How Online Identity Verification Works

Online identity verification solutions are fast and easy to verify someone’s ID without requiring documents to be supplied in person.

What is online identity verification? Online identity verification is a process that uses scanned documents, photo identification cards, or government-issued IDs to verify someone’s identity and to make sure the person is who they claim to be.

What Is Online Identity and Why Does It Need Verification?

Digital or online identity is one of the more critical frontiers for security, compliance, and commerce today. Official identity documentation with photography-based verification and several approaches to determining the veracity of documentation (watermarks, imprints, etc.) have been the standard for most purposes.

Modern digital technologies have introduced new challenges to this problem:

  • User Accounts and Hacking: Many organizations use digital accounts and associated credentials as a form of identity verification. Problematically, if these accounts are compromised, all connected personal identifiable information can be used to access information with little or no friction.
  • Liveness: Following from the previous item, most digital accounts don’t employ any means to ensure that the person accessing an account at a specific moment is the user and not a third party. Authentication-based approaches like token security or one-time passwords can only provide so much certitude that the present user is the account owner.
  • Fraud Prevention: Once an individual creates an account, there is no guarantee that the account will be used for legitimate purposes. This isn’t a big deal in some cases—anyone can create an email account with little worry of breaking specific laws. In other contexts, however, like banking and finance, stringent onboarding is an absolute necessity to help prevent fraud (and meet compliance requirements).

Therefore, online identity is much more involved and important than managing user accounts and authentication. Online ID is the next stage in creating legitimate, robust, and useful identification to address the issues of system access, liveness, and fraud. The best online IDs function as digital ID cards for use in various applications.

How Does Online Identity Verification Work?

While managing online identities is important, it can also prove incredibly difficult. Online, decentralized technologies have long operated under the assumption of pseudo-anonymity, and the lack of in-person encounters in many transactions makes identity verification a challenging prospect.

The key purpose of online identity verification is to ensure that the person behind an account or interaction is who they say they are. To ensure a user identity, identity solutions use a combination of approaches:

  • Identity Proofing: The practice of identity proofing requires users to provide one or more forms of identity (typically official documents, photographic identification and, in some cases, in-person interaction with an agent) that is used to onboard that customer.
  • Biometrics: Biometrics like fingerprints, facial recognition, or iris scans can not only authenticate the user but also verify their physical presence. Combined with liveness testing, these biometrics can ensure with high levels of certainty that the correct user is present at the point of access or onboarding.
  • Document Verification: Many verification platforms will allow users to present or scan official documentation (like a passport or driver’s license) and check it against their database. Advanced tools like photo recognition can make these platforms as accurate as a human verification agent.
  • Tokens or OTPs: While not as secure as the above verification methods, tokens and one-time passwords will, in theory, verify the presence of a user by assuming that they, and only they, have physical access to a device or email account.

However, not all solutions are the same as most are applicable to specific industries and regulations. Selecting a verification solution will follow the requirements of your given industry.

What Are Online Identity Verification Regulations?

There is a reason that many companies offering online goods and services don’t employ identity verification: they aren’t required to do so. Secure authentication and IAM capabilities are often deemed sufficient.

However, in other industries, having a clear knowledge that a user is who they claim to be is critical and necessary. Following this, there exist several compliance requirements and standards in place to address these situations:

  • Know Your Customer: Following the enactment of the Patriot Act, Congress gave organizations in the financial services industry additional responsibility over ensuring that customers are who they say they are. As part of larger-scale anti-money laundering efforts, KYC calls for document and ID verification for in-person and online banking transactions.
  • Identity Assurance Levels: National Institute of Standards and Technology Special Publication 800-63-3 defines several levels of identity verification, rated by increasing levels of rigor. These methods, at higher levels, call for users to provide several official forms of identification and verification in tandem, each of which are validated by an alive person or a sufficiently advanced platform.

IAL regulations are actually standard in sensitive government applications. Still, more and more enterprise users are turning to this standard to support ID verification for secret data or remote workers accessing critical systems. IAL breaks down verification requirements into three levels:

  • IAL1: An organization isn’t required to proof applicants at any time.
  • IAL2: Organizations can perform in-person or remote identity proofing with a collection of significantly strong evidence as to the user’s identity. The organization must validate the evidence at a level commensurate with the evidence (authenticating official documents, using agents to verify a user against the evidence, etc.).
  • IAL3: IAL3 adds to IAL2 the requirement of presence validation (physical or remote interaction with the user supervised by a verifier), address confirmation, and required biometric authentication.

Empower Onboarding and Authentication with 1Kosmos

Online identity verification can bring an additional level of security and trustworthiness to an enterprise authentication system. Even for those organizations without regulations requiring identity verification, having such technologies in place can help protect critical information from unauthorized disclosure.

However, that kind of verification shouldn’t get in the way of the user experience. Modern authentication and identity verification systems combine tools like integrated biometrics, liveness testing, and streamlined user experience.

1Kosmos provides a modern, secure identity management and authentication solution with the following features:

  • Identity Proofing: BlockID includes Identity Assurance Level 2 (NIST 800-63A IAL2), detects fraudulent or duplicate identities, and establishes or reestablishes credential verification.
  • Identity-Based Authentication Orchestration: We push biometrics and authentication into a new “who you are” paradigm. BlockID uses biometrics to identify individuals, not devices, through credential triangulation and validation.
  • SIM Binding: The BlockID application uses SMS verification, identity proofing, and SIM card authentication to create solid, robust, and secure device authentication from any employee’s phone.
  • Integration with Secure MFA: BlockID readily integrates with a standard-based API to operating systems, applications, and MFA infrastructure at AAL2. BlockID is also FIDO2 certified, protecting against attacks that attempt to circumvent multi-factor authentication.
  • Cloud-Native Architecture: Flexible and scalable cloud architecture makes it simple to build applications using our standard API, including private blockchains.
  • Privacy by Design: 1Kosmos protects personally identifiable information in a private blockchain and encrypts digital identities in secure enclaves only accessible through advanced biometric verification.

Make sure to sign up for the 1Kosmos newsletter to stay informed on company products and events. Also make sure you are educated about digital identity and passwordless security with our whitepaper A Journey to Passwordless Authentication and Digital Identity Proofing.

Overcoming Resistance to Change on the Journey to Passwordless MFA
Read More
Meet the Author

Javed Shah

Former Senior Vice President Of Product Management

Javed has spent his entire twenty year career designing and building blockchain and identity management solutions. He has led large customer facing pre-sales teams, led product management for identity management platforms like the ForgeRock Identity Platform and the ForgeRock Identity Cloud. Javed has an MBA from UC Berkeley.