You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The intent is to be able to distinguish individual users.
In fact, If we enroll multiple fingerprints of family members to the authenticator (device), the authenticator never identify the each users. But, this sentence may mislead to readers that the authenticator can distinguish or identify the users.
It is more like the process that checks the user's authority to register the credential or authenticate with the credential.
The text was updated successfully, but these errors were encountered:
It is true that authenticators might allow registering several people's fingerprints to the same account, for example, but I'd argue it's still true that the intent of UV is to distinguish individual users. Also, multiple people could very well share the same "user" account at an RP anyway. I don't think we really need to change anything here.
On second thought, maybe we should acually define the term "user". Then that definition could point out that a user could be one or more physical persons.
The description of User Verification includes following sentence.
In fact, If we enroll multiple fingerprints of family members to the authenticator (device), the authenticator never identify the each users. But, this sentence may mislead to readers that the authenticator can distinguish or identify the users.
It is more like the process that checks the user's authority to register the credential or authenticate with the credential.
The text was updated successfully, but these errors were encountered: