Description (short summary): This deliverable combines the work described in deliverable D2.1 and D2.2 and defines the common STORK Quality Authentication Assurance framework. This so-called STORK QAA framework includes four levels of authentication assurance and facilitates mapping of national levels and eID solutions onto each other. The four levels are related to the requirements regarding the needed assurance of the user’s identity. The stronger the requirements, the higher the level of assurance will be. The STORK QAA levels contain an organizational and a technical component. Organizational aspects that must be taken into account are the quality of the identification procedure, the process of issuing identity tokens, and the quality of the certification authority. Technical aspects are related to the overall authentication procedure and include the type and robustness of the identity tokens provided and the quality of the mechanisms used for user authentication. Each of these five aspects is individually rated and the weakest component determines the over STORK QAA level for a certain eID. The presented STORK QAA framework allows for mapping of national eID solutions to STORK QAA levels and provides a means for mapping of national levels of different member states onto each other.

Number of pages: 44

ISBN Number: N/A

Description of license: © STORK-eID Consortium

Nature of documentation: Official reports and studies