drasloom
TrustSwiftly patent technology provides a remote solution that meets IAL3 standards while saving money, lowering security risks and satisfying auditors.
NIST 800-63A IAL3 basic structure of IAL, AAL and FAL remains unchanged; however, their requirements have been updated in line with contemporary best practices. For instance, at the highest level of assurance now requires antiphishing methods like FIDO Passkeys as well as officially supporting remote identity proofing.
IAL3 compliant solution
NIST defines Identity Assurance Levels (IALs) as tiered levels of certainty that an identified digital person corresponds with his/her real-world persona, from self-asserted to verification onsite (IAL1-3).
Attaining an IAL3 certification requires performing superior-strength identity proofing, which must involve attending an on-site attended session with a CSP agent, reviewing evidence presented, verifying it for plausibility and biometric capture, as well as making sure there are no faked, stolen, repudiated or otherwise compromised characteristics in an applicant.
HYPR offers solutions that adhere to NIST IAL3 standards, including our FIDO Certified passwordless authentication and comprehensive identity proofing platform, HYPR Affirm. Featuring chat, video, facial recognition with liveness detection and document authentication – as well as step-up reproofing according to risk – organizations can leverage it to reduce cyber liability insurance costs while mitigating advanced threats OTPs or SMS are susceptible to. Furthermore, passwordless authentication reduces cyber liability insurance costs while simultaneously eliminating weaknesses which leave organizations vulnerable against sophisticated attacks or insider threats – thus mitigating advanced threats like OTPs or SMS are susceptible.
Reduce risk of fraud and identity theft
NIST IAL3 verification that ensures high certainty between claimed digital identities and real world identities. This can be accomplished by providing strong identity evidence such as a passport or government-issued photo ID card and performing biometric comparison in person – an in-depth process which ensures only those holding credential can gain access to sensitive transactions – however this should only be applied where identity errors may lead to serious injury.
NIST guidelines outline three dimensions of assurance levels — Identity Assurance (IAL), Authentication Assurance (AAL) and Federation Assurance (FAL). Buyers can tailor these levels according to their business risk; rather than applying one-size-fits-all solutions across all cases. TrustSwiftly allows organizations to achieve IAL2 and IAL3 using chat, video, facial recognition with liveness detection and document authentication technologies – plus step-up reproofing so identities are continuously verified beyond initial verification.
Reduce costs
NIST guidance defines assurance levels (IALs) to measure how confidently verifiers can assess identities provided by credential service providers (CSP). These requirements go beyond mere procedural compliance – they include design safeguards and technical provisions which must be strictly observed.
Recent changes in IAL guidance recognize the rise of sophisticated phishing attacks by deprecating email OTP and downgrading SMS-based authentication, advocating phishing-resistant MFA and including FIDO Passkeys into AAL2 and AAL3 requirements – cementing its place as the gold standard in authentication.
At TrustSwiftly, our comprehensive approach to workforce identity proofing across the full employee lifecycle enables businesses to achieve both IAL2 and IAL3 compliance through multiple methods – chat, video, facial recognition with liveness detection and document authentication are among our many ways of meeting IAL3 compliance. In addition, IAL3 also features step-up reproofing based on risk, significantly reducing operational costs associated with password resets while reducing attack surfaces.
Reduce complexity
The NIST 800-63A IAL3 guidelines offer a core framework for digital identity that encompasses proofing, authentication and federated identity management. Their emphasis on strong phishing-resistant MFA and cryptographic authenticators like passkeys (both device-bound and syncable) makes these recommendations robust while offering adaptable risk management. The guidance also differentiates assurance levels by IAL3 identity proofing, authentication and federation providing more adaptive risk management solutions.
The guidance places special emphasis on verifying credentials at a federated level, mandating that credentials be designed in such a way as to prevent attackers from impersonating relying parties or stealing their credentials or authentication factors. A notable change is deprecating email one-time passwords and downgrading SMS-based authentication due to their widespread vulnerability in modern workplace attacks.
TrustSwiftly offers an IAL3 compliant solution designed to meet NIST requirements using chat, video, facial recognition with liveness detection and document authentication. Furthermore, step-up reproofing based on risk can help organizations reduce cyber liability insurance premiums and operational expenses from less frequent password resets.