View this document as: a single page | multiple pages.

Identity Evidence Examples by Strength

This appendix is informative.

This appendix provides a non-exhaustive list of types of identity evidence grouped by strength.

Fair Evidence Examples

The qualities and features of the different types of FAIR evidence vary based on how they are implemented. CSPs must evaluate and document the evidence types that it will accept based on the requirements provided in these guidelines.

Table 4. Fair evidence examples

Evidence Proofing Validation Verification
Financial Account KYC/CIP requirements • Confirm signature on assertion is from intended origin • Demonstrated possession via an AAL2 authentication event and an FAL2 federated assertion
• User input of a microtransaction event of sufficient entropy
Phone Account Established and documented account opening practices • Confirm presence of user account with MNO
• Confirm signature on assertion is from expected source
• Demonstrated possession through enrollment code
• Demonstrated possession via an AAL2 authentication event and an FAL2 federated assertion
Student ID Card Student registration and enrollment practices • Confirm signature on assertion is from expected source
• Confirm physical security features and evaluate for tampering
• Demonstrated possession via an AAL2 authentication event and an FAL2 federated assertion
• Physical comparison to image on the ID
• Biometric comparison to image on the ID
Corporate ID Card Onboarding and background screening practices • Confirm signature on assertion is from expected source
• Confirm physical security features and evaluate for tampering
• Demonstrated possession via an AAL2 authentication event and an FAL2 federated assertion
• Physical comparison to image on the ID
• Biometric comparison to image on the ID
Veteran ID card VA identity verification, issuance and eligibility process • Confirm signature on assertion is from expected source
• Confirm physical security features and evaluate for tampering
• Demonstrated possession via an AAL2 authentication event and an FAL2 federated assertion
• Physical comparison to image on the ID
• Biometric comparison to image on the ID
SNAP Card with Facial Portrait State defined eligibility and enrollment requirements • Confirm signature on assertion is from expected source
• Confirm physical security features and evaluate for tampering
• Visual inspection of the card
• Physical or biometric comparison to image on the ID

\clearpage

Strong Evidence Examples

Table 5. Strong evidence examples

Evidence Proofing Validation Verification
Driver’s License or State ID (physical) State issuance processes or the REAL ID Act • Confirm physical security features through inspection • Physical comparison of image on ID
• Biometric comparison of the image on the ID
• Biometric comparison to issuing source records
Permanent Resident Card (issued prior to May 11, 2010) DHS issuance and eligibility process • Confirm physical security features through inspection • Physical comparison of image on ID
• Biometric comparison of the image on the ID
• Biometric comparison to issuing source records
U.S. Uniformed Services Privilege and Identification Card DoD issuance and eligibility processes • Confirm physical security features through inspection • Visual comparison of image on ID
• Biometric comparison of the image on the ID
• Biometric comparison to issuing source records
Native American Tribal Photo Identification Card Local issuance and eligibility processes • Confirm physical security features through inspection • Visual comparison of image on ID
• Biometric comparison of the image on the ID
• Biometric comparison to issuing source records
Veteran Health ID Card (VHIC) VA identity verification, issuance and eligibility process • Confirm physical security features and evaluate for tampering • Visual comparison to image on the ID
• Biometric comparison to image on the ID
USCIS Security-Enhanced Travel Documents (I-571/I-327) USCIS issuance and eligibility processes • Confirm physical security features and evaluate for tampering • Visual comparison to image on the ID
• Biometric comparison to image on the ID

\clearpage

Superior Evidence Examples

Table 6. Superior evidence examples

Evidence Proofing Validation Verification
Personal Identity Verification (PIV) Card FIPS 201-3 identity verification and issuance processes • Validation of stored PKI certificate
• Revocation check if available
• Authentication consistent with multi-factor cryptographic authenticators per SP 800-63B
• Biometric comparison to image stored on ID or biometric stored on ID
• Visual comparison of image on ID
Personal Identity Verification-Interoperable (PIV-I) Card FIPS 201-3 identity verification and issuance processes • Validation of stored PKI certificate
• Revocation check if available
• Authentication consistent with multi-factor cryptographic authenticators per SP 800-63B
• Biometric comparison to image or biometric stored on ID
• Visual comparison of image on ID
Common Access Card (CAC) DoD identity verification and issuance process • Validation of stored PKI certificate
• CRL check if available
• Authentication consistent with multi-factor cryptographic authenticators per SP 800-63B
• Biometric comparison to image or biometric stored on ID
• Visual comparison of image on ID
US Passport State Department passport issuance process • Validation of stored PKI certificate
• Revocation check if available
• Visual comparison of image on ID on stored in ID
• Biometric comparison to image stored on ID
• Biometric comparisons to issuing source records
International e-Passports ICAO-compliant and/or State Department-approved • Validation of stored PKI certificate
• Revocation check if available
• Visual comparison of image on ID on stored in ID
• Biometric comparison to image on ID
• Biometric comparisons to issuing source records
Mobile Driver’s License (MDL) State issuance processes, AAMVA guidance, or Real ID Act • Validation of mobile security object
• Revocation check if available
• Authentication consistent with multi-factor cryptographic authenticators per SP 800-63B
Digital Permanent Resident Card (Verifiable Credential) DHS issuance and eligibility process • Validation of stored verifiable credential
• Revocation check if available
• Authentication consistent with multi-factor cryptographic authenticators per SP 800-63B
European Digital Identity Wallet (EUDI Wallet) Personal Identification (PID) Element EC defined identity verification and issuance process; qualified issuer certified • Validation of stored verifiable credential or mobile security object
• Revocation check if available
• Authentication consistent with multi-factor cryptographic authenticators per SP 800-63B
Japan’s My Number Card Japan’s defined identity verification and issuance process; qualified issuer certified • Validation of stored verifiable credential
• Revocation check if available
• Authentication consistent with multi-factor cryptographic authenticators per SP 800-63B