Yes. After verification, 1Kosmos can generate a Temporary Access Pass (TAP) code for onboarding into Microsoft Authenticator. We can also generate a Microsoft Entra Verified ID that gets stored directly in the Microsoft Authenticator wallet. Users scan a QR code with Microsoft Authenticator and sign in using the generated TAP code. This integration is optional. You can also onboard users into 1Kosmos Authenticator or any other authenticator in your system.

Reverification uses the verified credential stored in the user's private digital wallet within 1Kosmos' encrypted cloud. PII, documents, and biometrics are hashed and AES-256 encrypted, accessible only by the user through their biometric-unlocked private key. Data resides in a private ledger, eliminating centralized PII honeypots while maintaining audit trails.

Yes. 1Kosmos reverification maintains IAL2/AAL2 compliance using biometric authentication anchored to government-issued credentials verified during initial proofing. The reusable verified credential architecture meets NIST requirements for identity and authentication assurance while preserving privacy through user-controlled, encrypted credentials in private wallets.

Yes. Once a user completes initial verification, their reusable verified credential triggers reverification across any integrated system: IGA platforms, IAM systems, SSO providers, or custom applications. Integration via API and pre-built connectors (Saviynt, SailPoint, Entra ID, Okta, Ping) enables automatic reverification based on events detected across your infrastructure.

Reverification re-confirms a user's identity during lifecycle events or risk triggers without full re-enrollment. Users authenticate with face or fingerprint to unlock their identity wallet, which holds the credential tied to their government ID from initial verification. This proves they're the same verified person without re-scanning documents or manual reviews.

Initial identity verification (IDV) establishes identity through document authentication and biometric capture, creating a verified credential in the user's wallet. Reverification uses that existing credential to re-confirm identity during subsequent events—users authenticate without re-scanning documents. IDV happens once; reverification happens throughout the lifecycle.

Reverification is triggered by lifecycle events (role changes, status updates) or risk signals (suspicious activity, high-value transactions). Users receive a prompt and authenticate with their biometric tied to their verified government ID credential. The system matches it against their private wallet, taking seconds with no documents or admin needed.

Reverification is triggered by lifecycle events (role changes, status updates, privilege escalations, contract renewals, address changes) and risk signals (suspicious login patterns, new locations, high-value transactions, account modifications, anomalous behavior from SIEM or IGA systems). Organizations configure reverification policies based on risk tolerance and compliance needs.