Another important application developing as part of Blockchain 3.0 is blockchain governance; that is, the idea of using blockchain technology to provide services traditionally provided by nation-st...
The Business Challenge
In the wake of escalating data breaches and ransomware attacks, federal agencies are now subject to the Executive Order on Improving the Nation’s Cybersecurity. Among the many directives for modernizing cybersecurity, the order called out the need to implement multi-factor authentication and advance to a Zero Trust architecture.
Rampant unemployment fraud related to COVID relief at the state level has also made citizen identity proofing an imperative for the delivery of online services. Not to be excluded, municipalities and public utilities increasingly find themselves the target of ransomware and data breach.
The 1Kosmos identity-based authentication solutions are delivered as secure cloud services to eliminate passwords and deliver a next generation in multi-factor authentication to support the movement toward zero trust.
Our products use advanced FIDO2 and NIST certified biometric authentication to perform citizen identification, eliminate passwords at login, and secure personal information through a decentralized identity architecture, delivering the very highest level of security without compromising privacy.
The 1Kosmos Advantage
Adopt a Zero Trust Approach With Passwordless, FIDO2 Biometric Authentication
The Zero Trust security model views trust as a vulnerability and strives to re-establish trust in users and devices through authentication and continuous monitoring of each access attempt, with custom security policies that protect every application.
Among the many elements of Zero Trust, identity verification lies at the core. This is because understanding what access is being requested, where the system is located, when the user needs access, and why the access is requested all start with the login. When the login is secured to prevent unauthorized access, all that follows becomes more manageable.
Our approach uses a digital identity created during user onboarding to perform a FIDO2 certified passwordless authentication. Because our platform is also certified to the NIST 800-63-3 guideline, it provides certified identity assurance level 2 (IAL2) and authentication assurance level 2 (AAL2). 1Kosmos BlockID is the only authentication platform certified to both standards.
At any claim of identity (e.g. login), user biometrics are verified and matched to the identity-proofed biometrics captured at enrollment (employee, contractor, partner, or citizen).
We support a TouchID, FaceID, or LiveID™, which is essentially a short selfie video. At enrollment, this is matched to the image on a credential, for example, the photo on a driver’s license or a passport, to verify a likeness.
LiveID compares the live selfie to the biometric captured during the enrollment process. This verifies that the biometric traits of an individual each time they request access match the test performed during the enrollment process. This does not require any new hardware at the edge.
Use One Citizen Identity Across Multiple Services
Citizen IDs lie at the heart of societies, allowing individuals to prove their identity in person to access services, receive entitlements and more. But what about doing this online? Physical IDs are mature, digital IDs are immature by comparison. Also, with the recent COVID pandemic, fraudulent activities have skyrocketed because agencies have difficulty validating identities online.
Citizen enrollment starts by downloading a mobile application from Apple Store or Google Play. Our mobile app can be white labelled or embedded via API / SDK into an existing app. They enroll their biometrics and scan credentials. This process takes less than a minute to complete and does not require support.
When a citizen scans their identity documents (e.g, Drivers License or passport), we’ll scan the front of a driver’s license and the “PDF417” barcode on the back, performing real-time ID card detection and classification. For passports, we’ll read the “MRZ” data, perform UV, white light and ink-depth checks, and scan the embedded RFID chip. The result is verified citizen identity set to W3C VC standards.
Use FIDO2 Certified Biometrics for Next-Generation MFA
LiveID binds the live selfie with a FIDO2 certified encrypted private-public key pair to form a next-generation multi-factor authentication solution.
Our approach to privacy and security helps ensure anyone accessing systems or data is validated with strong FIDO2 authentication. Because biometric authentication is easy to use, every user and every access attempt can be verified with minimal friction.
We use the Trusted Platform Module / Secure Enclave of a device (what you have) and a live biometric (what you are) to perform next-generation multi-factor authentication. In terminology familiar for Strong Customer Authentication, the device becomes the “possession element” and the biometric the “inherence element”. We provide certified authentication assurance level 2 (AAL2).
Our solutions offer a high degree of interoperability via API / SDK and are easily integrated with just about any operating system, SSO gateway or web-enabled system, enabling organizations to go passwordless with flexible levels of identity assurance on any target system and eliminate the need for 3rd party 2FA, one-time codes, and other external authentication devices.
Provide Strong Customer Authentication to enable NIST Compliance
Our approach uses a digital identity created during user onboarding to perform a FIDO2 certified passwordless authentication. Because our platform is also certified to the NIST 800-63-3 guideline, it provides certified identity assurance level 2 (IAL2) and authentication assurance level 2 (AAL2). 1Kosmos BlockID is the only authentication platform certified to both standards.
We verify credentials such as driver’s license, passport and government-issued ID cards in 150 countries in accordance with W3C VC standards, with agent assistance if necessary. In addition, our platform complies with GDPR, SOC2, and ISO 27001 for handling and retention of sensitive data.
We offer multiple ways to verify identities to enable businesses to trust that they are transacting with legitimate individuals who are who they claim to be. Our systems are specifically designed and certified to industry open standards to evolve with the needs of our customers.
Insights
Learn how Indisputable Digital Identities are Created with Biometrics and a Blockchain
Biometrics are well-established as the leading technology for strong authentication. Many serious security systems use biometrics to verify user identity.
What Is Facial Recognition?
Facial recog...
What Is Facial Recognition & How Does It Work?
In today's terminally-online age, fraud is a growing and ever-present concern for businesses.
Why is fraud detection important? Because successful fraud attempts can cost businesses significantl...
What Is Fraud Detection? [Definition & Prevention]
Hackers attack computer systems to steal information. Some of the most important types of information they can steal are access credentials like usernames/passwords or PINs.
Why is credential ac...
What Is Credential Access?
Ready to go Passwordless?
Indisputable identity-proofing, advanced biometrics-powered passwordless authentication and fraud detection in a single application.