What it is. ID.me Verification is a digital identity proofing service that lets a person prove who they are once and reuse that credential to sign in across participating sites. It aligns to NIST 800-63 IAL2 for identity proofing and AAL2 for authentication, and supports multi-factor authentication.

How it works

• Document + data checks: Capture and validate a government-issued ID. Automated checks analyze document security features and compare data against authoritative sources and mobile network operator signals.
• SIM/MNO insights: Assess whether the phone number and SIM are consistent with the claimed identity and account history, helping to flag SIM swap risk and synthetic identities.
• Biometric match with liveness: A live selfie is compared to the ID photo using facial biometrics with liveness detection to combat spoofing and deepfakes.
• Flexible proofing channels: Self-service online in minutes, a live video call with a trained trusted referee when needed, and in-person verification options for those who prefer or require it.
• Reusable credential: Once verified, users can sign in at other sites that accept ID.me without re-doing full proofing, reducing friction across journeys.
• Privacy and control: Only the attributes a site requests are shared. Users manage their credential and MFA methods in an ID.me wallet experience.

Why it matters

• Lower fraud: Identity proofing at IAL2 with biometric and telecom checks reduces account takeover and new-account fraud.
• Faster onboarding: Higher auto-approval rates and fewer manual reviews shorten time-to-access.
• Consistent sign-in: A reusable, standards-aligned credential simplifies cross-site access and reduces password support load.
• Compliance support: Alignment to NIST 800-63 IAL2/AAL2 helps programs meet policy and audit expectations.

What buyers should evaluate

• Risk coverage: Confirm liveness detection, selfie-to-ID matching, document forensics, and MNO/SIM analytics are used together, and determine how they mitigate deepfakes and SIM swap scenarios.
• User experience: Look for clear progress indicators, fallback to video referee, and in-person options without restarting the process. Assess average completion times and pass rates for your audience.
• Reusability and federation: Validate how the verified credential can be reused across multiple properties, what attributes can be shared, and how consent is handled.
• MFA breadth: Check available factors at AAL2 (for example, OTP apps, FIDO security keys, SMS as backup) and how recovery is handled to limit lockouts.
• Implementation: Review SDKs, web/mobile support, and orchestration options to tune step-up rules. Ensure accessibility and localization coverage.
• Data protection: Understand data retention, biometric handling, and deletion pathways. Verify transparency through published privacy and biometric policies.
• Operations and support: Clarify SLAs for the self-service flow and video referee wait times, plus dispute resolution processes.

Outcome to target

• Reduce fraudulent sign-ups and takeovers while maintaining high verified pass rates.
• Shorten onboarding from days to minutes with clear fallbacks for outliers.
• Offer a consistent, compliant digital experience across properties by reusing a single verified identity.