[WG-IDAssurance] Remote Public Identity Proofing and cross-border Evidence checks

Colin Wallis colin_wallis at hotmail.com
Sun Dec 22 19:52:19 CST 2013


I may not have understood the question completely and nor do I think I have the answer, but maybe this will help.

 

I agree it may be 'more or less impossible' right now, but in time, with pan jurisdiction federation it won't be.

 

One way to help mitigate the risks here is to use  a service like Keesing https://keesingreferencesystems.com/

At least that would help determine if the presented document was fraudulent.

Of course it is relying on the docs, not the authoritative source, but as I say..step in the right direction.

 

I can see that in-person means you have the 'presenter links' to the identity principle covered (in NZ EOI standard parlance). you don't have that ability with remote proofing, hence the referencing records..maybe.. :-)

 

Cheers

Colin 
 

> Date: Sun, 22 Dec 2013 14:48:28 +0100
> From: bear at europoint.se
> To: wg-idassurance at kantarainitiative.org
> Subject: [WG-IDAssurance] Remote Public Identity Proofing and cross-border Evidence checks
> 
> Hello,
> 
> I have a question and comment on 5.2.2.4 Remote Public Identity Proofing.
> 
> We are trying to apply the requirements (AL2_ID_RPV#020 Evidence checks, 
> specifically) on a scenario where the applicant is a in another country 
> or even on another continent. The requirement to inspect and analyse the 
> collected records against the issuing authorities/institutions or 
> similar databases becomes more or less impossible if the service wants 
> to support a lot of/all countries. Access to the database for a 
> Government issues ID in any/all countries is difficult task.
> 
> For a In-Person Public Identity Proofing, there is no requirement to 
> reference check the records for the ID. I realize that that scenario is 
> based on a stronger identification, but the requirement to reference the 
> records in the remote scenario still does not feel proportional.
> 
> Does anyone have any comment on this, or a alternative interpretation?
> 
> Regards,
> Björn Sjöholm
> 
> -- 
> Björn Sjöholm, M.Sc. <bear at europoint.se>
> CISSP, CISA, CISM, CGEIT, CRISC, QSA (P2PE), PA-QSA
> Europoint Networking AB, www.europoint.se
> Phone +46 18 183030, Mobile +46 705 220110
> 
> _______________________________________________
> WG-IDAssurance mailing list
> WG-IDAssurance at kantarainitiative.org
> http://kantarainitiative.org/mailman/listinfo/wg-idassurance
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kantarainitiative.org/pipermail/wg-idassurance/attachments/20131223/ce72ec7a/attachment.html>


More information about the WG-IDAssurance mailing list