No personal information is ever stored or shared. The user has total control of her data. The user decides when, where and with whom to use her identity. This is in line with GDPR privacy requirements. ENISA Guidelines for GDPR Compliance recommend “Two-factor authentication as a technical security measure for accessing systems that process personal data.”
IDEE user authentication factors are mutually independent, non-replicable, non-reusable, do not disclose the authentication information, cannot be reversed to reveal previous or subsequent authentication information. It also, provides dynamic linking as defined by EBA RTS PSD2 Strong Customer Authentication (SCA) requirements.
IDEE Multi-factor authentication solution meets PCI requirements of “multi-factor authentication (MFA) for preventing unauthorized access to computers and systems that process payment transactions”.
IDEE complies with NIST SP800-63B digital identity guidelines such as using Multi-factor authentication to provide “high confidence that the claimant controls authenticator(s) bound to the subscriber’s account“.
The different authentication assurance levels as stipulated in ISO 29115 while accessing different services are observed by IDEE depending on the security requirements and the sensitivity of the asset to be protected. IDEE provides MFA by default not just “where substantial risk is associated with erroneous authentication”.
IDEE is compliant with the NCSC Guidance for Multi-factor authentication on online services.
IDEE is compliant with the NIST privileged account management for the financial services sector’s authentication requirements.
FFIEC requires financial institutions implement multi-factor authentication for high-risk transactions involving access to customer information or the movement of funds to other parties. IDEE solution helps customers to achieve this requirement.
US Cybersecurity National Action Plan (CNAP) empower Americans to secure their online accounts by “moving beyond just passwords and adding an extra layer of security … by combining a strong password with additional factors”. IDEE eliminates passwords completely while providing a strong and reliable multi-factor authentication.
FTC considers multi-factor authentication as a minimum standard for allowing access to customer information for most financial institutions. It requires financial institutions to “implement multi-factor authentication for any individual accessing customer information … internal networks that contain customer information.” IDEE helps clients to comply with this requirement.