Presentation is loading. Please wait.

Presentation is loading. Please wait.

The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,

Published byDina Peters Modified over 9 years ago

Similar presentations

Presentation on theme: "The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,"— Presentation transcript:

1 The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer, SAFE-BioPharma Association

2 U.S. Government Standards / NIST SP 800-63-1 –Satisfies both Federal Bridge “Medium” requirements and FICAM Trust Framework LOA-3 Requirements for Identity Proofing –Remote, online, compliant identity proofing using KBA –Extended proofing through Online Antecedent method ties applicant back to a prior legal, in-person proofing event such as a mortgage application. Method approved by US Federal PKI Policy Authority. 2

3 Steps 1 & 2 Identity Verification User asserts identity information (Name, Address, Phone, SSN, DLN, DoB, Medical License Number, etc) Verify the information provided through record checks either with the applicable agency or institution or through credit bureaus or similar databases Confirm that Name, DoB, address and other personal information in records are consistent with the asserted information and sufficient to identify a unique individual. 3

4 Steps 1 & 2 Verify that the identity elements provided by the user match those of a real, legal identity verified through trusted data sources. Identify at least one antecedent record matching the minimum criteria for an In-Person Identity Proofing antecedent. Verify that the identity elements provided by the user match those provided by a trusted data source. 4

5 Steps 1 & 2 Verify that the users SSN exists in public records AND SSN is not deceased AND the last name matches the address Public and Private database records are searched to verify the identity of the user, as well as community specific (SAFE for example) sources such as: –DEA Controlled Substance License Databases –State Medical License Databases. 5

6 Step 3 Identity Authentication Quiz Generate a KBA quiz based on facts obtained about the user from the public and private databases The KBA quiz consists of a series of random, multiple choice questions derived from “non-wallet” based data using public and private historical antecedent database records. Advanced analytics are used to select questions from different domains and sources. As a result, these questions have a high likelihood of only being correctly answered only by the proper individual. 6

7 Step 3 KBA ConfigurationCustomer Selection Minimum Number of Questions displayed5 Minimum Number of Reserved Questions2 Minimum Number of multiple choice answers displayed per question5 Minimum Number of correct Questions which must be answered correctly to pass 4 Maximum Number of attempts to correctly answer KBA2 Maximum Timeout parameter5 minutes Example of KBA quiz parameters – which can be customized for the client: 7

8 Step 4 Determine Risk Provide an a “pass” or “fail” score based on the responses to the KBA questions based on the clients parameters Return as part of the transaction: –a unique transaction ID number, which ties back to the data used to verify the identity, the results of the verification process, and the results of the authentication quiz –The date and time of the KBA Retain the The transaction ID number, the results of the verification process, and the results of the authentication process, the verification data sources as stated in the CP (10 1/2 years) 8

9 NIST 800-63-1 Guideline The Electronic Authentication Guideline standard states in 6.3.1 Requirements per Assurance Level “ In some contexts, agencies may choose to use additional knowledge based authentication methods to increase their confidence in the registration process. For example, an Applicant could be asked to supply non-public information on his or her past dealing with the agency that could help confirm the Applicant’s identity.” Only LOA-1, LOA-2 and LOA-3 allow for remote identity proofing 9

10 Remote Proofing via Enhanced KBA Advantages Simplify the identity proofing process Deliver a positive user experience Enhance security by enabling scalable and easy-to-implement identity proofing Reduce fraud and associated costs through an enhanced user verification process (e.g. data is validated against trusted sources) Avoid privacy concerns that result when personal information is requested from users 10

11 For Further Information Peter Alterman, Chief Operating Officer: PAlterman@safe- biopharma.orgPAlterman@safe- biopharma.org Gary Wilson, Head, Technical Programs and Operations: Gwilson@safe-biopharma.org Gwilson@safe-biopharma.org 11

Download ppt "The SAFE-BioPharma Identity Proofing Process Author of Record SWG (Digital Credentials) October 3, 2012 Peter Alterman, Ph.D. Chief Operating Officer,"

Similar presentations

Directory and Trust Services (D&TS) Define an Abstract Model Purpose: Document a common terminology that the group can use between the various tracks Identify.

Directory and Trust Services (D&TS) Define an Abstract Model Purpose: Document a common terminology that the group can use between the various tracks Identify.
© Experian Information Solutions, Inc. 2007. All rights reserved. Confidential and proprietary. Press ALT+F4 to quit Take a risk-based approach to authentication.

© Experian Information Solutions, Inc All rights reserved. Confidential and proprietary. Press ALT+F4 to quit Take a risk-based approach to authentication.
Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.

Appropriate Access InCommon Identity Assurance Profiles David L. Wasley Campus Architecture and Middleware Planning workshop February 2008.
Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.

Overview of US Federal Identity Management Initiatives Peter Alterman, Ph.D. Chair, Federal PKI Policy Authority and Asst. CIO E-Authentication, NIH.
The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.

The Need for Trusted Credentials Information Assurance in Cyberspace Mary Mitchell Deputy Associate Administrator Office of Electronic Government & Technology.
EAuthentication Before accessing the Delphi eInvoicing System, you must be an authenticated user. This authentication process is called eAuthentication.

EAuthentication Before accessing the Delphi eInvoicing System, you must be an authenticated user. This authentication process is called eAuthentication.
EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.

EDUCAUSE 2001, Indianapolis IN Securing e-Government: Implementing the Federal PKI David Temoshok Federal PKI Policy Manager GSA Office of Governmentwide.
Janice Kephart Director of National Security Policy, Center for Immigration Studies Heritage Foundation July 14, 2009.

Janice Kephart Director of National Security Policy, Center for Immigration Studies Heritage Foundation July 14, 2009.
Identity Assurance at Virginia Tech CSG January 13, 2010 Mary Dunker

Identity Assurance at Virginia Tech CSG January 13, 2010 Mary Dunker
Department of Labor HSPD-12

Department of Labor HSPD-12
Online Identity Authentication and Data Broker SNAP Director’s Conference September 23, 2013.

Online Identity Authentication and Data Broker SNAP Director’s Conference September 23, 2013.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
U.S. Department of Justice Drug Enforcement Administration Office of Diversion Control Electronic Prescriptions for Controlled Substances Michelle Ferritto,

U.S. Department of Justice Drug Enforcement Administration Office of Diversion Control Electronic Prescriptions for Controlled Substances Michelle Ferritto,
Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.

Federated Identity, Levels of Assurance, and the InCommon Silver Certification Jim Green Identity Management Academic Technology Services © Michigan State.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.

Information Resources and Communications University of California, Office of the President Current Identity Management Initiatives at UC & Beyond: UCTrust.
Confidential 1 Electronic Prescribing of Controlled Substances: Prescriber Identity Proofing and Credentialing Part 2 of a 3 Part Series Chuck Klein, Ph.D.

Confidential 1 Electronic Prescribing of Controlled Substances: Prescriber Identity Proofing and Credentialing Part 2 of a 3 Part Series Chuck Klein, Ph.D.
User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.

User Authentication Recommendations Transport & Security Standards Workgroup December 10, 2014.
Intra-ASEAN Secure Transactions Framework Project Progress Report

Intra-ASEAN Secure Transactions Framework Project Progress Report
Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.

Identity Management What is it? Why? Responsibilities? Bill Weems Academic Computing University of Texas Health Science Center at Houston.

Similar presentations

Ads by Google