Verification with the Information Authentication Level 3 (IAL3) is a high-stakes requirement reserved for transactions where unauthorised access could cause serious harm. To satisfy this standard, sufficient identification evidence and biometric capture must be provided, in addition to being present during an attended proofing session with a CSP representative present for proofing purposes.

Traveling employees across the country for IAL3 sessions is both financially unviable and logistically problematic for distributed teams. Trust Swiftly provides an affordable IAL3 verification solution that is both remote and supervised.

IAL3 is the highest level of identity proofing

IAL3 calls for the highest level of identity proofing, using live agents who identify and compare physical features like fingerprints or facial features to the digital representations of individuals. It is an integral component of NIST’s digital identity guidelines, essential for high-stakes applications like banking and government services. Furthermore, it provides the most effective defense against advanced fraud techniques.

One IAL3 compliant solution employs document verification, multispectral UV light analysis, facial recognition with liveness detection, and step-up re-proofing based on risk to satisfy NIST requirements and allow relying parties to select an AAL that best suits their needs while decreasing exposure to sophisticated attacks.

NIST 800-63A IAL3 has recently evolved from checklist requirements to a risk-based framework for authentication and federated identity management, deprecating email OTP authentication while downgrading SMS-based authentication while mandating phishing-resistant MFA and Passkey integration into IAL2. NIST also defines clear identity assurance levels to ensure credentials are only used for appropriate transactions.

IAL3 is supervised

NIST mandates Identity Layer 3 (IAL3) verification as the highest level of identity verification when accessing sensitive information, and requires a trained CSP representative to interact with an individual and verify their identity during an on-site IAL3 identity proofing session attended and supervised by a CSP representative. This process reduces highly scalable attacks while preventing synthetic identities, but its implementation in companies with distributed workforces can be challenging; any insufficient steps taken by this level of verification could lead to failed Third-Party Assessment Organization audits that open doors for unauthorised access and violations by third party audit companies that lead them.

One way of meeting IAL3 requirements is using a kiosk which can be attended remotely by an agent, which would enable an IAL3 agent to examine an applicant’s identity documents, capture biometrics for comparison with reference images, and perform other verification checks like device checks remotely – much faster and cheaper than flying someone across country for physical sessions; plus it would provide greater security than unlocked kiosks.

IAL3 is remote

NIST IAL3 verification process offers CSPs who need a more secure verification system a secure solution, since it requires proofing agents to be present during identity verification sessions and examine evidence documents and biometrics of individuals being verified – similar to how security guards review visitors before allowing them entry to an office building.

The IAL3 standard represents a major revision from earlier iterations of NIST 800-63A, including new requirements that prioritize stronger authentication protocols that resist phishing attacks and include an impactful framework for Digital Identity Risk Management (DIRM).

IAL3 Challenge is open to anyone over 21 with a valid US ID and offers up to $100,000 USD as rewards for successful spoofing. Bypasses are awarded according to level achieved; A+ shows ability to fake complete sessions that meet NIST SP800-63 requirements while B demonstrates ability to fake multiple biometrics but doesn’t fulfill them fully.

IAL3 is secure

IAL3 identity verification provides unrivalled levels of security, protecting against scaled and targeted attacks. The onsite, supervised verification process involves interaction between a trained CSP representative and enrollee as well as robust biometrics tied securely to their credential. IAL3’s process also limits evidence falsification, theft and repudiation – making it hard for threat actors to reverse engineer its processes.

Leading IAL3 solutions utilize cutting-edge liveness detection and face matching technologies. These tools enable cross-verification of facial attributes against verified identity documents belonging to enrollees; additionally they validate authenticity of identity documents by issuing source in order to address synthetic identities that arise due to mismatched documents.

IAL3’s in-person requirement had previously limited its government adoption; however, technological advances have made it possible to deploy its level of security remotely or onsite with minimal footprint – thus expanding accessibility while decreasing enrollment inconveniences and administrative burden.