The Business Challenge
Government agencies are progressively relying more heavily on digital channels to make services accessible to residents, but aside from providing users security and convenience, protecting individuals’ privacy and ensuring equitable access by the under-banked and less privileged residents are driving concerns.
Recognizing these needs, federal agencies must now comply with executive order 14058 to make digital services accessible. State and local agencies are wise to follow, but government portals have become rich targets for fraud using synthetic and stolen identities and compromised user accounts.
Layering message-based MFA on top of antiquated Citizen Identity and Access (CIAM) adds friction and leaves several security vulnerabilities open to exploitation with relative ease (e.g., Phishing, SIM Swapping, SMS bombing)
1Kosmos modernizes CIAM with a convenient, tailorable web or app-based journey for identity verification at registration and then gives users a reusable digital wallet that performs strong authentication at every login from just about anywhere, anytime on any device.
Throughout all steps in the process, personally identifiable information (PII) is protected behind public-private key cryptography that exceeds NIST, W3C and FIDO2 specifications and puts PII under control of the residents using an innovative private, permissioned blockchain, giving agencies consent-based access to their verified identity wallet and digitally signed credentials.
The 1Kosmos Advantage
Digital Identity Verification with 1Kosmos BlockID
Strengthen Security with Verified Identity
Identity verification is only as sound as the credential used. 1Kosmos BlockID Identity proofing technology captures the information in the credential and looks to ensure the document is valid. For instance, 1Kosmos BlockID checks for common characteristics of the document to identify if a photocopy was used.
1Kosmos technology fused AI and machine learning to review over 2,000 unique computer vision data models to verify an ID’s authenticity. Additionally, our OCR technology is able to extract information from an ID and populate customer forms instantly. It can also read and compare the data on an ID’s NFC chip. This system reduces time and mistakes made during user onboarding.
In cases where a visual check of the data is required, 1Kosmos Block ID will work with third parties to validate the captured data and the ID document. Or, if organizations would prefer, 1Kosmos Block ID can activate an API to verify the data from the Country Signer Certificate Authority (CSCA) or from an issuing authority such as AAMVA for US drivers licenses, to validate the document and the data.
1Kosmos Identity Proofing
Automate Remote Identity Proofing for Citizens
1Kosmos BlockID Verify supports repeatable, sustainable and efficient self-service identity verification via browser (appless) or by using a completely brandable mobile application that can be used stand-alone or easily embedded in an existing app via SDK. It can also include agent-assisted verification if required.
1Kosmos BlockID verifies credentials such as driver’s licenses, passports, and government-issued ID cards in 205 countries in accordance with W3C VC standards, with agent assistance if necessary. In addition, our platform complies with GDPR, and SOC2 for handling and retention of sensitive data.
BlockID offers multiple ways to verify identities to enable governments to trust that they are transacting with legitimate citizens. In addition, our solutions are designed and certified to industry open standards to evolve with the needs of our customers.
Empower Citizens to Control Their Personal Information
1Kosmos places users in sole control of their own information by securing information via cryptographically paired public-private key architecture. For added security, 1Kosmos BlockID utilizes a private blockchain to decentralize data, eliminating administrative access to a centralized “honeypot” of information that hackers often target in data breach or ransomware attacks.
The data captured during the document verification process is managed through the citizen’s digital identity wallet. The data is encrypted and stored in a distributed ledger, accessible only via a FIDO2 certified private-public key pair secured in the TPM / Secure Enclave of a device and under the sole control of the user via their biometric. User identity can be secured across multiple devices and since there is no centralized user store, a decentralized approach ensures there is no honey pot of personally identifiable information (PII Data) to secure against the threat of data breach.
Utilize or Become a Credential Service Provider (CSP) with Ease
Credential Service Providers are trusted entities responsible for registration of user authenticators and issuing electronic credentials to users. 1Kosmos offers white-label solutions that can enable a government organization to become a CSP. Subscribers of the CSP – citizens – can use the 1Kosmos identity verification journey and share data with relying parties after giving their consent.
PII information is stored in the user’s identity wallet, and can only be unlocked with consent from the user. Every user is provided with a web-based wallet where information about their identity is stored during account creation. Once a citizen completes identity verification with 1Kosmos, they never need to reach for their government-issued ID’s again.
After the citizens verified credential is created, citizens will share select information with relying parties as and when required and only after explicitly consenting to it.