Identity and authentication assurance levels

Audience: Organizations
Audience: All notaries

The short answer: NIST (National Institute of Standards and Technology) Digital Identity Guidelines define assurance levels that determine how confidently a platform can verify who someone is — both at enrollment (IAL) and at login (AAL). Proof uses these frameworks to meet compliance requirements, reduce fraud, and protect user data.

IAL and AAL work together as part of a layered security approach:

  • Identity Assurance Levels (IAL) focus on how confidently an organization can verify a person is who they claim to be during initial enrollment.
  • Authenticator Assurance Levels (AAL) determine how securely users prove their identity during subsequent logins.

IAL2 — Identity Assurance Level 2

IAL2 is the middle of three identity proofing levels and strikes a good balance between strong protection and user convenience. To be IAL2-compliant, a platform must do both of the following:

  • Validate a government-issued photo ID.
  • Confirm the authenticity of identifying information through record checks.

Businesses, title agents, and lenders can choose IAL2-compliant identity verification when creating certain transactions. An IAL2-compliant identity verification transaction on the Proof platform includes knowledge-based authentication, credential analysis of a primary ID, and selfie comparison.

Learn more about how to create transactions that use IAL2 identity verification:


AAL2 — Authenticator Assurance Level 2

AAL2 is the middle of three levels that determine how users prove their identity at login. To be AAL2-compliant, a platform must use multi-factor authentication (MFA) — requiring users to provide two different types of verification.

Users must provide #1 and either #2 or #3 from the list below:

  1. Something they know (like a password)
  2. Something they have (like a security key)
  3. Something they are (like a fingerprint)

AAL2 significantly reduces the risk of account takeovers and unauthorized access compared to single-factor methods, making it essential for protecting valuable data and transactions.


Summary Checklist

  • IAL2 requires validating a government-issued photo ID and confirming identity through record checks.
  • IAL2 on Proof includes KBA, credential analysis, and selfie comparison.
  • AAL2 requires MFA: a password plus a security key or biometric.
i
Still unsure? Contact Proof Support for help.

Updated

Was this article helpful?

3 out of 5 found this helpful