1
00:00:01,634 --> 00:00:05,138
In this video, we will demonstrate
 our automated self-service

2
00:00:05,138 --> 00:00:09,976
enrollment process at NIST’s IAL2/AAL2 standard

3
00:00:10,276 --> 00:00:13,313
for a new user creating an account
 using ID.me.

4
00:00:14,080 --> 00:00:17,517
We have designed the customer experience
 to minimize the level of effort

5
00:00:17,517 --> 00:00:20,620
required by the end-
user to verify their identity.

6
00:00:21,554 --> 00:00:24,257
The five easy steps to set up an ID.me account 

7
00:00:24,257 --> 00:00:25,992
typically only take a few minutes.

8
00:00:26,926 --> 00:00:30,130
All the user will need
 is an accessible email account

9
00:00:30,130 --> 00:00:32,198
and a mobile phone that can take photos.

10
00:00:32,599 --> 00:00:35,668
They'll also need to take a selfie
and upload a picture of

11
00:00:35,668 --> 00:00:37,570
a government-issued ID. 

12
00:00:38,038 --> 00:00:41,841
New users will see the option to either
 sign in using ID.me

13
00:00:42,542 --> 00:00:44,344
or create an account with ID.me.

14
00:00:45,545 --> 00:00:49,215
For this demonstration, we will assume the user doesn't have an existing account.

15
00:00:49,883 --> 00:00:50,383
First

16
00:00:50,683 --> 00:00:52,886
Users will need to enter their email address.

17
00:00:54,554 --> 00:00:57,891
Next, they'll click a link in the email to confirm their ownership

18
00:00:57,891 --> 00:00:59,192
of the email address.

19
00:01:02,762 --> 00:01:05,765
In accordance with NIST 863B,

20
00:01:06,166 --> 00:01:08,902
users will set up multi-factor authentication

21
00:01:08,935 --> 00:01:12,872
to ensure that all their information
 stays secure in the unlikely event

22
00:01:12,872 --> 00:01:15,442
their email and password are compromised.

23
00:01:15,875 --> 00:01:20,413
ID.me offers users several options
 for multi-factor authentication.

24
00:01:20,847 --> 00:01:25,485
Users can get an SMS based
 one time password or use a mobile app

25
00:01:25,485 --> 00:01:29,422
to receive a push notification
 or a time based one time password.

26
00:01:29,956 --> 00:01:30,924
Alternatively,

27
00:01:31,091 --> 00:01:32,826
they can use a hardware or mobile token

28
00:01:33,026 --> 00:01:34,994
such as YubiKey. 

29
00:01:39,933 --> 00:01:41,901
ID.me also gives users the option 

30
00:01:41,901 --> 00:01:45,772
to generate a backup recovery code
 in case they are away from the device

31
00:01:45,772 --> 00:01:48,775
they used for MFA,
 or lose access to their accounts.

32
00:01:49,909 --> 00:01:51,678
With the account created and secured,

33
00:01:51,978 --> 00:01:52,912
the user will choose

34
00:01:52,912 --> 00:01:55,448
one of several methods to verify their identity.

35
00:01:55,782 --> 00:01:59,152
They can submit a photo of either
 their driver's license, state ID,

36
00:01:59,486 --> 00:02:01,187
passport, or passport card.

37
00:02:02,589 --> 00:02:04,057
Users can upload photos of 

38
00:02:04,057 --> 00:02:07,827
their documents from their computers
 if they already have them on file

39
00:02:08,228 --> 00:02:10,263
or take new photos
 with their mobile phone.

40
00:02:10,964 --> 00:02:11,998
Behind the scenes,

41
00:02:12,265 --> 00:02:16,402
ID.me first confirms that the documents are
 legitimate and have not been tampered with

42
00:02:16,669 --> 00:02:20,406
and then abstracts the key data
 fields needed to perform identity proofing

43
00:02:20,406 --> 00:02:22,876
using computer vision. 

44
00:02:24,177 --> 00:02:26,679
In accordance with NIST 863A,

45
00:02:27,147 --> 00:02:29,716
users are also asked
 to submit a selfie.

46
00:02:30,450 --> 00:02:33,987
ID.me will match the selfie
 to the photo on the government ID

47
00:02:34,387 --> 00:02:37,891
to provide biometric verification
 of the user's identity.

48
00:02:38,525 --> 00:02:42,428
Once these steps are complete,
 users enter their Social Security number.

49
00:02:43,163 --> 00:02:47,867
ID.me requires a Social Security number
 to uniquely resolve a user's identity

50
00:02:48,201 --> 00:02:51,304
and match their information
 against authoritative data sources

51
00:02:51,938 --> 00:02:54,040
such as utility or financial records.

52
00:02:54,407 --> 00:02:58,945
This also ensures that there is only one
 verified ID.me account per user.

53
00:03:01,147 --> 00:03:03,283
Once the user confirms their information,

54
00:03:03,483 --> 00:03:06,753
they will give their consent
 to share their data with your agency.

55
00:03:07,253 --> 00:03:10,490
We use a privacy by design model,
 where the user retains

56
00:03:10,490 --> 00:03:13,493
control of what information is shared
 and with whom.

57
00:03:13,993 --> 00:03:17,363
If they do not choose to send their data,
 they will not be able to use

58
00:03:17,363 --> 00:03:19,432
their verified credential at your site.

59
00:03:20,400 --> 00:03:23,536
After the user clicks allow, the process is complete.

60
00:03:24,137 --> 00:03:25,471
 With their ID.me account,

61
00:03:25,471 --> 00:03:28,041
they will be able to quickly login to your site

62
00:03:28,041 --> 00:03:30,610
 as well as other ID.me partnered websites.