[Openid-specs-fapi] Strong Customer Authentication vs Authorization

Anders Rundgren anders.rundgren.net at gmail.com
Thu Nov 30 07:06:41 UTC 2017


For those who are into cryptography the following short description of Strong Customer AUTHORIZATION may be of some interest:
https://github.com/w3c/webpayments-methods-tokenization/issues/22#issuecomment-348095164

Strong Customer Authentication is the optimal security solution for "Banking".
Strong Customer Authorization is (IMO) the optimal solution for "Consumer Payments".  This is essentially what the already deployed payment systems do today although the "strength" of the user authorization varies :-)

thanx,
Anders


More information about the Openid-specs-fapi mailing list