Full flexibility and high level of security
Level of Assurance (LoA) refers to the degree of Assurance for which the identity has been verified.
A central part of Nets’ eID offering is the authentication system. From an end-user perspective, the authentication is performed using one or more authenticators such as password, authentication app or a one-time password (OTP) token.
This provides a flexible way of designing different authentication flows, while still maintaining the necessary security level in accordance to the risk associated with the specific transaction.
The Authenticator Assurance Level (AAL) is accumulated by three parameters being;
Authenticator strength when assigning AAL to Authenticators
Strength of enrolment process being processes for suspension, revocation and re-activation
The strength of the Authentication process
When an authentication process takes place using an authenticator, the core recalculates the latest achieved level of assurance for the future session taking the following into account:
The combination of Authenticators that has been applied
The Identification Assurance Level (IAL) of the end-user
The security level of the solution
Every eID is associated with an IAL, initially assigned as part of the registration process and later only changeable through additional registration processes.
Nets’ eID offering provides a high level of flexibility and modularity in terms of how the Authenticators can be used and in how the core can be extended to support new authenticators.
Authenticators can be freely combined, it is possible to decide the exact order of authenticators, and how the core should calculate the resulting LoA. Hereby you get full flexibility to control the authentication flow and user experience, while the core is the guarantor of the security level of the authentication.
Nets has a flexible and modular architecture, which means that authenticators can be smoothly and easily added or removed, and you get a solution that is both secure and future oriented.