FB pixel

ETSI TS 119 461 certification: security requirements for digital identity proofing

ETSI TS 119 461 certification: security requirements for digital identity proofing
 

The importance of digital identity proofing in the digital landscape is well established. Digital identity proofing plays a critical role in upholding security, trust, and regulatory adherence across various sectors and services. Organizations leverage identity proofing to safeguard against fraud and unauthorized access while facilitating secure digital transactions.

In July 2021, the European Telecommunications Standards Institute (ETSI) introduced technical standards in the form of ETSI TS 119 461 certification, defining security requirements for digital identity proofing services. This certification framework aims to govern the capture, processing, and validation of identity evidence, such as documents, data, or biometrics, to authenticate individuals.

By obtaining this certification, biometric companies can operate as Identity Proofing Service Providers (IPSPs) for Qualified Trust Service Providers (QTSPs) and Trust Service Providers (TSPs). It also establishes a framework for issuing qualified electronic signatures.

Requirements for achieving ETSI TS 119 461 Certification

The certification outlines the requirements for starting an identity proofing process, gathering attributes, verifying them, connecting them to the application, and issuing the digital identity proofing results.

The system requires that the presented attributes match the individual’s identification. A registration officer can establish the connection to the application either manually or automatically through biometrics.

Organizations need to establish strong authentication measures to store personal biometric data securely. The system must be capable of offering identity proofing services through various methods, such as on-site, video, automated hybrid, and NFC-based solutions.

Moreover, the system should adhere to a minimum Level of Identity Proofing (LoIP) in line with eIDAS (Electronic Identification, Authentication, and Trust Services) requirements. This standard will impact future industry regulations, including the 6th European Anti-Money Laundering Act (AMLD6) and eIDAS 2.0.

ETSI TS 119 461 Certification for Biometric Data Protection

The certification focuses on safeguarding biometric data through stringent standards for managing digital identity proofing services. It ensures biometric data capture, processing, and storage, following encryption protocols and secure data storage practices.

ETSI TS 119 461 is designed to align with the General Data Protection Regulation (GDPR), ensuring that biometric data is handled in accordance with pertinent EU data protection laws.

Industries such as financial and government services commonly utilize biometric identity proofing to verify customer identities. These services must comply with regulations like Know Your Customer (KYC) and Anti-Money Laundering (AML) rules, providing an additional security layer beyond traditional authentication methods.

Why does the certification matter?

Businesses that attain ETSI TS 119 461 certification adhere to best practices for biometric identity proofing, creating consistency and efficiency across different providers. This certification offers assurance to both businesses and end-users regarding the reliability and security of the biometric process.

Some companies offering biometric digital identity proofing services that have achieved the ETSI TS 119 461 certification are Onfido, Sumsub, Veridas and IDnow.

Additionally, ETSI has outlined ETSI EN 319 401 policy requirements for TSPs, emphasizing risk management and information security. The objective is to ensure that organizations safeguard digital identity against present threats and have contingency plans to maintain operational smoothness in case of unforeseen events.

The certification includes various aspects of operational security, including access control, cryptographic controls, physical and environmental security, network security, and incident management.

These certifications are important for biometric identity verification service providers to ensure the security and reliability of the identity proofing processes, particularly those in the European market.

Related Posts

Article Topics

 |   |   |   |   |   |   |   |   | 

Latest Biometrics News

 

Yoti trumpets NIST age estimation results and testing plans

A new facial age estimation algorithm submitted by Yoti to the U.S. National Institute of Standards and Technology has placed…

 

Indonesia tests new digital ID system, calls on ASEAN to speed up DEFA negotiations

Indonesia is rolling out the limited release of its new digital government platform INA Digital. In this first phase, INA…

 

Colorado legislators wrangle laws on facial recognition in schools, data protection

Regulatory winds are blowing from both directions in Colorado, where a moratorium on AI facial recognition cameras in schools is…

 

Ethiopia kicks off digital ID enrolment drive in Addis Ababa

A month-long digital ID enrollment campaign gets underway in the Ethiopian capital, Addis Ababa, today October 10 in a move…

 

mDL authentication and biometrics among new modules from Veridocs

Kentucky-based authentication and identity management software maker Veridocs has launched modules for mobile driver’s license authentication, biometrics, mobile device verification…

 

Moldova works on aligning digital ID regulation with eIDAS 2.0

Moldova is working on aligning its digital ID regulation with the European Union and its Digital Identity (EUDI) Wallet. The…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events