...
Full multi-factor: A complete new set of credentials assigned to the Subject in order to provide the Subject with the ability to use multi-factor authentication. This new set of credentials is by itself composed of at least two dependent factors (e.g. a smart card) and does not depend in any way on the normally used memorised secret, i.e. a password, belonging to the Subject.
2. Purpose, Scope and Summary
This profile defines how a SWAMID member organisation MUST implement a multi-factor solution in order to be certified by SWAMID for person-proofed multi-factor authentication in a federated environment. A person-proofed second factor or a person-proofed full multi-factor combines the use of multi-factor authentication with an assurance that the multi-factor authenticator is distributed to the intended Subject.
...
Observe that not all Identity Providers within the Swedish E-identfication identification system can be used for online identity proofing due to their Identity Provider usage policies.
...
Observe that not all Identity Providers within the Swedish E-identfication identification system can be used for online identity proofing due to their Identity Provider usage policies.
...
Replacement of second factor or full multi-factor MUST be done using the same methods as listed above for Credential Issuing.
...lägg till...
- Om han visar att man har tillgång till sin multifaktor får man byta multifaktor "online"
Guidance
Processes for replacement of second factors or full multi-factors should be documented in the IMPS, section 5.3.
Rekommendation om att lösenordsbyte ska ske med med både gammalt lösenord och andra faktorn.
5.4 Credential Revocation
...
...här behöver något in... Jag kan dock inte se att något skilljer här mot SWAMID AL2!
- Användaren kan inte längre använda MFA
- Användaren har blivit av med MFA antingen för enstaka inloggning eller för alltid
- Användarens konto avslutas
Guidance
Processes for revocation of second factors or full multi-factors should be documented in the IMPS, section 5.4.
...