The Adaptive Risk module has a risk threshold that is set manually, and by default is set to
1. There are a variety of different authentication risks which are each given a score. If the value of the score meets or exceeds the risk threshold, then the authentication fails.
If the Adaptive Risk module was set up to be a sufficient authentication module, and if the risk does not reach the risk threshold, then it will be a valid authentication and will allow the user, access to the resource. If the risk meets or exceeds the risk threshold, then the authentication fails and moves on to the next authentication method, typically two factor authentication.