WEBINAR: Managing Third-Party Onboarding and Access Governance

The Business Challenge

Employee Eligibility Verification (e.g., I9 in the United States) requires employers to examine and determine as genuine documents that verify the identity of an individual as well as their eligibility for employment.

Many workers have grown accustomed to emailing static images of government-issued identity documents, but this can lead to unintended disclosure at multiple points should either the devices or the accounts with access to the email or storage locations become compromised.

But even with valid documents, the true identity of the person sending the documents from a remote location is not verified through this process.

Because they are not appearing in person, the individual submitting the documents might be different from the person starting work as an employee or contractor. Unfortunately, this happens all too frequently.

The BlockID Advantage

Self service document verification automates workflow and alleviates administrative overhead

The beauty of our system is the users enroll their own identity.  We start by sending an invitation via email or text to install and launch the app, which they use to enroll their biometrics and scan credentials. This process takes less than a minute to complete and does not require IT involvement. 100% automated, instant ID document verification, our fused machine learning technology provides 99%+ accuracy in detecting even the most sophisticated fraudulent documents. And is NIST rated #1 for non-bias race and gender decisioning. 

For existing users, onboarding is simple. Users receive an invite to register for passwordless access, since existing users have already been verified, verification does not need to be completed again. The user will be guided through a quick registration process, after which their existing credentials are eliminated, and they will use our passwordless authentication for access requests going forward.

LiveID biometric matching defies spoofing and ensures a real person is on the other side of the digital connection

To overcome facial spoofing through the use of a photo, video, mask, or a different substitute for the actual face of a legitimate person, we’ve developed “LiveID”, which is essentially a short selfie video. This is matched to the image on a scanned credential, the photo on a driver’s license or a passport, for example, to verify a likeness.

LiveID is a real biometric, not just the phone’s interpretation of someone’s face or finger. This means that any time LiveID is used, it is compared to the biometric captured during the enrollment process.

After enrollment, a liveness test is performed each time a user needs access to online services. When the live test doesn’t match the test performed during the enrollment process, the authentication fails.  The liveness is also used to verify compromised TouchID and FaceID forms of device biometrics.

Digital identity wallet is a reusable verified credential only accessible by and under control of the user

During the onboarding of employees, we create a digital wallet that can be used for more than authentication. The digital wallet will store other types of digital credentials, for example, educational, vocational, or professional certificates that a worker may from time to time need to present on demand. This happens through a digital binding process between the user’s device and target system using a FIDO2 certified private-public key pair.

All information associated with the wallet is encrypted and stored in a private distributed ledger which is based on W3C DID standards with the private key under sole control of the owner, who then determines specifically what information is shared at the time they request access to an online service. This keeps information safe and ready for access when needed.

Privacy by design secures personal information under user control and eliminates threat of data breach
Personal information shared automatically, with consent, eliminating manual data entry

When a worker consents to sharing their information with the human resources department, the data is transmitted automatically to the final destination without ever being in the clear.

We have implemented advanced security protocols and processes in compliance with the strictest standards for handling and retention of sensitive data including GDPR, SOC2, and ISO 27001.

This eliminates any need to email, fax or use SMS messaging to communicate sensitive information and confidential documents, or the information they contain.

Ready to go Passwordless?

Indisputable identity-proofing, advanced biometrics-powered passwordless authentication and fraud detection in a single application.