...
Control | Description | Principles | ||
|---|---|---|---|---|
| 1 | Mobile apps that are used to authenticate Users must be are installed from an authorised and certified source | |||
| 2 | Mobile apps that are used to authenticate Users verify they are installed on a mobile operating system version for which they are approved | |||
| 3 | A given installation of a mobile app is correlated to the signature of mobile device on which it is installed | |||
| 4 | Private keys created on a mobile device for purposes of authentication must be are stored in the device security module | 3|||
| 5 | A biometric gesture is used to authenticate the User | |||
| 6 | A given authentication operation must provide provides proofs-of-authentication that can be verified by a relying party based on a shared public key | |||
| 47 | A given authentication operation must accept accepts an input parameter that uniquely links a given authentication operation to a given consent or consent signature |
...