Overview#Identity Proofing is about a Registration Authority's level Of Assurance of the Entity’s Identification during Credential Enrollment.
Expected Outcomes of Identity Proofing#The only outcome of Identity Proofing is to ensure that the applicant (ie Claimant) is who they claim to be.
As an example, such core attributes, to the extent they are the minimum necessary, could include:
- Full name
- Date of birth
- Home address
One of the challenges associated with Authentication of people (Digital Identity) is while there are situations where this is not required or is even undesirable (i.e., use cases where anonymity or pseudonymity are required), there are others where it is important to reliably establish the association with a Natural Person. For Example include obtaining Health Care and executing Financial transactions. There are also situations where the association is required for Regulatory compliance reasons (e.g., Know Your Customer requirements in the Financial Institutions) or to establish accountability for high-risk actions (e.g., the release of water from a hydroelectric dam).
There are also instances where it is desirable for a Relying Party (RP) to know something about a user executing a transaction, but not know the "true" identity of the Natural Person. For example, in order to maintain integrity of the service, it may be desirable to know the home ZIP Code of a user for purposes of census taking or petitioning an elected official but where it is not necessary or desirable to know the underlying identity of the Natural Person. Identity Proofings provide a method for expressing the level Of Assurance associated with attributes established by the Credential Service Provider during the Identity Proofing process.
The objective of Identity Proofing is to at some level:
- Resolve a claimed Digital Identity to a single, unique identity within the context of the population of users the Credential Service Provider serves.
- Validate that all evidence that is supplied is valid (correct) and genuine (not counterfeit or misappropriated).
- Validate that the claimed identity exists in the real world.
- Verify that the claimed identity is associated with the Legal Person supplying the identity evidence.
More Information#There might be more information for this subject on one of the following:
- Automatic Certificate Management Environment
- Certificate Authority
- Certificate Request Process
- Credential Enrollment
- DNS Certification Authority Authorization
- Derived Credential
- Domain Authorization Document
- Identity Assurance Level
- Identity Proofing
- Knowledge-Based Authentication
- Level Of Assurance
- Public Key Infrastructure Weaknesses
- Registration Authority
- Vectors of Trust
- Web Blog_blogentry_031017_1
- Web Blog_blogentry_040417_1
- Web Blog_blogentry_281016_1