Advanced Topic: Authenticator Assurance Levels

What are authentication assurance levels?

Authenticator assurance levels (AAL) are a NIST standard that assess the degree of confidence and trust in an authentication.

Why are authenticator assurance levels important?

Authenticator assurance levels determine the strength of the authentication and level of security assurance provided by different authentication methods. There are three levels:

  • AAL1: Little to no confidence in the asserted identity's validity. Simple, phishable authentication methods.
  • AAL2: Moderate level of confidence in the asserted identity. Stronger authentication processes, including MFA.
  • AAL3: Highest level of assurance in digital identity. Multiple phish-resistant authentication factors used, including a hardware based authenticator.

Beyond Identity and authenticator assurance levels

Beyond Identity's MFA solution meets AAL3 level standards. Our hardware bound authenticator leverages cryptographic keys for authentication, and meets advanced phish-resistant configuration such as verifier impersonation resistance.

AAL3 is a crucial part of a zero trust architecture. Check out our zero trust assessment for a full analysis on your authentication and device management practices and how to reach an optimal level of zero trust.

Experience MFA done right

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.