Verification for Identity Level 3 (IAL3) involves additional evidence, validation, and verification requirements designed to protect against impersonation attacks relative to Identity Layer 1 (IAL1). This can be accomplished remotely unattended identity proofing processes or on-site attended identity proofing processes.

Confirmation codes delivered directly to a physical address offer some measure of protection against attacks against identity proofing; however, such methods remain vulnerable to being intercepted by close associates and family members.

Self-service kiosks

Self-service kiosks may not be the most exciting technology to transform digital transformation, but they’re one of the most practical and impactful. Their modular capabilities, rugged durability and integration with systems from licensing and courts to benefits and border control make them powerful tools that enable agencies to deliver services on citizens’ terms while freeing staff to focus on complex or high-value tasks.

Kiosks can also serve as the perfect way to verify IAL3 authenticity. Unlike other forms of proofing, this particular biometric path requires an in-person attended session with a representative from CSP; this process ensures pseudonymity in federated environments. Additionally, kiosks can utilize ID scanners designed specifically for unattended operation.

These scanners can endure thousands of scans each day while offering consistent performance and image quality – plus they’re more cost-effective than consumer devices, freeing up resources for higher value activities such as customer service or line reduction. Moreover, these scanners ease staff burden by automating routine tasks.

In-person proofing agent

Identification and resolution of fraud is a top priority for CSPs and RPs. While resolution, validation, and verification processes exist to protect against many attacks on our systems, new threats continue to emerge that must be mitigated with additional checks and controls such as visual comparison of applicants with evidence; data entry for attributes that require high levels of trust; checking against vital statistics repositories etc.

Additional checks can be implemented either during an on-site attended session, remotely attended session, or an asynchronous process – no matter which proofing method is chosen – to increase confidence in the outcome and decrease time to value for attackers. A visual comparison between an applicant’s facial image and portraits/records associated with evidence or records associated with evidence can provide effective deterrence against scaled and targeted attacks on IAL3 identity proofing processes.

Automated proofing agent

NIST IAL3 verification involves additional evidence gathering, validation and verification processes designed to thwart impersonation attacks and errors than its predecessor IAL1. These enhanced processes include monitoring for scaled and targeted attacks (e.g. fraud, evidence falsification and social engineering), as well as physical or digital interactions – whether remote or personal with proofing agents available to interact directly with applicants.

The Non-Biometric Pathway for IAL3 verifies an individual’s identity by verifying they possess identity evidence or credentials. Additionally, this verification pathway may involve providing them with a confirmation code, visually comparing individuals against evidence, or checking vital statistics repositories.

RPs must be informed about any verification pathway used for IAL3. They can access this information through assertion, API or trust agreement with their CSP. Furthermore, CSP must document its operational procedures for dealing with failures of enrollment and verification as well as trusted referees who can vouch for applicants’ attributes and conditions.

Managed solution

NIST 800-63A IAL3 verification is the highest level of identity assurance. To successfully implement, a trained CSP representative must meet in person with applicants and collect at least one biometric characteristic from them, while also adding measures against impersonation, fraud, or any other types of advanced attacks. Using managed solutions with IAL3 verification ensures your service adheres to NIST guidelines for strong authentication.

Contrasting with IAL1, which permits self-asserted attributes, IAL3 demands linking digital identities with real identities and providing convincing proof such as government documents from authoritative sources or biometric comparison to confirm they belong to living individuals – something Mitek solutions excel at doing.

The platform scans documents to confirm their legitimacy, scrutinizing security features and cross-referencing against trusted databases. Furthermore, liveness tests ensure the user is physically present during verification and allows you to store user data in an incorruptible blockchain that integrates seamlessly with zero-trust security frameworks.