Amendment AS06/2007

1. Guide to Authentication Standards for Online Services Standard

Internet-related misuse and abuse of identity

Clause 3.3 (Internet-related misuse and abuse of identity) is hereby amended to replace the words contained in parentheses at line 3 of paragraph 2 as follows:

• “(such as monetary, or information theft through the unlawful assumption of another person’s details)”.

2. Data Formats for Identity Records Standard

PersonInfo container

Clause 6.4.3 (PersonInfo container) is hereby amended to add the following after Figure 6:

• “Note. XML Spy representations may restrict the ability to show all elements e.g. gender, mother’s name, etc in the above diagram, but may be seen in Appendix E”.

Figure 6 is hereby amended to:

• change the titles of the BirthInfo sub-containers from “Birth:nfoE:ment” to “BirthInfoElement”, and “BirthP:ace” to “BirthPlace”.

3. Authentication Key Strengths Standard

Requirements for online services in the Nil/Negligible Risk Category

Clause 6.7 (Requirements for online services in the Nil/Negligible Risk Category) is hereby amended to add the following to the Note

• “Customer experience and/or other reasons may lead agencies to use the same password across the Low and Nil/Negligible Risk categories. In this case, all requirements of Clause 6.8 must be followed even for services in the Nil/Negligible Risk Category”.