A security architect has been assigned to a new digital transformation program. The objectives are to provide better capabilities to customers and reduce costs.
The program has highlighted the following requirements:
- Long-lived sessions are required, as users do not log in very often.
- The solution has multiple SPs, which include mobile and web applications.
- A centralized IdP is utilized for all customer digital channels.
- The applications provide different functionality types such as forums and customer portals.
- The user experience needs to be the same across both mobile and web-based applications.
Which of the following would BEST improve security while meeting these requirements?
A. Social login to IdP, securely store the session cookies, and implement one-time passwords sent to the mobile device
B. Create-based authentication to IdP, securely store access tokens, and implement secure push notifications.
C. Username and password authentication to IdP, securely store refresh tokens, and implement context-aware authentication.
D. Username and password authentication to SP, securely store Java web tokens, and implement SMS OTPs.
Correct Answer: A