
Incognia relies on a SDK that collects device and location behavior (Wi-Fi and GPS scans). Integrating the SDK gives you access to an Installation ID, which is used to interact with the Incognia APIs. Learn how to integrate the SDK by accessing the Auth0 partner page.
Using the Incognia risk assessment
The risk assessment result is made available on the
idToken as a custom claim named after
idToken is accessible on the
context objects of subsequent Actions and to your app via the decoded JWT token. For suggestions on how to use the Incognia risk assessment, visit the Auth0 partner page.