...

The second factor or full multi-factor must be issued separately to the Subjects without only using the current single factor credential, i.e. password, in accordance with the REFEDS MFA Profile criteria.<text om två nivåer>

Person-Proofed Multi-Factor (SWAMID P2MFA)

Person-Proofed Multi-Factor with high identity assurance (SWAMID P2MFA-HIA)

Guidance

Processes for issuing and assigning of multi-factor credentials (second factor or full multi-factor) should be documented together with the inital credential issuing in the IMPS, section 5.2.

5.2.1 Issuing a Person-Proofed Multi-

...

Factor

Credential Issuing of second factor or full multi-factor fulfilling the SWAMID Identity Assurance Level 2 Profile MUST be done using one of the following methods

...

Time-limited one time passwords/pins used in 5 & 6 should be valid only as long as needed for postal delivery. By copy in 6 means either a scanned, photo of or hardcopy of the identity card/passport.

5.2.2 Issuing a Person-Proofed Multi-Factor with high identity assurance

...

Credential Issuing of second factor or full multi-factor for fulfilling the SWAMID Identity Assurance Level 2 Profile and with high identity assurance MUST be done using one of the following methods

...