TrustSwiftly meets these high-level NIST 800-63A IAL3 verification requirements directly, offering remote yet supervised ID&V services with chat, document verification, facial recognition with liveness detection and phishing-resistant multi-factor authentication (MFA) and cryptographic authentication.
Identity verification involves associating evidence presented by an applicant with their physical, living person through biometric or other comparison.
Verification Methods
IAL3 authentication from NIST provides maximum protection from impersonation, fraud and identity theft. To meet its rigorous standards it requires on-site or remote supervised verification by an agent, direct observation of enrollee facial images within their identity evidence, matching biometric attributes to claimed digital identities as well as watchlist screening to detect SIM swaps and MFA bypasses.
TrustSwiftly's IAL3 compliant solution provides an efficient and secure digital experience for customers while meeting NIST and FedRAMP High requirements quickly and effortlessly. It eliminates customer friction while meeting FedRAMP High requirements by offering an automated yet fully remote identity proofing process consisting of document verification, biometric comparison with liveness detection capabilities and watchlist screening services.
NIST 800-63A v4 has provided identity systems with an updated framework, featuring requirements tailored to different assurance levels. v4 encourages stronger federation security practices while discouraging SMS-based MFA/passkey methods while simultaneously increasing usability and addressing privacy concerns.
Credential Issuance
Authentication: Employing digital credentials to verify claims about a person and authenticate actions taken in the real world. An identity provider uses a secure process to validate these credentials to ensure that claimed identity matches actual reality.
NIST 800-63A IAL3 update four provides an updated framework with modern requirements for assurance levels (IAL, AAL and FAL), providing organizations with greater granularity when selecting security levels based on business risk considerations and mission objectives.
NIST 80063's highest assurance level is NIST IAL3, requiring on-site attendance with a live agent for NIST IAL3 verification purposes. At this level of proofing an applicant's identity against their real-world identity with strong evidence comparing an applicant's physical attributes against reference images of identification documents used at that particular IAL level.
Step-Up Reproofing
NIST's Identity Assurance Levels (IAL, AAL and FAL) provide tiered indicators of the certainty with which claimed identities match real individuals in the real world. Their purpose is to allow agencies to select an IAL level appropriate for transactions and user populations; under new guidance these levels have moved away from being checklist-driven standards and towards being risk-based frameworks that factor in threats, service impacts and users.
IDEMIA's TrustSwiftly certified passwordless authentication and identity verification platform enables you to reach IAL3 directly by combining superior-strength identification evidence with liveness detection biometric comparisons. The table below details each potential ID&V combination that can reach this IAL3 identity proofing level as well as their validation strength requirements; capture/match biometric capture method helps achieve proofing level as does its phishing resistance protection and man-in-the-middle protection features in IDEMIA Capture SDK providing secure, convenient customer-centric digital experiences that deliver IAL3 proofing proofing level proofing proofing levels securely, conveniently, customer centric digital experiences for users.
Liveness Detection
Although IAL3 doesn't require physical proofing, it is considered more reliable than its predecessor and requires strong liveness detection processes. A CSP must verify an enrollee's liveness by matching facial photos from identity documents with those contained within their enrollment process and validate whether enrollment was legitimate and secure.
Conventional remote NIST 800-63A IAL3 proofing methods involve document authentication - scanning government-issued ID documents to compare their security features with those of an authenticator; biometric verification - such as comparing an enrollee's face against one of the images from their identity document; chat verification, in which an authorized agent interacts with users to ensure liveness and prevent signs of coercion or deception; as well as attestation and an auditable trail of results.
TrustSwiftly helps organizations meet the stringent requirements for IAL2 and IAL3 by offering an end-to-end identity assurance process, featuring device-bound authenticators from FIDO as well as phishing resistance protection from malware attacks. This solution also reduces cyber liability insurance costs as password reset frequency decreases while simultaneously decreasing attack surface area to provide a resilient digital identity environment.
