Dealing with complexity

Issues with passwords are well documented and education institutions are not immune to the issues and risks that passwords inject. To compound the security issue, these institutions are some of the most complex environments anywhere. For example, students can be faculty and staff. It’s complex to manage, and even harder when dealing with thousands of users. An inability for these institutions to verify, secure, control, and manage the numerous identity types at scale means when users log in, there is little that can be done to differentiate an actual user from a hacker to truly secure critical systems and data. To properly address this problem, institutions need to determine if a student, faculty member, or employee is real and is who they claim to be.

Identity Proofing and Access Verification

As I said above, it’s critical to know who is trying to access the infrastructure. It’s the first step in the security chain. Traditional IAM and CIAM strategies deployed at these institutions can not verify or validate real people in a meaningful way in the digital world. We have always needed to verify identities, but the need for digital identity-proofing has become clear. Especially now that organizations and institutions across the globe have accelerated their digital transformation due to the pandemic, this needs to be done remotely, accurately, and securely.

Securely verifying identities with an assurance level that meets your requirements adds a new security level to your institution. What I’m proposing is a digital transformation for account enrollment and onboarding. This means automating the onboarding process for your students, faculty, and staff. Transform your current process to an identity verification system that uses advanced biometrics, document scanning, and adheres to several important compliance standards to give you a streamlined and secure identity verification. Once you have a strong verified digital identity, granting access to applications services and data, is more secure because you can bind the identity to the account. This will ensure high identity assurance for every user authentication attempt. In addition, when done properly, it creates a better user experience for your students, faculty, and staff.

Strong Authentication with Strong Identity

Building an identity foundation on strong verified identities opens the door for biometric-based passwordless authentication. You’ll no longer need to verify passwords, you’ll verify people. 1Kosmos BlockID digitally transforms the standard onboarding delivering the highest degree of end-user assurance. This transformation securely automates the entire onboarding process for new and existing students, faculty, and staff.

What makes our approach different is that we bind the device not only to an identity but a verified and validated identity, and store the data in a distributed network. We create an identity-based biometric authentication and a strong passwordless experience. As the student, faculty, or employee enrolls, 1Kosmos BlockID captures their 1Kosmos LiveID through their device’s front-facing camera. The picture captured from the LiveID is validated against the picture extracted from the provided government-issued documents. Their biometric is captured. Now, when a student, faculty, or employee requests access, they will be asked to provide their LiveID which is compared to their LiveID validated at enrollment, and voila, they are granted access without entering a username or password.

Once implemented, your students, faculty, and staff will utilize their trusted device for daily authentication and step-up authentication for account access and high-risk transactions. As a result, each access event is validated against a real, verified identity that meets the KYC (Know Your Customer) guidelines. This provides users with a frictionless experience and your institution with a flexible level of assurance for the identity on the other side of the digital engagement. This approach solves five challenges:

  1. Students will onboard and enroll with a mobile-first experience resulting in verified and validated identities and will have a passwordless experience on campus from day one.
  2. Existing faculty and employees are already verified but can bind their identities to their accounts and start on their passwordless journey.
  3. New faculty and employees will onboard and enroll with a mobile-first experience resulting in a verified and validated identity and a passwordless experience on day one.
  4. Secure remote learning by building high identity assurance access controls for every remote authentication attempt. Granting access to applications, services, and data, is now more secure because you bind the students’ identity to their online account.
  5. Each and every on-campus access request will be completed with high identity assurance. This improves security, by completely eliminating usernames and passwords, removes password-based attacks

Are you looking for a better way to manage identity and want to know more about 1Kosmos BlockID? Check out this short video Contact-Free Authentication for Student Admission. Also, make sure to sign up for our newsletter, where you can stay ahead of 1Kosmos news, events, and product releases.