IDentity-as-a-Service (IDaaS) was a hot topic in 2012 (e.g., this blog post of Dave Kearns), and probably will continue to be so in 2013. In a project for and with SURFnet (Dutch NREN) Novay designed a IDaaS-like service to make existing identities more trustworthy: Step-up authentication as-a-Service. (No idea more to abbreviate this: SuaaaS?) The Step-up authentication as-a-Service we designed addresses this need by making it possible to increase the trustworthyness (put differently: increase the level of assurance) of identities in an existing identity federation. The service addresses both the technology and the process/registration side: a second factor authentication and an additional face-2-face check who this digital identity (and second factor) actually belongs to.
From a user perspective, the service has a self-service interface to register a second factor (see mockup below), an interface for the identity providers for user management (see second mock-up below) and of course every time a step-up authentication is needed the user is re-directed to the Step-up authentication as-a-Service to authenticate with this second factor.
Posted by Maarten Wegdam 
