Overview#

Open-Loop Authentication is when the user credential(s) are asserted by a Identity Provider (IDP) to a Relying Party that is not directly involved in the Authentication process.

In contrast, Closed-Loop Authentication is when the same party that provided Credential Enrollment provides the Authentication.

In Open-Loop Authentication a Identity Provider (IDP) issues a cryptographic credential to the user’s device and then is "out of the loop" when the device presents the credential to a Relying Party.[1]

Credentials used in Open-Loop Authentication are typically Public Key Certificates, but could also be U-Prove tokens or Idemix anonymous credentials.

More Information#

There might be more information for this subject on one of the following:

• Authentication Protocol
• Closed-Loop Authentication

---

• [#1] - http://pomcor.com/2013/04/03/closed-loop-vs-open-loop-authentication/ - Retrieved 2013-04-10