Demo layout

Approved Service – Inflection EPCS

Inflection EPCS is a full CSP that provides remote identity proofing and strong MFA credentials to physicians who are digitally prescribing controlled substances, as permitted under DEA regulations and guidelines. These credentials are compatible with widely-used e-prescription software such as Epic Hyperspace. While Inflection is the entity responsible for the management and operation of the service, as well as any liabilities arising therefrom, it maintains a closely-integrated vendor relationship with Duo Security for the token management component of the service.

• Web: www.athenahealth.com
• Contact: Chris Barnes
• Phone: +1 (617) 402-1244

• Type: Credential Service Provider – Full Service
• Class of Approval: Classic
• Scope of Approval

• Level of Assurance: 3 non-PKI
• Jurisdiction: United States (All States)
• Grant ID: IAF-Approval-19.10-KI

• Date of grant of approval: December 26, 2019
• Renewals: December 2020 and December 2021
• Date of termination of approval: December 31, 2022
• Previous Trust Marks

Approved Service – AthenaClinicals

Athenahealth has implemented a framework and structure to ensure that any Prescriber using e- prescribing of controlled substance (EPCS) functionality within athenaClinicals has been subject to in- person identity proofing and verification and only issued e-prescribing credentials after achieving identity verification at Assurance Level 3 (AL3), as defined in National Institute of Standards and Technology (NIST) Special Publication 800-63-2.

Prescribers are authorized users of athenaNet, athenahealth’s cloud-based system providing software-as-a-service applications to health care organizations. Prescribers are employees of athenahealth Clients, each Client being bound by a Services Agreement for the provision of services and a Business Associate Agreement (BAA).

The Identity Verification process is limited to Prescribers issuing electronic prescriptions of controlled substances (EPCS) through athenaClinicals. For each Prescriber, the Identity Verification, Account Creation, Account Activation, and EPCS Verification workflows are completed by an employee of the respective Client designated as a Trusted Individual, in conjunction with additional actions required by Approvers (also employees of Client). The particular steps and processes required to complete Identity Verification and related workflows are set forth in athenahealth’s athenaClinicals Credential Policy (CrP) and Credential Service Provider Practice Statement and Procedure (CrPS), with which all Clients, Trusted Individuals, and Approvers are contractually obligated to comply.

Previous Trust Marks

Type: CSP – Full Service
Class of Approval: Classic
Levels of Assurance: 3
Jurisdiction: United States (All States)
Grant ID: IAF-Approval -16.03-KI
Date of grant of approval:  August 3, 2016
Date of termination of approval: August 31, 2019

Experian Precise ID

Web: http://www.experian.com/decision-analytics/identity-proofing.html
Contact: Tara Romeo

Approved Service – Experian Precise ID

Component Service

Experian’s Identity Proofing service known as Precise IDSM, is a solution which, in combination with Acuant’s AcuFill and AssureID, delivers risk-based identity verification at IAL2.

Precise IDSM is a single-platform hosted Identity Proofing solution delivering risk-based identity verification at Identity Assurance Level 2 (IAL2, as defined by NIST SP 800-63 rev.3) for clients across multiple government and industry domains, for both initial relationships and changing relationships, where additional client risk requires greater depth of identity verification.

Through our partner Acuant, Experian provides an IAL2-compliant Document Verification offering which provides for extract of document PII, document verification and facial matching and recognition allowing clients to validate government issued identity documents.

A single Precise IDSM enquiry accesses cross-industry shared application data, credit records, demographic and publicly available data from a variety of screened data sources, both internal and external to Experian. Precise IDSM is fully compliant with both the Gramm-Leach-Bliley Act (GLB) and the Fair Credit Reporting Act (FCRA). These data sources include information such as verified fraud records, including a fraud category, Credit Card Verification (CCV) data, and related types of records.

Through a combination of parameters, some determined by legislative obligations (e.g. GLB, FCRA), others by the type of contract Clients select, Precise IDSM delivers a score and other responses which enable Experian’s Clients to make informed decisions about whether to rely on their Applicant’s identity and manage the risk that it may be one associated with fraud.

Approved Service – Experian Precise ID

Component Service

Precise IDSM is a single-platform hosted Identity Proofing solution delivering risk-based identity verification at Assurance Level 3 for clients across multiple government and industry domains, for both initial relationships and changing relationships, where additional client risk requires greater depth of identity verification.

