WUH-8.3.1-Sec-06 — Session idle timeout with user-configurable shorter timeout
For application-level authentication, a wallet unit shall define and implement conditions after which user authentication shall again be required, including at least an idle timeout. The wallet unit should provide the user with the option to set the idle timeout to a duration shorter than the default timeout.
| Property | Value |
|---|---|
| Section | 8.3.1 Auth |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-AUTH-02 | JWT Bearer Token Session Management |
Source: ENISA – Security Requirements for European Digital Identity Wallets v0.5