Where Identity and Access Management Falls Short
Multi-factor authentication (MFA) was supposed to be the answer, but it isn’t working. One time codes, push notifications, and messaging add cost and complexity, but they don’t solve the network access problem. Criminals using compromised credentials still lead successful attacks on Active Directory (AD) and Remote Desktop Protocol (RDP), which are on the rise.
Root Cause:
Most Identity and Access Management (IAM) are decades old and lack identity verification. It’s obvious - we can’t keep putting a checkmark to identity verification for new users and then issue weak credentials by emailing or scribbling a temporary password on a Post-it note.
Problem: Identity verification is manual and error prone with high variability between systems.
Business Requirement: Automatic & digital verification of identity outperforms manual processes with a benchmarked 99.6% Target Accept Rate (TAR) and .01% False Accept Rate (FAR). Standardize onboarding of workers, customers, and citizens to prevent synthetic and stolen identities during account opening (e.g., I9 Employment Eligibility, Know Your Customer mandates).
Solution: Digitally-Verified Identity
Benefits:
- Reduced Admin / OpEx (e.g., Identity Verification)
- Faster Onboarding / New Account Origination
- High Identity Assurance
Problem: Users are issued weak, password-based credentials.
Business Requirement: Verified biometrics secured with public-private keys cryptographically vastly outperform passwords in both security and convenience. Replace passwords with a secure identity wallet and use liveness detection to prevent spoofed artifacts (e.g., photo, 3D mask or deep fake).
Solution: Strong User Authentication with Liveness Detection
Benefits:
- Improved Worker/Customer Satisfaction
- Reduced Risk from Phishing, Fake Accounts and Account Takeover
- Reduced OpEx and Help Desk Workload
Problem: Digital transformation hindered by verification of physical documents.
Business Requirement: Machine verification of personal documents (e.g., drivers license, passport, certifications, health records) significantly improves data accuracy, safeguards privacy and reduces cycle time. Enable tamper evident and trustworthy digital verification of identity documents.
Solution: Reusable Verified Credentials
Benefits:
- Reduced Admin / OpEx
- No need for costly reverification of identity and credentials
- Reduced Fraud
- High trustworthiness, tamper-evident credentials
- Improved business agility
- Faster process cycle times
- Easier onboarding to additional digital services
Problem: Personally Identifiable Information (PII) is incomplete and difficult to manage.
Business Requirement: Blockchain is proven as a superior technology to manage digital property rights without an administrative intermediary. Prevent unauthorized access by replacing centralized honeypots of PII with a private, immutable digital “chain of custody” for identity-related data.
Solution: Privacy by Design
Benefits:
- Cost Avoidance
- Out of the box compliance to privacy mandates (e.g., GDPR, CCPA, CPRA)
- Avoid “friendly fraud” with immutable log / chain of custody
- Reduced Cyber Risk
- Eliminate central “honeypot” of user PII
- Detect fraudulent logins to prevent business account compromise
Modernizing Identity and Access Management
Anchored firmly in a privacy by design framework, 1Kosmos solutions exceed FIDO, NIST 800-63-3, UK DIATF and iBeta DEA EPCS security standards and places users in sole control of their own data, easing compliance to privacy mandates.
Our immutable “chain of custody” provides tamper evident identity verification and reusable verifiable credentials on demand to support user onboarding and authentication as a mission critical function, because the undeniable truth is that workers, customers, and citizens who present stolen or synthetic digital identity credentials represent significant business risks.