Re: For Review: Accessible Authentication SC

Hi all

I  wanted to raise from my day job in the financial services that there are a lot of concerns around this SC. Europe and the UK have laws specifying 2 levels of authentication which must be different types for certain digital financial tasks. We are working through aligning these but there is push back as it significantly reduces authentication options. There can also be requirements for time limitations on methods. It would be useful for the understanding document to include some of these examples. Without these financial services and banks are likely to not implement this SC due to security and regulatory requirements. 

I will try to join tomorrow’s call but it may be worth having a separate discussion as this is wider than COGA requirements. 

Abi

Sent from my iPhone

> On 16 Jun 2021, at 12:20, Steve Lee <stevelee@w3.org> wrote:
> 
> CAUTION: This e-mail originated outside the University of Southampton.
> 
> A quick question as I get ready for holiday:
> 
> Is it a cognitive test to have to enter a password when you cannot see
> the characters as you type them? I've been hearing from dyslexic people
> that they want to see the letters they have entered.
> 
> I'm not convinced there is always a strong security benefit to having
> them obscured, at least not when alone at a device. Should a view option
> always be available?
> 
> I'll leave you all with that thought :)
> 
> Steve
> 
>> On 16/06/2021 11:43, Rochford, John wrote:
>> Hi Lisa, Rain, and All,
>> 
>> Alastair has asked us to review our Accessible Authentication SC.
>> 
>> See this GitHub repository specifically for our commentary
>> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fw3c%2Fwcag%2Flabels%2FCOGA&amp;data=04%7C01%7Ca.james%40soton.ac.uk%7C099384ce328a43403d3e08d930b8b9eb%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637594392225332752%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=%2FAhembx7N7wbEue96MYDQu9clVy21f%2BwFngA2xPu9r0%3D&amp;reserved=0>.
>> 
>> I plan to discuss this during Thursday’s call and get consensus about
>> what we want to say.
>> 
>> Reference: Accessible Authentication SC
>> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fw3c.github.io%2Fwcag%2Fguidelines%2F22%2F%23accessible-authentication&amp;data=04%7C01%7Ca.james%40soton.ac.uk%7C099384ce328a43403d3e08d930b8b9eb%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637594392225337743%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=2gxMSM2B7KO%2FwIrnuu9s9%2BYfeR3rT8dcDW4CFhQ6lNQ%3D&amp;reserved=0>.
>> 
>> Has links to Understanding and How To Meet docs.
>> 
>> Lisa and/or Rain: Would you please add this to the agenda? Thank you.
>> 
>> John
>> 
>> John Rochford
>> 
>> University of Massachusetts Medical School
>> 
>> Eunice Kennedy Shriver Center
>> Director, INDEX Program
>> Faculty, Family Medicine & Community Health
>> About Me
>> <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fjohnrochford.com%2F%3Fpromo%3Demail_sig%26utm_source%3Dproduct%26utm_medium%3Demail_sig%26utm_campaign%3Dedit_panel%26utm_content%3Dplaintext&amp;data=04%7C01%7Ca.james%40soton.ac.uk%7C099384ce328a43403d3e08d930b8b9eb%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637594392225337743%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=J5f%2BCmQIVZ36Jlng8YC2jRJk%2BQRrjyIMPhaIU1yHLME%3D&amp;reserved=0>
>> 
>> EasyText.AI <https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Feasytext.ai%2F&amp;data=04%7C01%7Ca.james%40soton.ac.uk%7C099384ce328a43403d3e08d930b8b9eb%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637594392225337743%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=ifPDSPc07055wEn7A5DycKqIezJWp4UWffwh3SIXp7Q%3D&amp;reserved=0>
>> 
>> Schedule a meeting with me. <https://eur03.safelinks.protection.outlook.com/?url=http%3A%2F%2Fbit.ly%2FCallJR&amp;data=04%7C01%7Ca.james%40soton.ac.uk%7C099384ce328a43403d3e08d930b8b9eb%7C4a5378f929f44d3ebe89669d03ada9d8%7C0%7C0%7C637594392225337743%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&amp;sdata=wrzLwB57EPKNxvG0dTodbvnuWzayoq%2BlCDKfWxyjspY%3D&amp;reserved=0>
>> 
>> /_Confidentiality Notice:_//__/
>> 
>> /This e-mail message, including any attachments, is for the sole use of
>> the intended recipient(s) and may contain confidential, proprietary, and
>> privileged information. Any unauthorized review, use, disclosure, or
>> distribution is prohibited. If you are not the intended recipient,
>> please contact the sender immediately and destroy or permanently delete
>> all copies of the original message./
>> 
> 

Received on Wednesday, 16 June 2021 11:37:40 UTC