What are Authenticator Assurance Levels (AALs)? OCTATCO
News
OCTATCO BLOG

What are Authenticator Assurance Levels (AALs)?

  • by OCTATCO
What are Authenticator Assurance Levels (AALs)?

Authenticator Assurance Levels (AALs) are used to describe the level of assurance or confidence that can be placed in the authentication of a user by a particular authentication system. AALs are defined by NIST in its Special Publication 800-63, which outlines guidelines for digital identity authentication in the United States. The publication specifies three levels of AALs, each with increasing requirements for the strength of authentication.

AAL1 requires single-factor authentication, such as a password or security token. AAL2 requires multi-factor authentication, such as combining a password with a fingerprint or a security key. AAL3 requires multi-factor authentication with higher levels of assurance, such as using a hardware-based security module or a biometric authentication method.

AALs are important for organizations and service providers to determine the appropriate level of security needed for their systems and the sensitivity of the data being accessed. For example, a financial institution may require AAL3 for accessing financial transactions, while a social media platform may require only AAL1 for accessing public content.

Back

OCTATCO Co., Ltd.
Address: 718ho, 54, Changeop-ro, Sujeong-gu, Seongnam-si, Gyeonggi-do, 13449 Republic of Korea
Phone: +82-31-8039-7400

Sales and partnership : sales@octatco.com
Technical support : info@octatco.com

[Personal Information Processing Policy]
[Personal Information Processing Policy - EzAuth]