Edit this page

6. Create and Issue Level of Assurance 2 Credential

This use case describes the process for creating and issuing a credential at Level of Assurance 2 (LOA2). A credential token meets LOA2 when it uses a single factor for authentication (See Authentication use case), mandates a strong PIN or password, and only transmits credential information using cryptographic protection. LOA2 credentials are usually software tokens and are recognized as LOA2 strength only when paired with identity proofing at LOA2, LOA3, or LOA4.

Actors and Systems Key for Images Actors and Systems Key for Images

Pre-condition: An individual has the need for an LOA2 credential.

1. Request Issued The individual requests an LOA2 credential token from a Credential Service Provider (CSP).
2. Request Approved The CSP reviews the individual’s request. If the request is valid, it is approved.
3. Token Established The individual establishes a shared secret.
This will later be used to authenticate the individual. It is commonly a PIN or password.
4. Functionality Verified The individual verifies token functionality through a test system.

Post-condition: Individual has an activated LOA2 credential ready for use.

Click here for a consolidated image of this use case.