3.2.3 PID Deletion¶
This flow describes the PID deletion process.
Design Decision¶
The PID deletion is triggered either because the user specifically wants to delete its PID or all of the WI's data or because the user blocked or forgot its RWSCA-PIN. In both cases, the UI shall clearly communicate the consequences:
- the PID credential is deleted
- the user to set-up a new RWSCA-PIN
- the user has to get the PID re-issued, e.g. using the eID Card, before any identification using the PID
The WI first deletes it's Remote WSCA account using Delete Account operation and then deletes all local data associated to the PID in the WI.
Data Flow¶
This section describes the data flow of the PID deletion in a sequence diagram and a more detailed table. Artifacts in italics are further explained in the data register chapter
Sequence Diagram¶
Detailed Description¶
| No | Description |
|---|---|
| 001 | The user clicks/triggers to delete its PID. The UI should communicate the user the impact and consequences of this operation. |
| 002 | The user consents to delete the PID. |
| 003 - 005 | The WI requests the Remote WSCA Delete Account operation authenticating only with the possession factor that was established during Create Account operation. The Remote WSCA deletes all data related to the account rwsca_account_id from its RWSCA Account Database, including the two-factor authentication public keys and the RWSCA-PIN retry counter. The Remote WSCA responds and acknowledges the deletion of the account. |
| 006 | The WI deletes all data related to the PID and the RWSCA account, this includes:
|