In theory. In practice, an employee could skip all steps and pretend you concluded the test.
Yes, they could break the rules.
Similarly, a pharmacy expects that you went through a long process with a doctor diagnosing and ordering the medicine.
While following the rules, they could just accept whatever you wrote onto the paper.
See the difference? In one case the security model is reasonable so that it takes an employee cheating / breaking the rules for a bad result. In the other case the security model sucks so an undesirable outcome is possible even if all the security checks are followed.
In theory. In practice, an employee could skip all steps and pretend you concluded the test.
Similarly, a pharmacy expects that you went through a long process with a doctor diagnosing and ordering the medicine.
Yes, they could break the rules.
While following the rules, they could just accept whatever you wrote onto the paper.
See the difference? In one case the security model is reasonable so that it takes an employee cheating / breaking the rules for a bad result. In the other case the security model sucks so an undesirable outcome is possible even if all the security checks are followed.