Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Optional. The applicant may either use his/her own factor, get a factor assigned or buy a factor (token) from the external provider. In the latter case, the applicant may also provide the payment information and delivery address. This may even be as as simple as mere redirection to an external supplier.

If needed, this includes physical sending of the factor (typically a token) and delivery period warranty so that I_ARRANGE_VETTING could be performed (unless C_USE_NEW_FACTOR is required before it). Otherwise ti may involve initialisation of the authenticator application or whatever is is required do that it could be used during the rest of the scenario.

Input: already collected data useful in arranging the supply, as the applicant name or selected factor

Output: latest delivery date, optional deliverer and, ultimately, actual delivered factor

C_USE_NEW_FACTOR (optional) DEFINED IN C

...

  • Creation of a (secret) code to be used at the start of vetting procedure to identify the vetting request or the new factor used during initiation (C_USE_NEW_FACTOR).
  • If e-mail is used for vetting arrangement, get applicant's e-mail address (e.g. from the IdP account data) or from the applicant.
  • Optional location selection and/or scheduling of the vetting appointment, only if the load or the policy of the service (desk) require this.
  • Provide vetting details over e-mail or through the application, with code in text or QR, email validation link, instructions, vetting application link, service desk contacts, address and appointment details, and whatever else is needed.
  • Optional e-mail validation, if e-mail is required for further interaction, and if a valid e-mail address is not already accessible and assured/guaranteed from the IdP data provided upon the previously performed login with the existing factor (C_USE_EXISTING_FACTOR).

Input: information about the applicant factor type and factor instance (if it was available and used) or planned delivery, and applicant preferences/choice for the proofing and verification phase

Output: appointment, code, confirmation data and instructions for the applicant, database record on the appointment

V: Identity Proofing and Information Verification

...

  • Vetting may be rejected and applicant turned back if the applicant is not eligible (any more) or if the queue is too long or the necessary resources, staff or involved key services are not available at this point.
  • Restoring of the information and context established during initiation may include C_USE_EXISTING_FACTOR or use of previously created code to identify the vetting request or the factor used during initiation.
  • If the validity of e-mail address is considered significant, a code or link may be used to make sure that the applicant's e-mail is valid and can be accessed by her.
  • This setting up of the context of the applicant's request may be done by restoring it after the applicant, service or desk operator uses the code issued during the initiation. The code that links the applicant with the original application is particularly useful when the applicant does not possess or know the first factor (which may require V_CREATE_DIGITAL_IDENTITY) and is not able to perform C_USE_EXISTING_FACTOR.
  • If some time has passed since initiation, it may be necessary to perform C_CHECK_ELIGIBILITY again, as the applicant situation with her organisation may have changed in the meantime. This check could be done based on performed C_USE_EXISTING_FACTOR or the verbally provided identifying information, which, in the case of human-to-human interaction may be a softer start of vetting than to immediately demand V_PRESENT_PROOF.

Input: information about the appointment (link or code)

Output: established or retrieved information about the applicant, appointment and factor, or rejection of further actions.

V_CREATE_DIGITAL_IDENTITY (optional)

...

This action should be invalidated if any of the following enrollment actions fails during both vetting and binding phases.

Input: applicant data needed for the IdP

Output: digital identity created with the IdP, possibly with a flag relation and against misuse if the checks fail, the applicant is able to use it during the rest of the process

V_PRESENT_PROOF

The applicant presents proof of identity, typically a sanctioned type of picture ID doc with demographic and biometric data.

...

Optional, if the factor such as token is immediately provided, e.g. by the service desk. Like I_FACTOR_DELIVERY, it can also include an immediate monetary transaction. Recording of handover is probably unnecessary, as the service/operator is in the possession of a proof (obtained with V_PRESENT_PROOF), so there is no risk of an irremediable situation or that the applicant would flee with the factor before C_USE_NEW_FACTOR.

Input: available factor, potentially money covering the costs

Output: factor handover record

V_CHECK_PROOF Local Check of the Presented Proof

...

Making sure that the applicant knows/possesses/inherits the new factor and is able to use it. Or in case of preregistration make sure that all performed actions involving the new factor were with the same instance of the factor, as the used token will be bound to the digital identity. This step should be performed by the applicant and therefore may take some time  to be performed, so could be done by the user in parallel with V_CHECK_PROOF, V_EXTERNAL_CHECK and V_CHECK_LIVENESS. It may be preceded with C_USE_EXISTING_FACTOR it if has not been already performed. This may be avoided if C_USE_NEW_FACTOR was done during initiation.

This may be required if it also includes personalisation of the factor.

V_PREREGISTER_FACTOR (optional) → FIND BETTER WORDING

...

Activate the binding of the digital ID of the user and the new factor. The new factor may need to be unlocked enabled or otherwise modified do so that it can be used in regular authentications. For example, it may be in a state in which it was personalized and populated with all needed data, but still marked as "not activated", which allows authentications with target services to fail even without requiring them to contact the factor issuer or IdP.

...