Kantara Baseline Identity Proofing Requirements, v3.0-alpha
Profile of all of 800-63A rev. 3 based on the Kantara assessment methodology
| Identifier | https://demo.trustmarkinitiative.org/tpat/tips/kantara-baseline-id-proof/3.0-alpha/ | ||||
| Publication Date | 2023-06-30 | ||||
| Issuing Organization |
Trustmark Initiative (https://demo.trustmarkinitiative.org/)
View Contact
|
||||
| Keywords | NIST, Kantara, ICAM, 800-63 |
Loading...
Trust Expression:
TD_IdentityProofingSuitabilityProhibition and TD_IdentityProofingNecessaryMinimum and TD_IdentityProofingPrivacyNoticePublished and TD_IdentityProofingPrivacyNoticeProvided and TD_IdentityProofingAdditionalAttributeCollection and TD_IdentityProofingProvideandPublishRedressMechanism and TD_IdentityProofingRedressAudits and TD_IdentityProofingCredentialPolicy and TD_IdentityProofingCredentialingPracticesStatement and TD_IdentityProofingRiskManagementProcess and TD_IdentityProofingAuditLogs and TD_IdentityProofingProtectPII and TD_IdentityProofingProtectedChannels and TD_IdentityProofingFraudMitigationinPrivacyRiskAssessment and TD_IdentityProofingPIIDisposalProcesses and TD_IdentityProofingNoSocialSecurityNumber and TD_IdentityProofingEnrollmentCodes and TD_IdentityProofingTrustedReferee and TD_IdentityProofingMinors
References (19)
| TD Identity Proofing - Suitability Prohibition, v3.0 | |
|---|---|
| Description | Requirement that identity proofing not be performed to determine eligibility for services or benefits. |
| ID | TD_IdentityProofingSuitabilityProhibition |
| Provider Reference | |
| TD Identity Proofing - Necessary Minimum, v3.0 | |
|---|---|
| Description | Requirements for collecting the minimum necessary PII during identity proofing. |
| ID | TD_IdentityProofingNecessaryMinimum |
| Provider Reference | |
| TD Identity Proofing - Privacy Notice Published, v3.0 | |
|---|---|
| Description | Requirements for explicit notice being provided regarding the collecting of PII during identity proofing. |
| ID | TD_IdentityProofingPrivacyNoticePublished |
| Provider Reference | |
| TD Identity Proofing - Privacy Notice Provided, v3.0 | |
|---|---|
| Description | Requirements for privacy notice being provided to applicants at the time of data collection. |
| ID | TD_IdentityProofingPrivacyNoticeProvided |
| Provider Reference | |
| TD Identity Proofing - Additional Attribute Collection, v3.0 | |
|---|---|
| Description | Requirements for collecting additional attributes during identity proofing. |
| ID | TD_IdentityProofingAdditionalAttributeCollection |
| Provider Reference | |
| TD Identity Proofing - Provide and Publish Redress Mechanism, v3.0 | |
|---|---|
| Description | Requirements for publishing redress mechanisms. |
| ID | TD_IdentityProofingProvideandPublishRedressMechanism |
| Provider Reference | |
| TD Identity Proofing - Redress Audits, v3.0 | |
|---|---|
| Description | Requirements for performing periodic redress mechanism audits. |
| ID | TD_IdentityProofingRedressAudits |
| Provider Reference | |
| TD Identity Proofing - Credential Policy, v3.0 | |
|---|---|
| Description | Requirements for publishing a credential policy. |
| ID | TD_IdentityProofingCredentialPolicy |
| Provider Reference | |
| TD Identity Proofing - Credentialing Practices Statement, v3.0 | |
|---|---|
| Description | Requirements for publishing a credentialing practices statement. |
| ID | TD_IdentityProofingCredentialingPracticesStatement |
| Provider Reference | |
| TD Identity Proofing - Risk Management Process, v3.0 | |
|---|---|
| Description | Requirements for conducting a risk management process. |
| ID | TD_IdentityProofingRiskManagementProcess |
| Provider Reference | |
| TD Identity Proofing - Audit Logs, v3.0 | |
|---|---|
| Description | Requirements for maintaining and reviewing audit logs. |
| ID | TD_IdentityProofingAuditLogs |
| Provider Reference | |
| TD Identity Proofing - Protect PII, v3.0 | |
|---|---|
| Description | Requirements for protecting PII collected during enrollment. |
| ID | TD_IdentityProofingProtectPII |
| Provider Reference | |
| TD Identity Proofing - Protected Channels, v3.0 | |
|---|---|
| Description | Requirements for using only protected channels during identity proofing. |
| ID | TD_IdentityProofingProtectedChannels |
| Provider Reference | |
| TD Identity Proofing - Fraud Mitigation in Privacy Risk Assessment, v3.0 | |
|---|---|
| Description | Requirements for fraud mitigation inclusion in privacy risk assessments. |
| ID | TD_IdentityProofingFraudMitigationinPrivacyRiskAssessment |
| Provider Reference | |
| TD Identity Proofing - PII Disposal Processes, v3.0 | |
|---|---|
| Description | Requirements for dispossing of PII. |
| ID | TD_IdentityProofingPIIDisposalProcesses |
| Provider Reference | |
| TD Identity Proofing - No Social Security Number, v3.0 | |
|---|---|
| Description | Requirements to avoid using Social Security Numbers (SSN) for identity proofing and resolution. |
| ID | TD_IdentityProofingNoSocialSecurityNumber |
| Provider Reference | |
| TD Identity Proofing - Enrollment Codes, v3.0 | |
|---|---|
| Description | The requirements for enrollment codes during the identity proofing process. |
| ID | TD_IdentityProofingEnrollmentCodes |
| Provider Reference | |
| TD Identity Proofing - Trusted Referee, v3.0 | |
|---|---|
| Description | The requirements for a CSP to identity proof Trusted Referees at an equivalent or higher assurance level then that of regular applicants. |
| ID | TD_IdentityProofingTrustedReferee |
| Provider Reference | |
| TD Identity Proofing - Minors, v3.0 | |
|---|---|
| Description | The requirements for a CSP to adhere to special rules when identity proofing minors. |
| ID | TD_IdentityProofingMinors |
| Provider Reference | |
Sources (1)
| Kantara | NIST 800-63 Assessment Guide |