Dynamic Risk-Based Authentication Using AI Scoring Models in Healthcare Applications

Abstract

As digital healthcare systems grow increasingly complex and globally interconnected, safeguarding patient data while ensuring seamless access has become a critical challenge. Traditional authentication methods, such as static passwords and inflexible multi-factor authentication (MFA), often fail to provide context-aware security without disrupting usability. This paper presents a novel Dynamic Risk-Based Authentication (RBA) framework that integrates AI-powered risk scoring into a Healthcare Application developed on the Oracle APEX 24.2 low-code platform. The proposed solution evaluates real-time contextual data such as device fingerprinting, geolocation, behavioral history, and temporal patterns during each login attempt. This data is transmitted to an OpenAI-powered inference engine via RESTful APIs, which returns a normalized risk score. Depending on the risk classification (low, medium, or high), the application dynamically adjusts authentication mechanisms ranging from seamless login to OTP verification or full access denial. This approach demonstrated a 35% reduction in false positives and effectively blocked 92% of high-risk login attempts in pilot studies within healthcare domains. The architecture also includes adaptive learning feedback loops, enabling model refinement over time. Designed for regulatory compliance (HIPAA, GDPR) and operational scalability, this AI-RBA framework proves that low-code platforms can deliver enterprise-grade, context-sensitive cybersecurity
solutions. This research contributes a scalable, cross-domain authentication paradigm that enhances both data security and user experience, addressing a key challenge in AI-enhanced cybersecurity systems.