Layered Authentication

layered authentication - Layered authentication describes an identity and access management architecture that requires varying levels of authentication proofs based on the risk of the transaction.

John Madelin of RSA describes this approach on a continuum. High risk transactions may require identity proofs that are tightly tied to a real person, and, because of the risks of identity theft, appropriate only for high risk transactions.

Lower risk proofs, that he calls "pseudonymity", would be where the person provides only reference information, like an account number or a membership ID and not a full proof of identity, would be appropriate for intermediate risk transactions.

At the lowest level of risk, he points out that many transactions can be carried out anonymously, using a cash transaction, from a cash card, for example.

[Category=Geospatial ]

Source: RSA, 18 August 2011 09:14:04, http://www.rsa.com/glossary/