Five Critical Things to Know About Identity Verification for the Government
Digital identity is complex, particularly when verifying for government agencies. To understand the constantly changing identity landscape, and by extension ID.me, it’s important to consider five critical factors that have shaped government verification requirements.
- The Federal Government Sets the Standards: The National Institute of Standards and Technology (NIST) establishes the technical requirements for identity verification at government agencies. NIST 800-63-3 establishes guidelines for identity verification providers when serving federal agencies.
- Credit History Used to Be the De Facto Requirement for Online Identity Verification: A presence in records – usually credit history – was historically required for remote or online identity verification. The requirement for presence in the records left many communities behind, specifically international users, younger individuals, indigenous populations, and the unhoused.
- Traditional Verification Methods Are Ineffective: The question-and-answer process of proving your identity – knowledge-based authentication (KBA) – is not effective at stopping identity theft and unauthorized access. In 2019, the Government Accountability Office noted KBA is insufficient to prevent fraud. NIST formally downgraded KBA to make clear it cannot be used for identity verification with government agencies.
- ID.me Developed New Secure Pathways to Make Verification More Inclusive: ID.me is the only company in the United States with NIST IAL2 compliant options to enable people to verify their identity through human agents online and in person. Those alternative pathways have allowed ID.me to verify more than 3 million people who would have likely been left behind with a credit bureau or data broker-centric approach to identity verification.
- Single-Sign-On Solutions Are Designed to Permanently Bridge the Gap: ID.me is a credential service provider offering a consumer single-sign-on solution that enables people to transfer their verified identity across websites with a common login, allowing them to avoid re-proving their identity each time.
A digital identity system predicated on credit history alone is simply unacceptable. Bridging the gap for traditionally underserved communities will take significant time and effort. Given the stakes, the task is necessary. By making identity verification more inclusive and by empowering people to verify through a single login, we can make our society more just.