Standard authentication NIST SP 800-63 open to hear your opinion since last year. Now listen to process has ended, and documents the real out organizations used the next job.
Major changes in the new version include:
• Add the guidelines for the identification: introduction to biological information such as facial and fingerprint check, and while officials are required to verify that no foreign matter on the part of the body to check for it and accept its presence from afar, such as video calls, presence, but defines the need for continuous presence, agency-side must be real officers interact with the user, the site where their identity must be checked as a kiosk installed in a safe area.
• Knowledge-based verification - KBV Specify to use a question that the user knows. Information that may be obtained from the public, it is prohibited to use, limited to no more than 2 minutes, the KBV time does not change the questions that never answers crook.
• SMS and landline (PSTN) to provide an authentication out-of-band (OOB) in limited applications (RESTRICTED), the agency will use to offer alternatives to more users, informed. using SMS alert users that there are risks and suggest alternatives, outlines the risks of using SMS and email with the OOB is not guaranteed by the documents again.
No comments:
Post a Comment