Join. Innovate. Trust.

Service Provider Approval

If you are interested to become a Kantara approved CSP, first, please read Kantara Classes of Approval and Approval Roadmap. Applicants should be fully familiar with, inter alia, Kantara’s: Service Approval Handbook; Service Assessment Criteria, available below. 

 

NOTE: Kantara Identity Assurance Framework Major Release – 2020-10-15
This release of updates to the KIAF consists of significant changes which have been coordinated to provide a single, harmonized, release.  The changes incorporated in this release can be found at: KIAF Major Release – 2020-10-15

Table of Contents

  1. Service Approval Handbook
  2. Service Assessment Criteria Overview
  3. Service Assessment Criteria
  4. Application Package

 

1. Service Approval Handbook

Title
KIAF 1340 – Service Approval Handbook
1 file(s)
NORMATIVE
  • KIAF 1340 - Service Approval Handbook defines the obligations upon Applicant and Approval-holding CSPs, the ARB and its Secretariat, and Accredited Assessors, with regard to the Approval assessment and application processes.
3.0

ARB Notice regarding KIAF-1340 Service Approval Handbook, 2020-03-30

In light of the present SARS-COV2/COVID-19 virus pandemic the ARB has reviewed the Service Approval Handbook §6.1.3, §8.1.3 and §9.1.3 (which state requirements under which Assessors SHALL include  site  visits  in  their  assessment  program)  and  determined  that, until  this  notice  is  rescinded, any Kantara requirements that assessors visit CSPs’ premises or meet face-to-face with personnel are suspended.
While it understands that assessments already utilize a high degree of efficient use of on-line conferencing applications the ARB hereby requests that, in lieu of these above-cited requirements, assessors and CSPs use their best endeavours, given their respective business operation restrictions, to formulate a plan for a virtual inspection to the fullest extent practical, including remote video, of CSP premises.
Assessors SHALL, in their KARs, describe the steps that have been taken to substitute for actual on-site visits and describe any limitations which have been imposed

 

2. Service Assessment Criteria Overview – Guidance on completing a SoCA and derived SoC

Title
KIAF-1405 Service Assessment Criteria – Overview
1 file(s)
NORMATIVE
  • This document describes the application of the Kantara Identity Assurance Framework’s (KIAF) Service Assessment Criteria (SAC) documents to create two key documents required by Approval applicants when submitting their services for Kantara approval, these being the Statement of Criteria Applicability (SoCA) and the Statement of Conformity (SoC), the requirements for both of which are stated in KIAF-1340 Service Approval Handbook.
1.0

 

3. Service Assessment Criteria for Identity & Credential Management Systems

Service Assessment Criteria Sets for Classic and NIST 800-63 rev.3 (Full and Technical) Classes of Approval

Title
KIAF 1430 – Identity Assurance Framework: NIST SP 800-63A Service Assessment Criteria (SAC) & Statement of Criteria Applicability (SoCA)
1 file(s)
NORMATIVE
  • This Specification sets forth KI's Service Assessment Criteria for assessments against the requirements of NIST's SP 800-63A as published 2017-12-01 (with errata) at IAL2 & IAL3, to be generally referred-to as the '63A_SAC'.
  • Please fill out the form to receive the 63A_SAC
[wpforms id="11311" title="false" description="false"]
4.0
KIAF 1440 – Identity Assurance Framework: NIST SP 800-63B Service Assessment Criteria (SAC) & Statement of Criteria Applicability (SoCA)
1 file(s)
NORMATIVE
  • This document sets forth KI's Service Assessment Criteria for assessments against the requirements of NIST's SP 800-63B as published 2017-12-01 (with errata) at AAL2 and AAL3, to be generally referred-to as the '63B_SAC'.
  • Please fill out the form to receive the 63B_SAC
[wpforms id="11327" title="false" description="false"]
4.0
KIAF 1450 – Identity Assurance Framework: NIST SP 800-63C Service Assessment Criteria (SAC) & Statement of Criteria Applicability (SoCA)
1 file(s)
NORMATIVE
  • This document sets forth KI's Service Assessment Criteria for assessments against the requirements of NIST's SP 800-63C as published 2017-12-01 (with errata) at FAL2 & FAL3, to be generally referred-to as the '63C_SAC'.
  • Please fill out the form to receive the 63C_SAC
[wpforms id="11329" title="false" description="false"]
1.0
KIAF 1410 – CO_SAC Kantara Identity Assurance Framework: Common Organizational Service Assessment Criteria (SAC) & Statement of Criteria Applicability (SoCA) – Excel Version
1 file(s)
NORMATIVE
  • This Specification sets forth KI's Service Assessment Criteria for assessments whose scope includes the good standing of the organization which provides the service which is subject to assessment, be generally referred-to as the 'CO_SAC'.
3.0
KIAF 1420 – OP_SAC Kantara Identity Assurance Framework: Operational Service Assessment Criteria (SAC) & Statement of Criteria Applicability (SoCA)
1 file(s)
NORMATIVE
  • This Specification sets forth KI's Service Assessment Criteria, generally referred-to as the 'OP_SAC', for the assessment of the operational functionality of those services which align to the 'Classical' Kantara criteria, which are based loosely on NIST SP 800-53 rev.2, be generally referred-to as the 'OP_SAC'.
2.0

Acknowledgement: Kantara Initiative Inc. is grateful for the support of ID.me in sponsoring the editing of the service assessment criteria for NIST SP 800-63 rev.3

4. Application Package – Service Approval

If you have any questions and/or want to learn more, please contact us