Difference between revisions of "Authentication-levels"
Jump to navigation
Jump to search
| (One intermediate revision by the same user not shown) | |||
| Line 4: | Line 4: | ||
{| class="wikitable" border="1" cellspacing="0" cellpadding="5" | {| class="wikitable" border="1" cellspacing="0" cellpadding="5" | ||
| + | |||
| + | {| style="border-spacing:0;max-width:750px;" | ||
| + | | style="border:1pt solid #000000;background-color: #F0F0F0;"| <center>'''Level'''</center> | ||
| + | | style="border-top:1pt solid #000000;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;background-color: #F0F0F0;"| <center>'''Authentication of persons'''</center> | ||
| + | | style="border-top:1pt solid #000000;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;background-color: #F0F0F0;"| <center>'''Authentication of organizations'''</center> | ||
| + | |||
|- | |- | ||
| − | + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:1pt solid #000000;border-right:1pt solid #000000;"| <center>0</center> | |
| − | + | | colspan="2" style="border-top:none;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;"| User has access to the used email-address. This level is identifying the absence of any further authentication. | |
| + | |||
| + | The regify provider simply checked, if someone clicked the activation link inside of the initializing e-mail. | ||
| + | |||
|- | |- | ||
| − | | | + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:1pt solid #000000;border-right:1pt solid #000000;"| <center>1</center> |
| − | | The user contacted the regify-provider verbally | + | | colspan="2" style="border-top:none;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;"| The user contacted the regify-provider verbally and made his identity credible (social barrier). This can be done by telephone, Skype or other voice systems. |
| + | |||
|- | |- | ||
| − | | | + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:1pt solid #000000;border-right:1pt solid #000000;"| <center>3</center> |
| − | | The user sent or faxed a copy of his identification card to the regify-provider. | + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;"| The user sent or faxed a copy of his identification card to the regify-provider. |
| + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;"| The user sent a copy of the identification card of the manager or a copy of the business registration / certificate of registration. | ||
| + | |||
|- | |- | ||
| − | | | + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:1pt solid #000000;border-right:1pt solid #000000;"| <center>5</center> |
| − | | - The details of the user are checked against a public directory ( | + | | colspan="2" style="border-top:none;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;"| The details of the user or company are checked against a public directory (e.g. call back phone number out of the telephone directory). |
| − | + | Alternatively, the regify-provider already has an existing, attestable long business relationship with the user or organization. | |
| + | |||
| + | The regify-provider personally knows the user (e.g. human resources department). | ||
| − | |||
|- | |- | ||
| − | | | + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:1pt solid #000000;border-right:1pt solid #000000;"| <center>7</center> |
| − | | - The user personally verified his identity to the regify-provider ( | + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;padding-top:0cm;"| The user personally verified his identity to the regify-provider (e.g. personally showing identification card). |
| + | |||
| + | The user is employed by the regify-provider for more than 2 months. | ||
| + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;"| <center>not applicable</center> | ||
| − | |||
|- | |- | ||
| − | | | + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:1pt solid #000000;border-right:1pt solid #000000;"| <center>9</center> |
| − | | The user has been authenticated by a legally accepted authentication procedure like PostIDENT ( | + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;padding-top:0cm;"| The user has been authenticated by a legally accepted authentication procedure like PostIDENT (Germany), Ident.Brief (Austria), Die Gelbe Identifikation (Switzerland) etc. |
| + | | style="border-top:none;border-bottom:1pt solid #000000;border-left:none;border-right:1pt solid #000000;"| <center>not applicable</center> | ||
| + | |||
|} | |} | ||
| − | |||
| − | |||
== how to offer authentication == | == how to offer authentication == | ||
As a regify provider, your software already has all functions available to offer customers authentication. But you need to fulfill the following prerequisites: | As a regify provider, your software already has all functions available to offer customers authentication. But you need to fulfill the following prerequisites: | ||
| − | * Decide about, what | + | * Decide about, what authentication level you want to offer (see list above). |
| − | * Your company's authentication process must get certified by regify | + | * Your company's authentication process must get certified by regify GmbH. |
* You need to support SMS sending (provider option). | * You need to support SMS sending (provider option). | ||
If you have any further questions on authentication or you want to offer, please contact support (AT) regify.com. | If you have any further questions on authentication or you want to offer, please contact support (AT) regify.com. | ||
Latest revision as of 08:52, 26 July 2019
regify supported authentication levels
Today, in addition to no authentication, the available levels are 1,3,5,7 and 9. The remaining levels are reserved for future use. The levels are defined as follows:
| User has access to the used email-address. This level is identifying the absence of any further authentication.
The regify provider simply checked, if someone clicked the activation link inside of the initializing e-mail. | ||
| The user contacted the regify-provider verbally and made his identity credible (social barrier). This can be done by telephone, Skype or other voice systems. | ||
| The user sent or faxed a copy of his identification card to the regify-provider. | The user sent a copy of the identification card of the manager or a copy of the business registration / certificate of registration. | |
| The details of the user or company are checked against a public directory (e.g. call back phone number out of the telephone directory).
Alternatively, the regify-provider already has an existing, attestable long business relationship with the user or organization. The regify-provider personally knows the user (e.g. human resources department). | ||
| The user personally verified his identity to the regify-provider (e.g. personally showing identification card).
The user is employed by the regify-provider for more than 2 months. |
||
| The user has been authenticated by a legally accepted authentication procedure like PostIDENT (Germany), Ident.Brief (Austria), Die Gelbe Identifikation (Switzerland) etc. | ||
how to offer authentication
As a regify provider, your software already has all functions available to offer customers authentication. But you need to fulfill the following prerequisites:
- Decide about, what authentication level you want to offer (see list above).
- Your company's authentication process must get certified by regify GmbH.
- You need to support SMS sending (provider option).
If you have any further questions on authentication or you want to offer, please contact support (AT) regify.com.
