To reach a higher level of Identity Assurance Level and Authentication Assurance Level per the NIST 800-63-3 guidelines, 1Kosmos BlockID uses several types of claims (or variables), which need to be triangulated many ways by leveraging sources of truth.
The claims used, for example, include the user’s full name, date of birth, address, place of birth, photo ID, phone number, social security number, national ID, etc. To verify the pertinence of a given claim, we proceed to a document verification by leveraging a state or bank-issued document such as a driver’s license, passport, credit card, or social security number, for example.
Finally, to verify that a document is indeed valid and not stolen, and in an attempt to strengthen the level of assurance as required by NIST, we query the appropriate governmental database (e.g., State Department for a passport, AAMVA for a driver’s license), prior to leveraging biometrics chips and liveness tests.
In the example above, a photo ID is triangulated several ways to reach a higher Identity Assurance Level of IAL2.
Step 1: Both the user’s passport and driver’s license are used to validate the user’s name, date of birth and ensure that photos on both documents are a match. Once validated, an IAL1 score is reached. However, this is not satisfactory enough to verify identity. For example, an individual may have stolen both documents and is now attempting to enroll under the name mentioned on the passport and driver’s license.
Step 2: 1Kosmos queries the State Department and AAMVA databases (two sources of truth) to check whether either document is valid, lost, or stolen. We do not rest assured that all is in order until we can certify a user has reached an IAL2 score. To that effect, we leverage extra sources of truth such as the biometrics chip on the user’s passport and a liveness test.
The latter consists of the user following a prompt on his 1Kosmos BlockID mobile application to first blink and then smile. Once validated, the user has reached the higher identity assurance level per the NIST guidelines of IAL2.
Naturally, further sources of truth can be leveraged on top of those used to triangulate this photo ID three ways. Those sources include an employer’s name, a credit card, a bank account number or a loyalty program, among others.