The Business Challenge
Demands by residents for contactless services have accelerated the need for digital government services, but rampant identity fraud is impeding digital transformation and costing taxpayers millions. Stopping fraud means blocking synthetic and stolen identities during the application process and securing resident accounts from phishing and social engineering attacks aimed at account takeover.
A Credential Service Provider (CSP) performs identity verification at the time of enrollment and then authenticates identity at first and every access to enable organizations to focus scarce resources on the efficient delivery of online services to the people who are entitled to receive them. By expediting identity verification processes and delivering the security and convenience users expect, agencies accelerate accessible services to legitimate residents.
The 1Kosmos CSP managed service provides modern, low friction, app or appless self-service identity verification (e.g., IAL2) and authentication (e.g., AAL2) anywhere, anytime and on any device with over 99% accuracy. With their identity-backed, reusable credential, residents can readily access multiple sites, applications, and services and then control and securely share their own personal information, simplifying both privacy and compliance management.
The 1Kosmos Advantage
Build Secure Authentication Through Verified Identity
1Kosmos BlockID digitally transforms identity enrollment for citizens so government agencies gain the security advantage they need to defend against phishing and fraudulent activities targeting citizens.
1Kosmos BlockID identity verification can move physical IDs into the digital world to fix this issue. Citizen enrollment appless through a web browser or by downloading a mobile application from Apple Store or Google Play. Next, they enroll their biometrics and scan credentials.
When citizens scan their identity documents (e.g., Drivers License, government issued ID, passport), our solutions capture the front and the “PDF417” barcode on the back, performing real-time ID card detection, classification and validation. For passports, the “MRZ” data is captured – UV, white light, and ink-depth checks are performed, and the embedded RFID chip is read and validated to the issuing authority. The result is verified citizen identity compliant to W3C VC standards.
Portable Digital Identity Using Verifiable Credentials
Build Custom User Journeys to Verify and Authenticate Citizens
The 1Kosmos BlockID platform automates manual identity and credential verification with a secure, rules-based workflow, reducing errors and improving accuracy.
Use cases for verifiable credentials utilize verifiable data registries which include, trusted databases, decentralized databases, government ID databases, and distributed ledgers. Often, there is more than one type of verifiable data registry utilized. This enables government agencies to function as a Credential Service Provider by performing Identity Assurance Level 2 (IAL2) identity verification and issue a digitally signed Authentication Assurance Level 2 (AAL2) credential certified to NIST 800-63-3 standards.
Build Citizen Trust with Enterprise Grade Security
After identity verification and customer enrollment, organizations typically issue weak credentials such as username and password. 1Kosmos BlockID provides an authentication platform to support biometric passwordless multi-factor authentication. Identity proofing can adjust with flexible levels of identity assertion to support the needs of your business and, more specifically, to support the evolving needs of your customers.
1Kosmos BlockID authentication methods are available through our SDK, and can be easily integrated into any mobile app, delivered through the 1Kosmos BlockID app, or implemented as an appless experience. Users will authenticate via any of our methods depending on the business need, the risk profile of the activity, and the security requirement for each access request. By implementing 1Kosmos BlockID, organizations can deploy any of seven identification methods including: device biometrics, LiveID, push message, email/SMS/Token, 3rd party hardware token, and even Windows Hello or Mac TouchID.
Enable a Portable and Private Digital Identity
1Kosmos BlockID digital wallet provides a secure platform for users to verify their identity in a secure, private and convenient way. With 1Kosmos BlockID government agencies can ensure that the person in possession of a digital wallet is the legitimate user to whom it was issued.
To unify the digital wallet, government agencies can account for multiple relationships in real life. Because users control their own identity through the digital wallet, the identity remains singular and therefore simplifies management even though the identity is registered for multiple online services (personas).
With 1Kosmos BlockID, there is no practical limit to the number of personas or accounts a user can have. Users can be enabled for any number of accounts — the platform binds their biometric to a FIDO2 certified credential, providing access to multiple accounts via one consistent experience without the need of a username or password. This is especially useful for governments as they transition services online and look to offer new services in the future.