1Kosmos CSP enables government agencies to digitally verify resident identity

By | 9:12 AM Leave a Comment

1Kosmos has expanded its offerings for the identity verification and passwordless market with the introduction of a new Credential Service Provider (CSP) managed service based on the privacy-by-design 1Kosmos platform.

The 1Kosmos CSP offering enables government agencies to offer residents who are requesting services an elegant, automated process that simultaneously digitally verifies their identity up to certified NIST Identity Assurance Level 2 (IAL2) and then issues a strong, phishing-resistant, multi-factor authentication (MFA) credential, up to certified NIST Authentication Assurance Level 2 (AAL2).

1Kosmos improves resident access to services; reduces new account fraud by detecting synthetic and stolen identities during enrollment; ensures equitable access, even for thin file individuals; prevents account takeover by eliminating passwords; reduces investment in on-premises technology required to support identity verification, data storage and protection; and shrinks the overall cyber attack surface.

“Virtually every government agency at the federal, state, tribal, and local level is modernizing resident services which all require immutable digital identity verification,” said Hemen Vimadalal, CEO of 1Kosmos. “With the 1Kosmos CSP service, we are providing the government sector with a low friction, intuitive and user-directed way to enroll and verify their identity that meets the highest assurance level standards available today.”

With 1Kosmos, residents can enroll via several methods using their existing physical-world credentials, such as a government issued driver’s license, ID card or passport. These methods include a web interface, mobile app, agent assisted / remote supervised, and in-person proofing. Credentials are validated and cross-referenced in real time, and all data is stored in a decentralized framework and accessed via FIDO2 certified public-private key cryptography.

This supports sharing or federation only upon explicit consent by the user in the form of a tamper-evident, reusable and verified credential and avoids creating data lakes of PII, which are rich targets for cyber attacks.

1Kosmos is working to achieve an Authority to Operate (ATO) under the Federal Risk and Authorization Management Program (FedRAMP). FedRAMP is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services.

How the 1Kosmos CSP works

As part of the 1Kosmos platform, the CSP service walks users through an enrollment journey which can include the following steps on their mobile device or through a browser-based UI:

  • Email and device verification
  • Document scanning and verification for driver’s license, ID, passport, etc.
  • Non-biased biometric capture (including LiveID where a user must blink or smile) that protects against presentation and injection attacks (e.g. deepfakes)
  • Phone number verification using SIM binding, where a security token (used as proof of identity) is linked to a device trusted by the user and a service provider
  • Social security number (optional) and address verification

Once completed, this enrollment process creates a user controlled, privacy-preserving digital wallet that provides a government-grade validated identity for online transactions.

The 1Kosmos CSP also enables a privacy-preserving process whereby users create a secure identity that is independent of any service provider and which allows them to control what personally identifiable information (PII) they wish to share with third parties.

This ensures data privacy and control, since PII is securely stored within their wallet, preventing administrators and remote applications from changing or deleting the information purposefully or inadvertently. Since the data is stored in a private and permissioned distributed ledger, it cannot be compromised by a data breach at any point in the supply chain.

Availability

1Kosmos and the new CSP service are available from 1Kosmos and its business partners worldwide.


from Help Net Security https://ift.tt/ndbHosL

0 comments:

Post a Comment