Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

There are several international standards for identity assurance, like NIST (US), eIDAS (Europe, previously STORK) and ISO29115. SURFsecureID is SURFsecureID is based on ISO29115. The four levels of identity assurance commonly used are:

...

  • LoA 1: Password authentication through SURFconext at the users home IdP
  • LoA 2: LoA 1 + SMS, Tiqr or Tiqr Azure MFA authentication
  • LoA 3: LoA 1 + YubiKey (hardware or FIDO2 token ) authentication

Second Factor Only (SFO) authentication

With Second Factor Only (SFO) Authentication "Level" is used to indicate the authentication strength: LoA does not apply. There are two levels:

  • Level 2: SMS, Tiqr or Tiqr Azure MFA authentication
  • Level 3: YubiKey (hardware or FIDO2 token ) authentication

Level of assurance vs robustness of infrastructure

...