Enrolment, and the process of verifying each person are who they claim to be, is essential for all digital identity deployments but this isn’t always as simple as it should be.
MyID provides all of the processes and integration required to register, verify and approve individuals are who they claim to be prior to issuing them with a credential.
Key MyID capabilities include:
- Onboarding of individuals to start the registration process
- Flexible applicant data capture, including biographic, biometrics and document scans
- 1:N biometric uniqueness checks to prevent fraudulent re-enrolment
- ID verification prior to approving credential issuance
ROBUST DIGITAL IDENTITY VERIFICATION AND ISSUANCE IN ONE PLACE
By combining credential management with registration and identity proofing, MyID enables organisations to ensure that identities are verified before credentials are issued.
For IT teams wishing to comply with specific security policies, such as the identity proofing and enrollment activities specified as part of NIST FIPS 201, MyID is a proven, compliant solution.
Delivered as a single integrated product MyID reduces complexity, ensuring the solution is simple to deploy and easy to support.
Operators are presented with an easy to use graphical interface that guides them through the registration and ID verification process.
Organisations can be assured that a rigorous registration and identity verification process, enforced by MyID, complies with best practice and maximises the trust that can be placed in issued credentials.
By incorporating world leading biometric components from Aware into the MyID registration and verification workflows, MyID provides a high degree of independence from the biometric devices used for fingerprint and facial capture. This enables organisations to maintain flexibility when choosing hardware capture devices and often allows them to support the devices they already have deployed.
Supported devices include
- Document scanners – WIA and TWAIN devices
- 10-slap biometric capture devices – HID (Crossmatch), Thales, Integrated Biometrics and Jenetric
- Basic facial image – Standard webcams or file upload
- Facial image compliance and facial biometrics – Canon cameras and Logitech webcams
- 1:many biometric ABIS for uniqueness verification – pre-integrated with ABIS from Aware
HOW IT WORKS
MyID can be provided with initial sponsorship data (the basic person data required to begin the registration process) by a number of mechanisms, which can be used concurrently if required:
- LDAP – data is retrieved from an LDAP directory
- API – data is passed in to MyID from a 3rd party system via APIs
- Operator entry – data can be entered directly into MyID by an authorised operator
The data captured is highly configurable and can easily be altered to meet the requirements of a particular organisation or standard.
Registration (also known as enrollment) is the process by which MyID is provided with additional information on an applicant:
- Operator entry – MyID provides user enrollment screens to capture biographic and biometric data, including proof of ID documents, fingerprints, photo and facial biometrics.
- API – data can be passed in from a third-party system via APIs, including dedicated kiosk based (supervised remote enrollment) and mobile (offline) enrollment systems
- Hybrid – MyID can be used to augment partial data passed in via API
To provide registration, MyID integrates with 3rd party hardware including fingerprint readers (single finger and 10-slap), document scanners and digital cameras
Identity verification is the process of verifying an applicant’s data against a 1:many biometric matching system and/or 3rd party watchlists, often includes a combination of automated system responses and human review/approval, capabilities include:
- Integration with ABIS (Automated Biometric Identification System) solutions to provide 1:N fingerprint matching
- APIs for passing and receiving responses from background checking solutions
- Adjudication workflows within MyID to escalate exceptions or approve requests for credentials
Policy, Governance and Monitoring
At the heart of the MyID system is a backend web server / app server / database platform that puts organisations in full control of the identities they register and credentials they manage. Providing flexible policy settings, configuration settings and security options, including:
- Roles separation – control over who can sponsor, who can register and who can verify, including enforcement of the ‘two pairs of eyes’ principle, ensuring a single bad actor cannot create fraudulent credentials
- Flexible data capture, controlling what attributes are captured at which stage and who has access to them
- Audit – central signed audit trail for all MyID operations, provides nonrepudiation and investigative capabilities
- Reporting – MyID operations are available via built in enquiries, reports and APIs for integration into business intelligence tools
- Monitoring – APIs and SNMP support for monitoring system availability and status