Welcome to ID.me for developers! If you are interested in integrating ID.me, you are in the right place. Here we will cover how to get started implementing ID.me.

Identity Verification

ID.me offers comprehensive and easy-to-deploy progressive identity verification solutions to fit your business needs and risk tolerance.

Verification Policies

KBA Replacement
  • Identity verification based on one strong piece of evidence.
  • Available in ID.me branded and hybrid solutions.
  • SSN validation is an optional add on to the KBA Replacement policy.
Learn More
Fortified Identity
  • Identity verification based on two strong pieces of evidence.
  • Available in ID.me branded and hybrid solutions.
  • SSN Validation is an optional add on to the Fortified Identity policy
  • Selfie capture & face match is an optional add on to the ID Document component of Method 1
Learn More
NIST LOA3
  • Defaults to unsupervised remote, online self-serve identity proofing workflow.
  • Relief valve available to users that are unsuccessful verifying the online-self service method depicted above. They will view an option to join a video call to interact with an ID.me Trusted Referee to complete verification via Virtual In-Person Proofing and receive a NIST IAL2/AAL2 credential.
Learn More
NIST IAL2/AAL2
  • Defaults to unsupervised remote, online self-serve identity proofing workflow.
  • Relief valve available to users that are unsuccessful verifying the online-self service method depicted above. They will view an option to join a video call to interact with an ID.me Trusted Referee to complete verification via Virtual In-Person Proofing and receive a NIST IAL2/AAL2 credential.
Learn More

Integrations

These are a set of open specifications and protocols that specify how to design an authentication and authorization system. They specify how you should manage identity, move personal data securely, and decide who can access applications and data. The identity industry standards that we use at ID.me are:

Open Authorization (OAuth) 2.0

An authorization standard that allows a user to grant limited access to their resources on one site to another site, without having to expose their credentials. You use this standard every time you log in to a site using your Google account and you are asked if you agree with sharing your email address and your contacts list with that site.

OpenID Connect (OIDC)

An identity layer that sits on top of OAuth 2 and allows for easy verification of the user's identity, as well as the ability to get basic profile information from the identity provider.

Security Assertion Markup Language (SAML)

An open-standard, XML-based data format that allows businesses to communicate user authentication and authorization information to partner companies and enterprise applications their employees may use.