Cybersecurity company 1Kosmos—a provider of digital identity verification with technology including biometrics and paswordless authentication—unveiled its new Credential Service Provider (CSP) managed service for identity verification in government agencies.
Identify theft is an ongoing and increasing problem as more services are moved online. According to a 2023 report from the U.S. Department of Justice's Bureau of Justice Statistics: "In 2021, an estimated 23.9 million persons, or about 9 percent of all U.S. residents age 16 or older, reported that they had been victims of identity theft during the prior 12 months."
Many of these identity thefts are used for fraudulent activities involving government services, the DOJ's report indicated. Some of the activities include filing fake income tax returns, concealing one's identity from law enforcement or other government agencies like the Department of Motor Vehicles, and applying for government benefits which one may not be entitled to.
To combat this fraud, government agencies are increasingly looking to hardened identity verification offerings. For example, New York State rolled out NY.Gov IDs for state employees and residents to securely access online services.
1Kosmos' CSP offering provides digital identity verification that supports up to certified NIST Identity Assurance Level 2 (IAL2), up to certified NIST Authentication Assurance Level 2 (AAL2), and multifactor authentication, according to a statement from the company.
"Virtually every government agency at the federal, state, tribal, and local level is modernizing resident services which all require immutable digital identity verification," said Hemen Vimadalal, CEO of 1Kosmos, in the statement. "With the 1Kosmos CSP service, we are providing the government sector with a low friction, intuitive and user-directed way to enroll and verify their identity that meets the highest assurance level standards available today."
The company touted other features of its CSP service, including the ability to detect synthetic and stolen identities; and credentialing data stored in "in a decentralized framework and accessed via FIDO2 certified public-private key cryptography."
That data storage "supports sharing or federation only upon explicit consent by the user in the form of a tamper-evident, reusable and verified credential and avoids creating data lakes of PII [Personally Identifiable Information], which are rich targets for cyber attacks," the company said.
1Kosmos said next on its road map is acquiring "an Authority to Operate (ATO) under the Federal Risk and Authorization Management Program. FedRAMP promotes "the adoption of secure cloud services across the U.S. government, providing a standardized approach to security assessments for cloud service offerings," according to Fedramp.gov.
