US Patent Office joins federal trend in outsourcing digital identity verification

The U.S. Patent and Trademark Office (USPTO) has formally integrated ID.me as a digital identity verification provider for users accessing the Patent Center platform. The move aligns USPTO with a growing number of federal entities that have adopted commercial identity verification technologies in lieu of maintaining internal authentication mechanisms, citing cost-efficiency, fraud prevention, and modernization goals.

Through this partnership, USPTO now requires new users — particularly those seeking to file or manage patent applications through the Patent Center — to create or link an ID.me account to gain access.

ID.me is a Virginia-based private company known for its face biometrics-based identity verification services and its partnerships with agencies such as the IRS, Veterans Affairs, and Social Security Administration. Its growing influence within the federal authentication ecosystem has drawn both praise and scrutiny, especially as agencies increasingly outsource digital identity management functions to private actors with limited transparency.

For USPTO, the integration of ID.me is part of its effort to comply with federal identity and credential access management policies, including those guided by National Institute of Standards and Technology standards and Office of Management and Budget mandates aimed at strengthening cybersecurity and ensuring secure user access to sensitive government services.

ID.me was also piloted by the USPTO for access to its trademark register in 2021.

The adoption of ID.me for Patent Center users is particularly notable given that it replaces USPTO’s previous login system for many functions, including application submissions, document downloads, and communications with patent examiners.

Now, users — including patent attorneys, agents, and inventors – are prompted to verify their identity through ID.me’s system, which typically requires the submission of government-issued identification, biometric verification via facial recognition, and in some cases, live video interviews to complete the credentialing process. This requirement applies whether the user is registering for the first time or migrating from the now-deprecated MyUSPTO authentication system.

USPTO’s move comes amid an ongoing debate about the risks and merits of biometric identity proofing and the centralization of user data by companies like ID.me. Critics, including civil liberties groups and privacy advocates, have raised concerns over ID.me’s use of face biometrics, citing a lack of federal regulation, opaque retention policies, and the risk of data breaches or misuse.

Several federal audits and congressional inquiries have previously highlighted these concerns, particularly after ID.me was found to have understated the extent to which it used one-to-many (1:N) facial matching in some government deployments.

Despite these issues, USPTO has proceeded with the integration, justifying it as a necessary step toward securing high-value government systems from fraud and unauthorized access. The agency has offered limited public explanation regarding its vendor selection process or the duration of the ID.me agreement, although it maintains that its systems conform to current federal privacy and cybersecurity requirements.

Users who do not wish to use ID.me currently have no equivalent alternative, although some internal communications suggest that USPTO may eventually allow for other approved credential service providers to be added as options.

USPTO’s move to ID.me is part of a broader federal shift toward externalized identity proofing in which federal agencies have similarly embraced ID.me or Login.gov. However, unlike Login.gov, which is run by the General Services Administration, ID.me remains a private entity, raising questions about oversight, appeals processes, and long-term data governance.

Access to many federal government services is required to be carried out with systems adhere to NIST’s IAL2 standard. Both Login.gov and ID.me are meet the standard, but it has been a struggle for Login.gov, which created a market opening for ID.me.

As of now, the U.S. Patent and Trademark Office does not offer Login.gov as an alternative to ID.me for identity verification when accessing the Patent Center.

As USPTO continues to modernize its IT infrastructure under the Trump administration’s tech efficiency and security mandates, the reliance on vendors like ID.me underscores a deeper transformation in how the federal government manages user identities and access across its platforms.

Article Topics

biometrics  |  digital ID  |  face biometrics  |  IAL2  |  ID.me  |  identity verification  |  U.S. Government