These solutions do not currently count as a valid authenticator in and of themselves, as this information does not necessarily constitute a “Secret,” and most solutions leverage proprietary ways of making an authentication decision. We(NIST) are eager to discover secure, standards-based ways to execute these processes. However, until we have a good way to define the requirements to properly execute these approaches, “risk-based” and “adaptive” techniques are considered added controls to digital authentication. If you have ideas on how we can add these as acceptable authenticator types in future guidance, please let us know all about it!!! More Supposedly Risk-Based Authentication is a an Authentication Method that performs Authentication by gathering various context parameters that the Digital Identity possesses or demonstrates either within the same channel and or protocol or form separate channels or protocols.