Patent attributes
The disclosed embodiments provide a system that manages access to a computer-based resource. During operation, the system obtains a request for the computer-based resource, wherein the request identifies a user seeking access to the computer-based resource. Next, the system obtains a set of security levels for a set of identity-proofing techniques, wherein the set of security levels is based on a first set of success rates of the identity-proofing techniques in preventing fraudulent access to computer-based resources. The system then calculates an identity assurance level for the user based on the set of security levels and a second set of success rates of the user in completing one or more of the identity-proofing techniques. Upon determining that the identity assurance level of the user meets a minimum identity assurance level for accessing the computer-based resource, the system enables access to the computer-based resource in a response to the request.
