By enabling the multi-account feature, the Nevis Access App becomes capable of handling and managing more than one account belonging to the same individual. With this, it is possible to register one or more authentication methods for different accounts.
The following picture illustrates the concept in a simplified way:
The user Bob is a customer of the MyInsurance company. Apart from having his private insurance with the MyInsurance company, he also has his work pension fund from his employer with the same MyInsurance company. As he is accessing the pension fund separately from his private insurance, he has two separate accounts registered in the access app: The Work Pension account (B2B) for accessing his pension fund information and the Private Insurance account (B2C) for accessing his private insurance information.
The idioms account and identity are used interchangeably.
The term used in the Access App is account. The app texts and labels visible to the user always uses the word account because it is a less technical and more widely known term.
An account in the context of the Access App represents a combination of the credentials and an identifier which can be used to access a remote service.
Using a multi-identity supported app leads to the following changes in the end user experience:
- Registration: The application creates a profile for each account when the user finished the registration process successfully.
- The first registration flow remains unchanged from the single identity flow. The application automatically takes care of naming the account based on a predefined template.
- From the second registration on onwards, the flow is extended with an account naming screen after successful registration to allow the user to change the name if desired. Account names have to be unique.
- Authentication: In case of authentication, the used account is displayed on the confirmation screen to inform the user.
- Deactivating: Deleting a registration is possible by selecting an account first. All registrations available on the current device of the selected account are deleted together.
Support of Multiple Authentication Methods
An account supports having multiple authentication methods: one account can authenticate using a PIN or a biometric credential (fingerprint, face recognition). If multiple authentication methods are defined for an account, the end user is asked to choose which is to be used each time authentication for the account is required.
When using the PIN authentication method, each account has its own PIN. So, when using a PIN, the credentials are separated across accounts.
When biometric credentials are used, all the credentials can be used for all the accounts defined in the device. This is due to the fact that the biometric credentials are defined at the operating system level. Thus there is no credential separation when using biometric authentication method across accounts.
The Nevis Access App limits the maximum accounts an end user is able to register to five.