[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Gap Analysis: use case 23, Mobile Customer Authentication
Owner: Dominique Nguyen, Bank of America This thread is for use case owners or others, on this use case 23, to: · ask questions of the group, or specific members · organize written discussions on the public list · share current thinking or content in mobile, the use of the device in MFA is the distinguishing characteristic device id would be one of the attributes/factors involved such use requires a device registration process (possibly more than one per account) SAML, Oauth seem potentially applicable process flow for the use case should probably include the registration and other process steps Unclear if there is a standard for device registration (profile) Various keywords from the use case (device, secure hardware, registration, MFA). Research required based on those keywords to identify other potentially relevant standards the question was raised as to whether the notion of 'assurance of hardware/device identity' might not have some commonality across the otherwise quite dissimilar realms of mobile and data center (referred to Thomas Hardjono, and Use Case 26) this use case 23 may have applicability to healthcare scenarios, so there might be some relevant healthcare standards, e.g. xspa - saml and ws-trust bindings |
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]