HYPR's comprehensive identity verification platform enables organizations to meet NIST 800-63 requirements, such as IAL3 verification. This results in reduced cyber liability insurance costs, decreased operational expenses due to fewer password resets and an overall reduced attack surface.
NIST SP 800-63-4 outlines three assurance levels: Identity Authentication Level (IAL), Authentication and Authorization Layer Levels (AAL and AAL2) and Federation Assertion Strength Level (FAL). In addition, this updated framework modernizes requirements to include phishing-resistant authenticators like FIDO passkeys for identity authentication level 2 (IAL2) remote identity proofing as part of identity proofing for AAL2 and AAL3, and subscriber controlled wallet integration at levels AAL2 and AAL3. Together this update provides more nuanced risk management with improved flexibility.
NIST IAL3 Verification
NIST Special Publication 800-63 is an essential framework for verifying identities and validating credentials used by users to gain access to systems and applications. Its latest revision, 4, is an important change that marks a transition away from checklist-driven requirements toward risk-based Digital Identity Risk Management (DIRM). The fourth edition provides assurance levels for identity proofing, authentication, federated identification that allow organizations to tailor security according to threat scenarios, business risks, user populations or user populations.
First, organizations need to identify what business risks need protecting and select assurance levels to address those risks. There's no rule that says each level must match up exactly; lightweight identity proofing (IAL1) could work alongside strong authentication (AAL), when appropriate.
TrustSwiftly's HYPR Affirm solution assists IAL3 compliance through remote but supervised identity proofing with chat, video and facial recognition - including liveness detection - document verification and cryptographic authentication to increase phishing resistance and man-in-the-middle protection, document authentication as well as flexible reproofing processes based on risk to reduce impersonation attacks.
NIST IAL3 Compliance
NIST's ial3 verification Guidelines address fraud, secure data, and ensure access to digital services. The framework offers Identity Assurance Levels (IALs), which indicate your level of confidence that a claimed digital identity matches up with real world evidence; with IAL1 being minimal; self-asserted information being enough; while IAL3 requires physical presence either directly or remotely supervised remote.
Nist 800-63-4 ial3 compliance demands the highest levels of certainty when verifying enrollee identity, such as physical observation of face and documents as well as direct observation with liveness detection technologies or document authentication methods. Furthermore, this standard mandates phishing-resistant multifactor authentication as well as using FIDO Passkeys which create device-bound passwordless authentication as the gold standard.
Traditional in-person identity verification methods can be costly and inconvenient for remote workforces. Trust Swiftly's cost-efficient remote ial3 identity verification software meets NIST IAL3 requirements with user-friendly functionality - our unified platform enables continuous adaptive verification that saves organizations money and meets NIST 800-63-4 requirements.
FedRAMP High Identity Proofing
NIST SP 800-63-4 offers a new approach to identity proofing, replacing the three-prong approach of Identity Service Providers' (ISPs), AALs and FALs with Federated Assurance Levels (FALs). Each FAL represents an increment in confidence in assertions made from one ISP to a relying party; this ensures they can make informed risk decisions when authorizing access based on a federated authentication event.
An ambitious target, fedramp high identity proofing can often prove more time and resource intensive than Moderate or Low. With its stringent security requirements and rigorous assessment process requiring significant investments of technology and personnel. But attaining FedRAMP High gives access to exclusive federal markets while showing you adhere to security best practices.
TrustSwiftly is a FIDO certified passwordless authentication and ID verification solution, helping organizations meet NIST SP 800-63-4 guidelines through remote yet supervised IAL3 identity proofing through chat, video streaming and facial recognition with liveness detection capabilities. This reduces highly scalable attacks while protecting against synthetic identities and decreasing cyber liability insurance costs.
NIST IAL3 Security
Trustswiftly's comprehensive solution makes ial3 identity proofing simple. To complete the IAL3 process, applicants must present strong identity evidence such as passports or national ID cards that have been verified; at least one biometric must also be captured with robust controls that prevent spoofing and replay attacks on captured biometrics.
IAL3 also mandates interaction between an experienced CSP representative and applicant during either an on-site attended or remote identity proofing session to prevent more sophisticated attack methods such as faked/stolen evidence, repudiation tactics and social engineering strategies from succeeding.
At their core, the new NIST 800-63-4 identity guidelines - with their emphasis on extensive verification, high-assurance authentication, and secure federated identities - are indispensable to any organization looking to protect its digital assets. Implementation of these standards helps organizations lower cyber liability insurance costs, operational expenses, and risks; while NIST has also revised their framework to include modern requirements for IAL, AAL, and FAL levels of assurance with greater granularity that enable organizations to tailor them according to specific business or technical needs.