...
V Do the actual vetting by proofing the applicants identity and verifying identity information
V_RESUME ENROLLMENT
Verify, resume, and potentially update the context established during the initiation, or do the work that shouls have been in it. For example, if the applicant is allowed to come to a service desk, the ceky elements of the initiation still must be performed,
V_CONFIRM_AVAILABILITY The vetting can be rejected if the service desk operator or front or back-end services are not available
...
Output: Authentication successful (yes/no), attributes is needed (e.g. affiliation)
-??
In order to request an additional factor the applicant provides user information.
There are multiple options to realize this subactivity, e.g.: using federated login, e-mail, showing up at an registration desk, etc.
Input: user information (e.g. name, affiliation)
Output: factor request
-??
C_SELECT_NEW_FACTOR
The applicant selects the type of the new factor to be introduced, if there are several options. The offered options may depend of the place of the use, for example a wider set of options may be available during initiation than with a particular vetting the user was directed to at the initiation phase.
There may be different factor (types), e.g. something you know/have/are, the applicant can choose from as well as multiple realization options/products per factor (e.g. Yubikey, Google Authenticator) AKA authenticators.
Input: List of possible factors/authenticators
Output: factor selected/assigned and known/(or) in possession/... by the applicant
...
Optional initial vetting request registration for an additional authentication factor during which the vetting arrangements are made, if needed
Note: * is used as a wildcard. Set the appropriate value which applies to the specific action.1F: may be used to indicate that a specific action refers to the first factor2F: may be used to indicate that a specific action refers to the second factor
C_USE_EXISTING_FACTOR (optional) C_USE_EXISTING_FACTOR (optional) DEFINED IN C
C_CHECK_ELIGIBILITY (optional, requiring C_AUTHNUSE_EXISTING_FACTOR) DEFINED IN C
C_SELECT_FACTOR DEFINED IN C
Optional, if there are several options for factors that may be offered at he the start. may May affect the options to be used during the vetting phase.
I_REQUEST_FACTOR (I_REQUEST Factor Request)
The applicant must also provide the delivery address and perhaps even pay for the factor, handling and delivery service.
I_FACTOR_DELIVERY
Optional sending of the physical factor (typically a token), if such is used, and if this is a part of the provided service
C_USE_NEW_FACTOR DEFINED IN C
Optional factor (token) preregistration/binding, if the applicant is expected to possess a token at the time of registration; alternatively, this is done during the vetting.
I_ARRANGE_VETTING
Optional detailing of vetting, if the e-mail, initiation application or other channel is used for to communicate the a code, appointment details or other relevant information. Includes several steps such as
...
Capture and verify information about a user for identification.
(Optional) V_SCHEDULE Identification session arrangement and scheduling
Schedule an identification session in order to identify the user.
Optional action. Real-time interaction may not be required.
Input:
Output: identity vetting appointment
...
V_PROOF???
Compare the claimed identity (information) which is transmitted by the user or system with user's identity proof (e.g. ID doc, activation code).
...