The Business Challenge
Citizen identity impersonation is costing governments billions in losses and depriving or delaying delivery of critical services and benefits to legitimate citizens. The move to remote enrollment and claims as a result of the global pandemic has led to a sharp increase in identity-related cyber-attacks and fraudulent activities. Workers are being phished and targeted with ransomware. Fraudsters are stealing benefits intended for those in need.
As a result, government organizations are scrambling to adopt stringent measures to improve security and protect privacy. On the heels of the Executive Order on Improving the Nation’s Cybersecurity issued by the Whitehouse in May 2021 federal agencies are now subject to the Executive Order on Improving the Nation’s Cybersecurity.
Among the many directives for modernizing cybersecurity, the order called out the need to implement multi-factor authentication and advance to a Zero Trust architecture. These issues directly result from an inability to verify identities and their supporting documents. Traditional strategies can not verify identities with high assurance in the digital world as document verification has traditionally been done in person.
The 1Kosmos BlockID identity proofing and verification techniques deliver a quick and convenient way for citizens to self-verify their identity using physical documents such as a government-issued driver’s license or passport. 1Kosmos Block ID can identify if a photocopy or a real document was used by checking for common characteristics of the document. The RFID chip in a passport, for example, can be validated before the data on the passport is verified as accurate.
The 1Kosmos Advantage
Security starts with strong verified identities.
1Kosmos BlockID digitally transforms identity enrollment so government organizations gain the security advantage they need to defend against phishing, ransomware, fraud, and data breach.
Identity verification is only as sound as the credential used. 1Kosmos BlockID Identity proofing technology captures the information in the credential and looks to ensure the document is valid. For instance, 1Kosmos BlockID checks for common characteristics of the document to identify if a photocopy was used.
In cases where a visual check of the data is required, 1Kosmos Block ID will work with third parties to validate the captured data and the ID document. Or, if organizations would prefer, 1Kosmos Block ID can activate an API to verify the data from the Country Signer Certificate Authority (CSCA) or from an issuing authority such as AAMVA for US drivers licenses, to validate the document and the data.
1Kosmos BlockID NIST 800-63-3 platform certification supports remote identity proofing to comply with Know Your Customer mandates.
Because the 1Kosmos platform is FIDO2 and NIST 800-63-3 certified, it provides certified Identity Assurance Level 2 (IAL2) and certified Authentication Assurance Level 2 (AAL2).
1Kosmos BlockID verifies credentials such as driver’s licenses, passports, and government-issued ID cards in 150 countries in accordance with W3C VC standards, with agent assistance if necessary. In addition, our platform complies with GDPR, and SOC2 for handling and retention of sensitive data.
BlockID offers multiple ways to verify identities to enable governments to trust that they are transacting with legitimate citizens. In addition, our solutions are designed and certified to industry open standards to evolve with the needs of our customers.
Privacy by Design
The data captured during the document verification process is managed through the citizen’s digital identity wallet. The data is encrypted and stored in a distributed ledger, accessible only via a FIDO2 certified private-public key pair secured in the TPM / Secure Enclave of a device and under the sole control of the user via their biometric. User identity can be secured across multiple devices and since there is no centralized user store, a decentralized approach ensures there is no honey pot of personally identifiable information (PII Data) to secure against the threat of data breach.