The eIDAS Regulation: A Survey of Technological Trends for European Electronic Identity Schemes

Sharif, Amir; Ranzi, Matteo; Carbone, Roberto; Sciarretta, Giada; Marino, Francesco Antonio; Ranise, Silvio

doi:10.3390/app122412679

Cited by 9 publications

(2 citation statements)

References 9 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The certificate serves as a sign that the identity information being sent from the identity provider to the service provider is from a trusted source. In Single Sign-On (SSO) processes, this identity information is presented in the form of tokens that carry identifying details of the user, such as an email address or username [15,16].…”

Section: Authorization Protocolsmentioning

confidence: 99%

Enhancing JWT Authentication and Authorization in Web Applications Based on User Behavior History

et al. 2023

View full text Add to dashboard Cite

The rapid growth of the web has transformed our daily lives and the need for secure user authentication and authorization has become a crucial aspect of web-based services. JSON Web Tokens (JWT), based on RFC 7519, are widely used as a standard for user authentication and authorization. However, these tokens do not store information about the user’s behavior history. To address this issue, this paper presents a solution to enhance the trustworthiness of user authentication in web applications based on their behavior history. The solution considers factors such as the number of password attempts, IP address consistency, and user agent type and assigns a weight or percentage to each. These weights are summed up and stored in the user’s account, and updated after each transaction. The proposed approach was implemented using the .NET framework, C# programming language, and PostgreSQL database. The results show that the proposed solution effectively increases the level of trust in user authentication. The paper concludes by highlighting the strengths and limitations of the proposed solution.

show abstract

Section: Authorization Protocolsmentioning

confidence: 99%

Enhancing JWT Authentication and Authorization in Web Applications Based on User Behavior History

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Despite this progress, the issues of universal identity cards, privacy and credibility remain a hurdle or challenge. Even though financial institutions can rely on third parties or intermediaries to perform any CDD measures, the ultimate responsibility rests with the financial institution (Sharif et al , 2022; FATF, 2012).…”

Section: Review Of Related Literaturementioning

confidence: 99%

Anti-money laundering and customer due diligence: empirical evidence from South Africa

Gaviyau,

Sibindi

2023

JMLC

View full text Add to dashboard Cite

Purpose The purpose of this study is to examine the South African banks’ customer due diligence (CDD) practices in the fintech era to mitigate money laundering (ML) risks and ensure financial stability. Financial technologies have brought substantial transformations to the financial services sector. However, such technologies have exposed the sector to emerging risks that threaten the integrity and stability of the financial system globally. Before any bank–customer relationship is established, proper customer background checks must be conducted. These background checks enable financial institutions to validate information provided and ensure customers are properly risk profiled. Failure to risk profile customers could result in financial institutions being used as conduits for ML. Undoubtedly, CDD procedures are pivotal to overall anti-money laundering efforts and curbing financing terrorism in a regulatory framework. Design/methodology/approach A qualitative research approach was adopted to address the research questions of the study. Given the confidentiality associated with the financial services sector, data triangulation was used in blending mainly secondary and primary data sources. Secondary data sources used in the study were published reports available in the public domain that were corroborated with subject matter experts’ interviews. Findings Based on the findings of this study, it is concluded that in South Africa, technological solutions have been incorporated into CDD functions, which is now risk-based (enhanced due diligence). Also, legally, South Africa has incorporated the biometrics, integration with Department of Home Affairs and Companies and Intellectual Property Commission databases, customer consent to third-party sources with the Financial Intelligence Centre Act and the Protection of Personal Information Act. Originality/value The shift towards digital banking in South Africa results in increased data and dynamic risk profiling. This study advocates a policy shift requiring a risk-based approach to mitigating emerging ML risks (in particular digital laundering), especially in the wake of South Africa’s recent greylisting by the Financial Action Task Force.

show abstract

Assurance, Consent and Access Control for Privacy-Aware OIDC Deployments

Sassetti,

Sharif,

Sciarretta

et al. 2023

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The eIDAS Regulation: A Survey of Technological Trends for European Electronic Identity Schemes

Cited by 9 publications

References 9 publications

Enhancing JWT Authentication and Authorization in Web Applications Based on User Behavior History

Enhancing JWT Authentication and Authorization in Web Applications Based on User Behavior History

Anti-money laundering and customer due diligence: empirical evidence from South Africa

Assurance, Consent and Access Control for Privacy-Aware OIDC Deployments

Contact Info

Product

Resources

About