Previous Trust Marks

Experian Precise ID
Type: Component Service
Class of Approval: Classic
Levels of Assurance: 2 and 3
Jurisdiction: United States (All States)
Grant ID: IAF-Approval -16.01-KI
Date of grant of approval: March 24, 2016
Date of termination of approval: March 31, 2019

Experian Precise ID
Type: Component Service
Class of Approval: Classic
Levels of Assurance: 2 and 3
Jurisdiction: United States (All States)
Grant ID: IAF-Approval -12.04-KI
Date of grant of approval: October, 2012
Date of termination of approval: October 2015

Excelsior Security Solutions

Web: https://www.excelsiorsecuritysolutions.com/
Contact: Scott Shorter

ID.me

Web: www.ID.me
Contact: Pradheep Sampath
Phone: 3014673569

Approved Service – ID.me Identity Gateway

The ID.me ‘Identity Gateway’ service provides persons (“End Users”) with a simple and secure way to verify their identities, attributes, traits, and credentials. ID.me empowers persons to efficiently prove their identity while simultaneously providing assurance to businesses and government agencies that the user’s identity is reliably verified by an authoritative source.

ID.me’s Kantara-Approved Identity Gateway issues and authenticates password-based multi-factor credentials at the ‘Classic’ Levels of Assurance 2 and 3 (LoA2/LoA3 per OMB M-04-04 and NIST SP 800- 63 rev.2) and also at the NIST SP 800-63 rev.3 Identity and Authentication Assurance Levels 2 (IAL2 & AAL2). The user is offered a choice between multi-factor alternatives, to suit their needs and convenience.

The service provides Unsupervised identity proofing under both the Classic and 800-63 rev.3 Classes of Approval and under the latter also provides for Supervised In-person identity proofing, conducted by Trusted Referees. With both Classes of Approval, users may bring their own FIDO U2F-compatible device.

Identity Gateway relies on an FRCA Regulated Credit Agency and a Telecommunication Network-Linked Data Broker as its authoritative sources.

ID.me’s Identity Gateway is the first Service to which the Kantara Initiative has granted the ‘NIST 800-63 rev.3’ Class of Approval.

ID.me protects a user’s identity, while simultaneously providing assurance to businesses and government agencies that the user’s identity and group status are reliably verified by an authoritative source. These assurances allow for participants to confidently complete electronic transactions in a secure environment. Use of the ID.me service provides eligible parties access to certain benefits, services, and information from various organizations who wish to limit access based on requirements related to the underlying value and eligibility associated with the application and program.

Previous Trust Marks

Type: CSP – Full Service
Class of Approval: Classic
Levels of Assurance: 1,2,3
Jurisdiction: United States (All States)
Grant ID: IAF-Approval-14.02-KI
Date of grant of approval:  August 8, 2014
Date of termination of approval: September, 2017

SUNET

Web: www.sunet.se
Contact: Valter Nordh
Phone: +46 (0)707-884742

• • Type: Credential Service Provider – Full Service
  • Class of Approval: Classic

Scope of Approval

• Levels of Assurance: 1 and 2
• Jurisdiction: Sweden
• Grant ID: IAF – Approval – 17.01-KI
• Grant Dates:
  • Date of termination of approval: July 30, 2019

  Previous Trust Marks

Approved Service – eduID

eduID is a SUNET service that is part of the Swedish Academic Identity federation (SWAMID). The service is a common identity and authentication infrastructure for students and staff at Swedish universities and university colleges. The service is an Identity Provider at Assertion Levels 1 and 2.
The General Service Definition is published as a wiki on the SWAMID website. The service definition used for this assessment is version 16.

Previous Trust Marks

Type: Credential Service Provider – Full
Class of Approval: Classic
LoA: 1 and 2
Jurisdiction: Sweden
Grant ID: IAF – Approval – 15.01-KI
Date of grant of approval: February 27, 2015
Date of termination of approval: February 2018

USPS The United States Postal Service

Contact: Jane Quenk
Phone: +1 (202) 268-6312

• • Type: Credential Service Provider – Full
  • Class of Approval: Classic

Scope of Approval

• Levels of Assurance: 1 and 2
• Additional criteria: FICAM Trust Framework – Federal Privacy Profile, SAML 2.0 Web Browser SSO Profile
• Jurisdiction: United States (All States)
• Grant ID: IAF – Approval – 16.03-KI
• Grant Dates:
  • Date of termination of approval: March 31, 2019

