As you know Microsoft Cloud services identity is based on Azure Active Directory (AAD).
You may also know that Azure AD is not only available for corporate authentication for your users or external partners companies but you can leverage Azure AD for you business to consumer (B2C) application with Azure AD B2C.
Well, Azure AD B2C got a new risk insights helping you staying on top of the security for your consumer authentication and access.
This new feature is called Risk Access Insights.
To be able to use it, you will need an Azure AD Premium P2 license.
You can access it from your Azure AD B2C portal by connecting to your Azure portal (https://portal.azure.com) and search for your Azure AD B2C tenant or use the Switch Directory option to access your Azure AD B2C tenant
There you should then see new blades available under the Security section
- Conditional Access
- Risky users
- Risk Detections
If you already use the Risky users/Risk Detection features in your Azure AD, these are basically the same features.
You will be able to get reporting on risky activities for your Azure AD B2C; meaning you can then be proactive to communicate with your B2C users and help them to better secure their accounts.
Being proactive means you can use the Conditional Access to setup password change and/or MFA request depending of the risk level – same as with the ‘normal’ Azure AD.
You also integrate Conditional Access with your user flow; you will need to use the Recommended version when creating the user flow