NIST 800-63-3 provides guidelines for identity proofing and authentication. These standards define three levels of assurance – initial assurance level (IAL), additional assurance level (AAL), and final assurance level (FAL).
At the IAL3 level of assurance, an attended onsite identity proofing session and collection of at least one biometric characteristic is necessary for full protection from more advanced attacks such as fraud, theft, repudiation and social engineering.
What is TrustSwiftly?
Trust Swiftly is a hardware-based remote NIST IAL3 verification solution that meets FedRAMP high requirements while saving money and providing fast return on investment. Unlike any other remote IAL3 process, Trust Swiftly allows agents to connect live during proofing sessions and verify every piece of evidence, including biometrics. In addition, additional verifications such as device checks can also be completed by transferring sessions onto another system.
Customers using our IAL3 process reported seeing fraud reduction of up to 40 percent after adopting it. Key to their success is our ability to authenticate high-strength identity evidence reliably; after IAL3 identity proofing sessions we bind this proofed identity securely with an authenticator such as YubiKey or biometric profile to prevent stand-in fraud.
Our robust IAL3 compliant solution platform is highly adaptable and customizable, featuring 15+ authentication methods to safely approve real e-commerce customers and quickly identify fraudsters. From SMS verification and global ID validation, credit card validation and facial recognition with liveness detection capability all the way to fingerprint and voice authentication; every method ensures authentic users and stops fraudsters quickly.
NIST IAL3 verification
NIST’s Digital Identity Guidelines utilize individual verification levels (IALs) as a tiered approach for evaluating an individual’s verified identity. While IAL1 allows no link with real world identities, IAL2 requires at least two different authenticators, and IAL3 calls for verification by an authorized representative in person.
Traditional in-person proofing processes are costly and slow; they also lack the capacity to scale for remote workforces – often creating security risks and compliance bottlenecks in high-risk applications such as FedRAMP High and data protection initiatives.
Trust Swiftly has developed the only hardware-based and remotely scalable solution for IAL3 verification: our kit allows employees to complete an IAL3 session before returning it with a comprehensive report of the process. Not only does this meet IAL3 requirements; it actively protects privileged accounts against sophisticated threats as well as stopping stand-in fraud by securely attaching the authenticator immediately post verification session.
IAL3 identity proofing
NIST has developed Identity Assurance Levels as a framework to standardize how companies verify identities. These levels determine whether someone claiming digital identities are indeed authentic – the higher an Identity Assurance Level’s score is, the more confident an organization feels about this person being who they claim they are.
Verifying identity for an IAL3 service requires on-site attended identity proofing using verified biometrics and rigorous evidence validation, making this level impossible to achieve remotely. One solution which provides both remote and in-person verification processes could provide the best of both worlds.
Trust Swiftly’s supervised remote identity proofing solution is tailored to help FedRAMP High compliance teams quickly meet IAL3 requirements quickly and effortlessly. We manage retention schedules, provide a hardware-based remote IAL3 verification agent, capture biometrics such as facial recognition with liveness detection, fingerprints and voice, as well as tie them all to a cryptographic token to provide strong protection from SIM swapping or MFA bypasses.
NIST 800-63A IAL3
The NIST 800-63A IAL3 identity proofing and enrollment guidelines require organizations to implement robust processes that balance security, privacy and usability in their processes. They also emphasize a risk management framework that goes beyond enterprise risks to consider potential impacts on missions as well as public trust.
NIST has developed three Identity Assurance Levels (IALs) to assess confidence in an identity claim’s real world association, from IAL1 to IAL3. For higher assurance levels, an Identity Service Provider representative attends an on-site proofing process where evidence such as government ID cards or driver licenses is reviewed in person by CSP representatives.
HYPR’s advanced, comprehensive and passwordless authentication and identity verification platform enables organizations to comply with the high-assurance IAL3 requirements of NIST 800-63A IAL3 . TrustSwiftly FIDO Certified, phishing-resistant authenticators and syncable Passkeys ensure compliance while deprecating SMS OTP as vulnerable methods for authentication. Furthermore, our supervised remote identity proofing solution enables customers to meet these standards either using their own kiosks or our turnkey kits for proofing purposes.
