IAL3 requires on-site attended identity proofing with verified biometrics, and costs more to verify than IAL2. It has more stringent requirements, making it ideal for use only with highly sensitive transactions.

The IAL4 guideline features new Decision Impact Review Management (DIRM) processes to consider impacts on mission delivery, public trust, users (including equity and privacy issues), remote unattended IDENTIFIERS as pathways towards IAL2, as well as its phishing-resistant authentication mandate which deprecates email OTP and introduces FIDO Passkeys as authentication methods.

NIST IAL3 verification

NIST 800-63A IAL3 verification is the highest level of identity proofing and digital authentication available today, using document validation and biometric comparison to mitigate risks related to spoofing, fraud and theft while verifying whether or not individuals claiming they are individuals are actually genuine. For this level of verification it requires an in-person interaction between an identity verifier and individual being verified for this claim.

The NIST 800-63A IAL3 compliance process includes an in-depth security assessment, data protection, user access policies and risk evaluation policies to address identity fraud and data breaches as well as providing a framework for selecting an Information Archiving Library (IAL).

HYPR Affirm's IAL3 solution offers step-up reproofing based on risk, providing high levels of identity assurance across time. It helps organizations bridge the gap between security and business objectives for reduced cyber liability insurance costs and improved operational efficiencies by seamlessly combining chat, video, facial recognition with liveness detection and document authentication into one identity verification experience.

IAL3 identity proofing

IAL3 represents the pinnacle of identity proofing and verification. To complete it, live, in-person sessions must take place between enrollee and verifying at least one biometric characteristic; strict chain-of-custody protocols, anti-spoofing protections and detailed auditing processes also come into play - making IAL3 ideal for high risk use cases that require the most confidence in digital identities.

NIST 800-63A IAL3 outlines three assurance levels - Individually Assured Level, AAL Level and FAL Level - defined within its core structure but modernized accordingly to reflect emerging threats and best practices.

NIST 800-63A IAL3 provides organizations with a practical framework that assists them in selecting an assurance level based on business risk. By breaking assurance down into three dimensions - identity assurance (IAL), authentication assurance (AAL), and federated authentication assurance (FAL), users are able to allocate resources proportionately depending on transaction sensitivity. In addition, continuous evaluation keeps up with changing threat landscapes while remote identity proofing methods, including video-based verification are supported within this framework.

IAL3 compliant solution

Compliance with IAL3 requires strong identity verification that involves both remote and in-person verification, providing government services, financial transactions, or authentication use cases with high stakes authentication requirements a higher level of assurance than previous levels. To achieve IAL3 status requires higher-level credentials, stronger evidence of real world existence of individuals being verified as authentic, as well as improved biometric matching techniques in order to decrease fraud risk and identity theft risks.

The new guidelines also address email OTP and SMS-based authentication, while adopting more secure methods like FIDO2 security keys - which offer maximum protection from phishing-attacks and provide maximum protection from replay attacks.

TrustSwiftly IAL3 compliant solution provide organizations with an efficient means to remotely and accurately verify users, thus reducing cyber liability insurance and operational costs associated with password resets. The solution offers chat, video, facial recognition with liveness detection and document authentication as well as step-up reproofing based on risk. It thus meets NIST SP 800-63-3 while simultaneously creating a more resilient and secure digital experience for their organization.

NIST IAL3 solution

NISTIAL3 verification is an integral element of modern digital identity management strategies, providing continuous assessment of device posture, risk, and environmental factors to make explicit access decisions that mitigate risks while upholding Zero Trust's mandate of "never trust, always verify."

The NIST SP 800-63-4 framework establishes three Identity Assurance Levels, from self-asserted information up to rigorous in-person proofing with document and biometric validation. Furthermore, this document contains standard technical protocols for exchanging authentication assertions and federated identities.

Traditional in-person IAL3 proofing can be costly, time consuming and does not scale for remote workforces. Trust Swiftly's remote, IAL3 identity proofing solution combines chat, video, facial recognition with liveness detection and document authentication with step-up reproofing to meet NIST requirements and deliver a truly immersive IAL3 experience - not only checking a box but reducing insider risk, future-proofing compliance requirements and stopping multi-million dollar losses from sophisticated threats!

This scalable process not only checks a box but goes further: it reduces insider risk while future-proofing compliance obligations to meet NIST regulations while offering a true IAL3 experience - not just ticking reproofing boxes but more importantly: reduce insider risk, future proof compliance as well as futureproofing compliance reproofings step up proofing!