Approved Service – USPS IVS

The United States Postal Service (USPS) Credential Service Provider (CSP) solution provides identity proofing, credential issuance, credential management and authentication services. The CSP performs identity proofing and credential issuance to Level of Assurance 1 (Level 1) to Level of Assurance (Level 2) as defined in the National Institute of Standards and Technology (NIST) Special Publication 800-63-2. In addition, the CSP supports the identity federation concept defined in the National Strategy for Trusted Identities in Cyberspace (NSTIC).
The intended consumer of the credential services is a USPS customer. USPS customers receive a federated identity credential that may be used to access websites and applications provided by USPS and other Relying Parties. Currently, there is no cost to a USPS customer to obtain a credential from the CSP solution.
Personal Identifiable Information (PII) collected by the CSP is encrypted in transmission and protected by mutually authenticated session protocols. At rest, stored PII is also encrypted. In all cases, FIPS 140-2 approved cryptography is utilized.
In the event that the CSP ceases operation, USPS shall continue to protect or will destroy all sensitive data including PII for all customers with Level 1 and Level 2 credentials.

NIXU

Web: www.nixu.com
Contact: Erik Runeson
Phone: +46 70 522 09 34

• LoA: 1-4
• Jurisdiction: EUROPE / SWEDEN / USA
• Grant ID:AA-2015-06
• Grant Date:
  • New: October 13, 2015
  • Renewed December 2016
  • Expiry Date: October 2018

GakuNin Access Federation

Web: www.gakunin.jp
Contact: SATO Hiroyuki

• Kantara Accredited Assessor
• Applicable Assurance Level: 1
• Jurisdiction: Japan. Tokyo District Court (Tokyo-to); Tokyo High Court (Kanto Region); The Supreme Court.
• Grant ID:AA-2019-04
• Grant Dates:
  • Issued on: January 17, 2019
  • Status: Renewed (January 2020)
  • Next Renewal: January 2021
  • Expiration date: January 31, 2022

  Previous Trust Marks

Previous Trust Marks

Accredited Assessor
Assurance Levels: 1
Grant ID: AA-2015-05
Issued on: October 13, 2015
Expiration date: October 31, 2018

Kuma, LLC

Web: www.kuma.pro
Contact: Ray Kimble
Phone: +1 (800) 993-7027 x701

• Kantara Accredited Assessor
• Applicable Assurance Levels: ALs 1,2,3,4; IAL2,IAL3; AAL2, AAL3
• Jurisdiction: Worldwide
• Grant ID: AA-2019-09
• Grant Dates:
  • Issued on: November 15,2019
  • Renewals: November 2020 and November 2021
  • Expiration date: November 30, 2022

  Previous Trust Marks
  

Previous Trust Marks

Accredited Assessor
Assurance Levels:, 1,2 and 3
Grant ID: AA-2015-03
Issued on: July 14, 2015
Expiration date: July 31, 2018

Seadot AB

Web: www.seadot.se
Contact: Björn Sjöholm
Phone: +46705 220110

• Kantara Accredited Assessor
• Applicable Assurance Levels: ALs 1,2,3,4; IAL2, IAL3; AAL2, AAL3
• Jurisdiction: Worldwide
• Grant ID: AA-2019-06
• Grant Dates:
  • Issued on: March 21, 2019
  • Status: Renewed (March 2020)
  • Next Renewal: March 2021
  • Expiration date: March 31, 2022

The Slandala Company

Web: www.slandala.com/about.htm
Contact: James Jung
Phone: +1 703 851 6813

• Kantara Accredited Assessor
• Applicable Assurance Levels: ALs 1,2,3,4; IAL2, IAL3; AAL2, AAL3
• Jurisdiction: Worldwide
• Grant ID: AA-2020-01
• Grant Dates:
  • Issued on: March 31, 2020
  • Renewals: March 2021 and March 2022
  • Expiration date: March 31, 2023

Previous Trust Marks

Accredited Assessor
Assurance Levels:, 1,2 and 3
Grant ID: AA-2016-01
Issued on: June 21, 2016
Expiration date: June 21, 2019

Accredited Assessor
Assurance Levels:, 1,2, 3, 4
Grant ID: AA-2012-02
Issued on: September 13, 2012
Expiration date: September, 2015

Zygma Inc.

Web: www.zygma.biz/
Contact: Richard Wilsher
Phone: +1 (714) 797-9942

• Kantara Accredited Assessor
• Applicable Assurance Levels: ALs 1,2,3,4; IAL2,IAL3; AAL2, AAL3
• Jurisdiction: Worldwide
• Grant ID: AA-2019-08
• Grant Dates:
  • Issued on: August 22,2019
  • Renewals: August 2020 and August 2021
  • Expiration date: August 31, 2022

  Previous Trust Marks