Overview#Identity Proofing the function of collecting evidence (Identity Attributes or Identity Documents) which supports a claim of Identification for a specific entity and the validation and verification of that evidence so as to determine the veracity (or otherwise) of the claim.
Identity Proofing typically, is a process in which a entity provides evidence to a Registration Authority (or Attribute Provider or Credential Service Provider) providing reliable Identification, thereby allowing the Registration Authority to make an Assertion of the Entity’s Identification at a useful level Of Assurance.
Expected Outcomes of Identity Proofing#The only outcome of Identity Proofing is to ensure that the applicant (ie Claimant) is who they claim to be.
As an example, such core attributes, to the extent they are the minimum necessary, could include:Credential Service Provider to collect additional information in the process of Identity Proofing an applicant, provided validation and verification follow the requirements contained herein, and the applicant explicitly consents to the Credential Service Provider collecting and storing the attributes.
One of the challenges associated with Authentication of people (Digital Identity) is while there are situations where this is not required or is even undesirable (i.e., use cases where anonymity or pseudonymity are required), there are others where it is important to reliably establish the association with a Natural Person. For Example include obtaining Health Care and executing Financial transactions. There are also situations where the association is required for Regulatory compliance reasons (e.g., Know Your Customer requirements in the Financial Institutions) or to establish accountability for high-risk actions (e.g., the release of water from a hydroelectric dam).
There are also instances where it is desirable for a Relying Party (RP) to know something about a user executing a transaction, but not know the "true" identity of the Natural Person. For example, in order to maintain integrity of the service, it may be desirable to know the home ZIP Code of a user for purposes of census taking or petitioning an elected official but where it is not necessary or desirable to know the underlying identity of the Natural Person. Identity Proofings provide a method for expressing the level Of Assurance associated with attributes established by the Credential Service Provider during the Identity Proofing process.
The objective of Identity Proofing is to at some level:
- Resolve a claimed Digital Identity to a single, unique identity within the context of the population of users the Credential Service Provider serves.
- Validate that all evidence that is supplied is valid (correct) and genuine (not counterfeit or misappropriated).
- Validate that the claimed identity exists in the real world.
- Verify that the claimed identity is associated with the Legal Person supplying the identity evidence.
Identity Proofing Patchwork#There is a patchwork landscape at the federal, state, and local level and for commercial industries for identity proofing and identity authentication.
- The Nevada Gaming Commission and State Gaming Control Board
- Regulation 5A (110 - Registration of Authorized Player)
Identity Proofing requires Evidence of Identification#
More Information#There might be more information for this subject on one of the following:
- Automatic Certificate Management Environment
- Certificate Authority
- Certificate Level Of Assurance
- Certificate Request Process
- Credential Enrollment
- Credential Management
- Credential Service Provider
- DNS Certification Authority Authorization
- Derived Credential
- Digital Identity
- Domain Authorization Document
- Examples of Evidence
- ISO 29003
- Identity Assurance Level
- Identity Proofing
- Identity Verification
- Knowledge-Based Authentication
- Level Of Assurance
- Level of Identity Proofing
- M-04-04 Level of Assurance (LOA)
- Public Key Infrastructure Weaknesses
- Registration Authority
- Social Identity
- Vectors of Trust
- Web Blog_blogentry_031017_1
- Web Blog_blogentry_040417_1
- Web Blog_blogentry_281016_1