CAP-037 — Step-up authentication for high-value transactions¶
| Category | Security & trust |
| Business goal | Not yet linked to a business goal |
| Satisfying module | MOD-068 |
| Mode | GATE |
| BD owner | BD09 Technology |
| Human needed | No |
An additional authentication challenge (biometric, passkey, or OTP) required before executing transactions above a configurable value threshold. Step-up authentication is enforced at the API gateway layer — no high-value transaction proceeds without a freshly-attested identity claim. The threshold is configurable by product type and customer risk profile.