I AM SPARTACUS
Does your Identity Management System rely on User identifiable information to on-board? Many 2-Factor Authentication methods are self-provisioning, often relying on an email link or mobile number which can be found by social engineering and make Attacker re-instatement straightforward service from the Help Desk Assistant. Note that FIDO type devices have an open specification and if the validation of the Attestation Key is bypassed by User choice, Browser setting or a planted Browser Extension, a forged device succeeds. CASQUE does not need User identifiable information, has no self-provisioning and a CASQUE token cannot be cloned.