<meta charset="UTF-8">
<meta name="robots" content="noindex,nofollow" />
<link rel="shortcut icon" type="image/x-icon" href="/wiki/images/favicon.ico" />
<link rel="icon" type="image/x-icon" href="/wiki/images/favicon.ico" />

<pre>
!!! Overview
[{$pagename}] the function of collecting [evidence] ([Identity Attributes] or [Identity Documents]) which supports a [claim] of [Identification] for a specific [entity] and the validation and verification of that [evidence] so as to determine the veracity (or otherwise) of the [claim].


[{$pagename}] typically, is a process in which a [entity] provides [evidence] to a [Registration Authority] (or [Attribute Provider] or [Credential Service Provider]) providing reliable [Identification], thereby allowing the [Registration Authority] to make an [Assertion] of the [Entity]’s [Identification] at a useful [level Of Assurance].


[{$pagename}] usually performed during and [Enrollment] or [Credential Enrollment] process.


[{$pagename}] may be used to establish the uniqueness and [Authenticity] of an individual’s [Identification] to facilitate the [Provisioning] of an [entitlement] or [service].

[{$pagename}] is a form of [Authentication] used during [Enrollment] and on which future [Authentications] will be based.

%%information
[{$pagename}] is often used to indicate the [Verification] of an [Digital Identity] within the [Authentication] process. Based on [Internet Security Glossary] ([RFC 4949]) [{$applicationname}] will refer to [{$pagename}] as is performed during the an [Enrollment] or [Credential Enrollment] process.
%%

[{$pagename}] is a process that vets and verifies the information that is used to establish the identity of a system [entity]. ([RFC 4949]) (See: [registration].)

[{$pagename}] [SHOULD] be based on &quot;life history&quot; or transaction information aggregated from public and proprietary data sources.[1]

Bottom line, [{$pagename}] is [Authentication] during the [Enrollment]

In some [Credential Enrollment] processes, an external [Verifier] or [Identity Verification Service] may be used.

!! Expected Outcomes of [Identity Proofing]
The only outcome of [Identity Proofing] is to ensure that the applicant (ie [Claimant]) is who they [claim] to be. 

[{$pagename}] may include presentation, validation, and verification of the minimum [Claims] necessary to accomplish the specified [level Of Assurance] for [Credential Enrollment]. 

As an example, such core [attributes], to the extent they are the minimum necessary, could include:
* [Full name]
** [Birth Name]
* [Date Of Birth|Birthday] ([DOB])
* [Place Of Birth]
* [Address]
* Many others
It is permissible for the [Credential Service Provider] to collect additional information in the process of [Identity Proofing] an applicant, provided validation and verification follow the requirements contained herein, and the applicant explicitly [consents] to the [Credential Service Provider] collecting and storing the attributes.

One of the challenges associated with [Authentication] of people ([Digital Identity]) is while there are situations where this is not required or is even undesirable (i.e., use cases where [anonymity] or [pseudonymity] are required), there are others where it is important to reliably establish the association with a [Natural Person]. For [Example] include obtaining [Health Care|HealthCare] and executing [Financial] transactions. There are also situations where the association is required for [Regulatory compliance] reasons (e.g., [Know Your Customer] requirements in the [Financial Institutions]) or to establish [accountability] for high-risk actions (e.g., the release of water from a hydroelectric dam).

There are also instances where it is desirable for a [Relying Party] ([RP]) to know something about a user executing a transaction, but not know the &quot;true&quot; identity of the [Natural Person]. For [example], in order to maintain [integrity] of the service, it may be desirable to know the home ZIP Code of a user for purposes of census taking or petitioning an elected official but where it is not necessary or desirable to know the underlying identity of the [Natural Person]. [{$pagename}]s provide a method for expressing the [level Of Assurance] associated with attributes established by the [Credential Service Provider] during the [Identity Proofing] process.

The objective of [{$pagename}] is to at some level:
* Resolve a claimed [Digital Identity] to a single, unique identity within the context of the population of users the [Credential Service Provider] serves.
* Validate that all evidence that is supplied is valid (correct) and genuine (not counterfeit or misappropriated).
* Validate that the claimed identity exists in the real world.
* Verify that the claimed identity is associated with the [Legal Person] supplying the identity [evidence].


!! [{$pagename}] Patchwork
There is a patchwork landscape at the federal, state, and local level and for commercial industries for identity proofing and identity authentication.

* Government
** Federal: [NIST.SP.800-63A] [Identity Assurance Level]
* Commercial
** Banking: Section 326 of the USA PATRIOT Act [Customer Identification Program]) 
** Various other [Know Your Customer]
* The Nevada Gaming Commission and State Gaming Control Board
* Regulation 5A (110 - Registration of Authorized Player)

!! [{$pagename}] requires [Evidence] of [Identification]

* [Examples of Evidence]



!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
* [#1] - [Identity-proofing services|https://www.gartner.com/it-glossary/identity-proofing-services/|target='_blank'] - based on information obtained 2016-10-28- 
</pre>