IAL3 compliant solution for the highest level of identity assurance

Identity Proofing Level 3 (IAL3) represents the pinnacle of identity verification, demanding evidence-rich and biometric authentication processes that go far beyond compliance to protect privileged systems from sophisticated threats. A comprehensive IAL3 solution should serve to safeguard both compliance with industry regulations as well as compliance itself.

Traditional in-person IAL3 verification drains budgets, puts employees out of work, and creates logistical nightmares for distributed teams. TrustSwiftly provides a remote solution that minimizes cost and risk while meeting FedRAMP requirements.

NIST IAL3 verification

Identity verification aims to establish a connection between validated evidence of an identity claim and actual physical existence of its subject. This may be accomplished either physically by matching up photographs from strong proof pieces with those taken during identity proofing sessions, or biometrically by matching information on their identification document with biometric features recorded from those present for identity proofing sessions.

At its highest level, NIST IAL3 verification requires physical or biometric comparison with evidence provided by claimant. As this step must take place in person, this method should only be employed for high stakes transactions like entering secure buildings or applying for government benefits.

NIST recently revised their digital identity guidelines, replacing the LOA model with a modular framework of Identity Assurance Levels (IAL), Authenticator Assurance Levels (AAL), and Federation Assurance Levels (FAL). This approach is more flexible, supporting remote identity proofing at higher AAL levels as well as user accessibility - making compliance mandates simpler to meet while decreasing fraud risk and increasing security.

IAL3 identity proofing

NIST 800-63A IAL3 identity verification is the highest level, often required for accessing highly sensitive data or healthcare services regulated by government regulators. It involves attending on-site sessions with trained CSP agents and collecting biometric characteristics from users in order to confirm their true identities - this ensures only authorized people gain entry to systems, preventing against advanced fraud attacks or any other potential threats.

At IAL1, identity assurance level offers the lowest degree of confidence when linking claimed identities to real-world evidence, enabling faster processing times and reduced application rejection rates. At this level, attributes may be collected but not verified and biometric comparison is optional.

TrustSwiftly Verified Identity Platform meets IAL2 requirements by enabling CSPs to compare live images of applicants with those on the provided identity evidence, verify security features, cross-reference trusted databases and cross-check security features for accuracy. Mitek's Verified Identity Platform meets these specifications while also enabling customization of proofing methods according to NIST guidelines, increasing adoption rates while meeting compliance benchmarks.

IAL3 compliant solution

IAL3 identity proofing is designed for use in highly sensitive applications like healthcare, banking and government. Its purpose is to limit highly scalable attacks against synthetic identities while protecting them against attacks that exploit weak identity documents such as biometric capture or binding; furthermore it requires on-site identity proofing by an CSP agent.

The IAL3 process can be conducted on either a kiosk or workstation using TrustSwiftly devices, and images produced can then be compared against an authenticated database of faces to ensure enrollee presence and verify identity in real time. Furthermore, top IAL3 compliant solution also feature liveness detection technologies and face matching to verify enrollee identity.

IAL3 requires CSPs to record which verification pathways were taken and make them accessible to RPs; this step serves as an important deterrence against potential attacks such as SIM swaps or MFA bypasses.

TrustSwiftly

Selling to the US government presents an immense business opportunity; however, meeting FedRAMP High authorization standards requires meeting stringent security controls that go well beyond traditional compliance auditing processes. One such security control is Identity Assurance Level 3 verification - failing to implement such an process could jeopardize compliance audits as well as open doors for potential unauthorized access.

This process seeks to protect against highly scalable attacks involving evidence falsification, theft and repudiation as well as more complex attacks such as attribute assertion - which allows attackers to assume the identity of individuals - using more advanced tactics such as attribute falsification.

TrustSwiftly provides an all-encompassing solution that addresses these difficulties. Their hardware-based remote IAL3 verification process ensures compliance with the highest assurance levels, while remaining scalable enough to keep pace with evolving attacker tactics. They offer one platform to verify users using up to 15 methods such as email, phone call verifications, document ownership verification, ID verifications, selfie liveness tests, micro charges charges and Social Security numbers verifications - with integration into Stripe Radar automatically routing risky transactions for review by TrustSwiftly experts.