...
The second factor or full multi-factor must be issued separately to the Subjects without only using the current single factor credential, i.e. password, in accordance with the REFEDS MFA Profile criteria.<text om två nivåer>
Person-Proofed Multi-Factor (SWAMID P2MFA)
Person-Proofed Multi-Factor with high identity assurance (SWAMID P2MFA-HIA)
Guidance
Processes for issuing and assigning of multi-factor credentials (second factor or full multi-factor) should be documented together with the inital credential issuing in the IMPS, section 5.2.
5.2.1 Issuing a Person-Proofed Multi-
...
Factor
Credential Issuing of second factor or full multi-factor fulfilling the SWAMID Identity Assurance Level 2 Profile MUST be done using one of the following methods
...
Time-limited one time passwords/pins used in 5 & 6 should be valid only as long as needed for postal delivery. By copy in 6 means either a scanned, photo of or hardcopy of the identity card/passport.
5.2.2 Issuing a Person-Proofed Multi-Factor with high identity assurance
...
Credential Issuing of second factor or full multi-factor for fulfilling the SWAMID Identity Assurance Level 2 Profile and with high identity assurance MUST be done using one of the following methods
...