U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.


Secure websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to our website. Please do not share sensitive information with us.

This is an archive
(replace .gov by .rip)

SP 1800-17

Multifactor Authentication for E-Commerce: Risk-Based, FIDO Universal Second Factor Implementations for Purchasers

Date Published: July 2019


William Newhouse (NIST), Brian Johnson (MITRE), Sarah Kinling (MITRE), Jason Kuruvilla (MITRE), Blaine Mulugeta (MITRE), Kenneth Sandlin (MITRE)



electronic commerce (e-commerce) security; internet shopping security; multifactor authentication (MFA)
Control Families

None selected


SP 1800-17 (DOI)
Local Download

Supplemental Material:
Web version (other)
Project Homepage (other)

Document History:
08/22/18: SP 1800-17 (Draft)
07/30/19: SP 1800-17 (Final)