Report Remote vetting for SURFsecureID
There are several ways to establish the identity of a user remotely without the user having to physically visit a service desk. We have researched various solutions with all their advantages and disadvantages. In 2020, we will organise a proof of concept to see how we can integrate them into SURFsecureID.
Different solutions
There are several solutions to verify the identity of the user remotely or online. We call this remote vetting. report remote vetting for surfconext strong authentication (2017) describes a number of solutions for this, whereby for each solution the pros and cons are considered. Different criteria are used. The report still mentions SURFconext Strong Authentication; instead, you can read SURFsecureID.
The NFC app and iDIN are the best choice
It follows from the report that the NFC app and derived authentication with iDIN come out best. With these 2 solutions, the intended user scenarios (remote and bulk deployment) can also be realized. Both solutions offer a good alternative to the current SURFsecureID desk process. SURFnet will therefore continue to investigate how these two solutions can be integrated into SURFsecureID.
Follow-up study with new method: IRMA
In 2019 we commissioned a subsequent study. This study includes a new method: IRMA, which stands for I Reveal my Attributes. We investigated how NFC, iDIN and IRMA can be included in SURFsecureID. In 2020 we will create a proof of concept implementation to test these methods.