ETSI TS 119 461 certification: security requirements for digital identity proofing

The importance of digital identity proofing in the digital landscape is well established. Digital identity proofing plays a critical role in upholding security, trust, and regulatory adherence across various sectors and services. Organizations leverage identity proofing to safeguard against fraud and unauthorized access while facilitating secure digital transactions.

In July 2021, the European Telecommunications Standards Institute (ETSI) introduced technical standards in the form of ETSI TS 119 461 certification, defining security requirements for digital identity proofing services. This certification framework aims to govern the capture, processing, and validation of identity evidence, such as documents, data, or biometrics, to authenticate individuals.

By obtaining this certification, biometric companies can operate as Identity Proofing Service Providers (IPSPs) for Qualified Trust Service Providers (QTSPs) and Trust Service Providers (TSPs). It also establishes a framework for issuing qualified electronic signatures.

Requirements for achieving ETSI TS 119 461 Certification

The certification outlines the requirements for starting an identity proofing process, gathering attributes, verifying them, connecting them to the application, and issuing the digital identity proofing results.

The system requires that the presented attributes match the individual’s identification. A registration officer can establish the connection to the application either manually or automatically through biometrics.

Organizations need to establish strong authentication measures to store personal biometric data securely. The system must be capable of offering identity proofing services through various methods, such as on-site, video, automated hybrid, and NFC-based solutions.

Moreover, the system should adhere to a minimum Level of Identity Proofing (LoIP) in line with eIDAS (Electronic Identification, Authentication, and Trust Services) requirements. This standard will impact future industry regulations, including the 6th European Anti-Money Laundering Act (AMLD6) and eIDAS 2.0.

ETSI TS 119 461 Certification for Biometric Data Protection

The certification focuses on safeguarding biometric data through stringent standards for managing digital identity proofing services. It ensures biometric data capture, processing, and storage, following encryption protocols and secure data storage practices.

ETSI TS 119 461 is designed to align with the General Data Protection Regulation (GDPR), ensuring that biometric data is handled in accordance with pertinent EU data protection laws.

Industries such as financial and government services commonly utilize biometric identity proofing to verify customer identities. These services must comply with regulations like Know Your Customer (KYC) and Anti-Money Laundering (AML) rules, providing an additional security layer beyond traditional authentication methods.

Why does the certification matter?

Businesses that attain ETSI TS 119 461 certification adhere to best practices for biometric identity proofing, creating consistency and efficiency across different providers. This certification offers assurance to both businesses and end-users regarding the reliability and security of the biometric process.

Some companies offering biometric digital identity proofing services that have achieved the ETSI TS 119 461 certification are Onfido, Sumsub, Veridas and IDnow.

Additionally, ETSI has outlined ETSI EN 319 401 policy requirements for TSPs, emphasizing risk management and information security. The objective is to ensure that organizations safeguard digital identity against present threats and have contingency plans to maintain operational smoothness in case of unforeseen events.

The certification includes various aspects of operational security, including access control, cryptographic controls, physical and environmental security, network security, and incident management.

These certifications are important for biometric identity verification service providers to ensure the security and reliability of the identity proofing processes, particularly those in the European market.

Article Topics

biometrics  |  certification  |  data protection  |  digital identity  |  eIDAS  |  ETSI  |  ETSI TS 119 461  |  GDPR  |  identity proofing  |  identity verification