Documentation

Identity Verification

ID.me is an orchestration platform, combining best-in-breed verification components with human-reviewers to optimize outcomes for our end-users. The capabilities for evidence based flows are powered by leading component vendors that ID.me dynamically orchestrates to maximize pass rates at a given level of assurance.

ID.me’s menu of turnkey identity assurance options allow customers to configure policies according to the level of risk associated with a transaction. If there are lower risk transactions, you may elect to implement an identity verification flow that requires fewer pieces of identity verification evidence to satify.


KBA Replacement

When to use this policy

Ideal for integrations with low incentive for fraud (e.g., part of the experience has an in-person aspect).

Verification is achieved with one strong piece of evidence - either document or telecom verification.

Essence of Policy

Identity verification based on one (1) STRONG piece of evidence:

  1. Document Upload
    2. OR
  2. Telecom Check


Fortified Identity

When to use this policy

This is best suited for integrations w/ medium/high fraud risk in a commoditized space.

FI is higher-assurance than KBA-R as it is based on two pieces of evidence, versus one. Fortified Identity fills the gap for integrations that have stronger incentive for bad actors but want to limit the amount of friction in the user experience. This is best suited for integrations w/ medium/high fraud risk in a commoditized space.

Essence of Policy

Identity verification based on two (2) STRONG pieces of evidence:

  1. Document Upload
    2. AND
  2. Telecom Check (w/ Liveness Face Match as an optional fallback path)


NIST IAL2

When to use this policy

IAL2 is ideal to increase user adoption, decrease false negatives, and detect fraudulent identities by a malicious applicants. Lastly, this policy has the option to join a video call to interact with an ID.me Trusted Referee to complete verification via Virtual Proofing.

Verification is different than KBA and FI in that it follows NIST digital identity standards. NIST IAL2 limits KBA methods and replaces them with devices and biometrics. This policy introduces the need for either remote or physically-present identity proofing.

Essence of Policy

One piece of STRONG evidence if the evidence’s issuing source, during its identity proofing event, confirmed the claimed identity by collecting two or more forms STRONG evidence and the CSP validates the evidence directly with the issuing source;

OR

  1. Two pieces of STRONG evidence;
    2. OR
  2. One piece of STRONG evidence plus two pieces of FAIR evidence