The maker–checker authorization process requires two different individuals to complete a transaction; in the context of OneSpan Authentication Server, this means completing any of the following administrative commands:
- Creating a user account
- Deleting a user account
- Assigning an authenticator
- Unassigning an authenticator
Each command can be configured separately to require maker–checker authorization. If maker–checker authorization is enabled, respective commands are initiated by one administrator (maker) and can only be executed after approval and authorization by another administrator (checker).