Overview#LOA 2 Confidence exists that the asserted Digital Identity is accurate within the context.
Perhaps an email verification was used.
LOA 2 provides single factor remote network authentication. At LOA 2, identity proofing requirements are introduced, requiring presentation of identifying materials or information. A wide range of available authentication methods can be employed
LOA 2 allows any of the token methods of LOA 3 or LOA 4, as well as passwords and PINs. Successful authentication requires that the claimant prove through a secure authentication protocol that he or she controls the token. Use of a Secure connection to prevent Eavesdropper, replay, and on-line guessing attackers are prevented.
Long-term shared authentication secrets, if used, are never revealed to any party except the claimant and verifiers operated by the Credential Service Provider (CSP); however, session (temporary) shared secrets may be provided to independent verifiers by the CSP. Approved cryptographic techniques are required. Assertions issued about claimants as a result of a successful authentication are either cryptographically authenticated by relying Parties (using Approved methods), or are obtained directly from a trusted party via a secure authentication protocol.
LOA 2 used frequently for self service applications.