The new framework seeks to operationalize compliance by providing dynamic risk-based authentication. It defines assurance levels IAL, AAL and FAL as modular components that agencies can choose depending on their security, privacy and mission needs.

NIST IAL3 verification involves an identity mapping process which verifies claimed attributes with real world attributes, then verifying user ownership of those attributes. Furthermore, this requires anti-phishing authentication mechanisms like MFA and hardware authenticators like FIDO Passkeys for user verification.

IAL3 Compliant Solution

IAL3 requirements are intended to prevent highly scalable attacks by protecting against synthetic identities and attacks leveraging compromised personal information. In order to meet IAL3 criteria, an authenticator must be issued following an on-site or remote IAL3 identity proofing session in which multiple pieces of identification evidence and one or more biometric characteristics are collected directly (or remotely via supervision).

NIST Special Publication 800-63-4 reframes assurance by providing a modular, risk-based framework of Identity Assurance Levels (IAL), Authenticator Assurance Levels (AAL), and Federation Assurance Levels (FAL). When combined with Zero Trust principles, this operationalizes compliance as adaptive and continuous verification ensuring every authentication, authorization, or federation decision is verified contextually adaptively.

TrustSwiftly supports all required IAL levels as well as AAL and FAL requirements by offering document validation, PII aggregation for AAL1, and software or hardware-backed authenticators for AAL2. Terms written in capital letters represent normative requirements.

TrustSwiftly Managed

TrustSwiftly's IAL3 solution provides a highly secure remote identity proofing process. It uses numerous verification methods, including document authentication (with support for thousands of documents worldwide), biometric checks (facial recognition with liveness detection, fingerprint, voice, and knowledge-based authentication), dynamic knowledge authentication and dynamic knowledge-based authentication. What sets it apart is its supervised element with an agent overseeing each proofing session to prevent attempts to circumvent or bypass it through social engineering tactics.

This allows the system to verify that claimed identity matches up with real world identifications, and to protect against more sophisticated attacks like advanced proofing, spoofing, repudiation and phishing. A trusted referee may perform additional verifications like device checks using secure hardware-backed authenticators; such requirements aim to restrict more sophisticated attacks that require physical presence at a central location for execution; specific terms in CAPITALS indicate normative requirements while those written in BOLD provide informative details.

TrustSwiftly Pre-Configured

Trust Swiftly is an affordable NIST 800-63A IAL3 that provides multiple verification methods. Starting at just $0.02 per verification, its starter plan provides E-mail, Google Authenticator and Phone SMS verification methods; business plans provide more verification methods like ID documents Social PayPal Banking as well as video/selfie verification only available on Enterprise plans.

TrustSwiftly's IAL3 verification processes demand greater rigor than IAL2, including an on-site visit by an independent proofing agent, whether human or computer. RP can use information supplied to them from submission forms to validate the identity and authenticity of documents or evidence submitted, compare photos against physical appearance and fingerprint scans to visually confirm identities, as well as issue an authentication credential based on enrollment records.

TrustSwiftly Flex

TrustSwiftly's IAL3 compliant solution features state-of-the-art technologies like document authentication and biometric verification to bolster digital security measures. Businesses can utilize watchlist screening and user behavior patterns verification to ward off hacking attempts and fraud while mitigating risks like identity theft or account takeovers.

Supervised remote identity proofing offers a direct countermeasure against today's most sophisticated infiltration tactics such as deepfakes, AI impersonation and laptop farm fraud. It combines document authentication, facial recognition with liveness detection and fingerprint comparison in order to validate real human credentials; furthermore it securely links physical authenticators such as YubiKeys with each verified identity in order to prevent stand-in fraud and reduce cyber liability insurance costs.

IAL3 verification challenges are open only to individuals aged 21 or over with valid US identification and who pay a $500 USD fee to attempt them. Only those achieving an A or B grade will receive any rewards; this covers the hard cost associated with having human experts grade IAL3 attempts.