Credential Service Provider

Empower Users to Control Their Personal Information

The 1Kosmos CSP empowers residents with sole control of their information by securing it with a cryptographically paired public-private key architecture.

Only the enrolled resident has access to the private key, which is required to access and share their information at any time and with any online service.

Additionally, the 1Kosmos CSP complies with privacy regulations around the world, including GDPR and the California Consumer Privacy Act (CCPA).

Deploy Self-Service Citizen Enrollment for All

The 1Kosmos CSP enables residents to transact with digital services securely. The CSP can utilize many non-biased modalities for enrolling and authenticating residents, including a web interface, mobile app, appless, and agent-assisted / remote-supervised proofing.

The CSP utilizes identity verification results without human or AI bias for both gender and race. Our approach offers many modalities through which citizens can enroll up to IAL2, including in-person proofing.

The CSP can also verify an unlimited array of identity details, including government issued ID, education qualifications, healthcare data, financial account details, and other third-party machine-readable personal information. This includes underserved, unbanked, thin-file, and no-hit populations.

Build Citizen and Resident Trust Through Enterprise Grade Security

1Kosmos CSP provides an authentication platform to support biometric passwordless multi-factor authentication, eliminating the need to issue weak credentials such as usernames and passwords to residents.

The CSP authentication methods can be integrated into any mobile app via an SDK, delivered through the 1Kosmos app, or implemented as an appless experience. Residents authenticate via any of our methods depending on the risk of the access request.

By implementing 1Kosmos CSP, agencies can deploy any of the available authentication methods including: device biometrics, LiveID, push messages, email/SMS/Tokens, 1Kosmos 1Key hardware token, 3rd party hardware tokens, Windows Hello, and Mac TouchID.

1Kosmos integrates via industry authentication standards such as OAuth, OIDC, SAML, and FIDO with interoperability across Windows, Mac, iOS, and Android operating systems.

Identity Verification

With the 1Kosmos CSP, agencies can prove identity and reduce synthetic identity fraud during new account origination. Our CSP has been certified to NIST 800-63-3 specifications and ensures the legitimacy of new accounts.

Through a superior user experience, 1Kosmos verifies a resident’s identity using their driver’s license, passport, or National ID. The process is completed in minutes with industry-leading accuracy, including certified Presentation Attack Detection level 2 (PAD 2). 1Kosmos CSP supports document verification for over 150 countries.

Based on use case, our CSP can also verify identity at lower levels of assurance using banking, telco (e.g., SIM binding), email, Social Security number, and phone number, among other methods.

The extracted data is used to build a convenient, reusable digital wallet for frictionless biometric MFA and consent-based data sharing. Identity verification can optionally be performed with no data retention.

Utilize a Credential Service Provider (CSP) with Trust

The 1Kosmos CSP is certified to NIST 800-63-3, FIDO2, ISO27001, SOC II Type 2, ISO/IEC 30107-1, and ISO/IEC 30107-3 specifications which are contemporary technical standards designed to ensure security and interoperability for biometric authentication and passwordless access.

The captured PII data is encrypted and secured via public-private key cryptography.

Additionally, the 1Kosmos platform is aligned to US Federal requirements including Privacy Act, Section 508, EO13985 (multi-language), EO14028, OMB M19-17, OMB M22-09, as well as FedRAMP and FIPS.