To transact at a higher assurance level during an already authenticated session may require a stronger credential; that is, to step up the credential strength by submitting an additional or stronger credential. It is a design decision that favours ease of user access over strongest possible authentication at initial logon time.