Solved

Identity Proofing, Identity Verification

Posted on 2016-07-17
6
23 Views
Last Modified: 2016-07-22
I am trying to gain a better understanding of identitiy proofing vs identity verification. So far there are 2 types of identity proofing that I am aware of (from the Security Plus Book)

1) 1a. Identity Proofing - Occurs before an account is setup (such as requiring a physical drivers license to setup a bank account, answering questions about your credit report to setup a new online credit card)
2) 1b. Identity Proofing - Random questions about address or you have lived in the past, bank accounts you have had, previus jobs etc, on a transaction by transaction basis to complete a sensitive operation within a bank account (such as a wire transfer).

Now here is my question, how is identity verification different than the above? I am having a hard time understanding the differences between the two points (proofing and verification).

Thanks,

Robert
0
Comment
Question by:castellansolutions
  • 3
  • 2
6 Comments
 
LVL 93

Accepted Solution

by:
John Hurst earned 500 total points
ID: 41715974
The way you put it above:

1. When you apply for a bank account, you need at least 2 pieces of identification, one of which is Photo ID with your current address. You may be required to prove your current address if you have moved in the last 90 days (e.g. Utility Bill with your name on it. The bank will do a credit check.

2. Now the account is open and you need an account, a PIN and they will likely make you have a phone security question or 3 online security questions.

1 is proofing, 2 is verification
0
 
LVL 62

Expert Comment

by:btan
ID: 41716189
Like the before and after identity provisioning lifecycle of online services
1. To show proof of yourself (establish your detail for trust check)
2. To verify claim of oneself (establish authentication check against your proof provided)
0
 
LVL 6

Author Comment

by:castellansolutions
ID: 41716222
Yeah maybe I am not asking the question right. the book I am reading clearly states there are 2 types of identity proofing. as described by me (page 67 of 518, location 2740 of 15142) in the amazon reader. the book is CompTIA Security+ SY0-401, by Darril Gibson.  

I am unclear on the differences between proofing and verification still. I think its the same thing at this point just done differently or at different times.
0
Simplifying Server Workload Migrations

This use case outlines the migration challenges that organizations face and how the Acronis AnyData Engine supports physical-to-physical (P2P), physical-to-virtual (P2V), virtual to physical (V2P), and cross-virtual (V2V) migration scenarios to address these challenges.

 
LVL 93

Expert Comment

by:John Hurst
ID: 41716226
My answer 1 covers both your questions on identity proofing. Once the bank has verified you, they will stop asking proofing questions and ask verification questions (much quicker).
1
 
LVL 6

Author Comment

by:castellansolutions
ID: 41716231
You know what John. You are right!! I think I was just over doing it. The title of the chapter says verifying identities with identity proofing and provides those 2 answers.

Thanks.
0
 
LVL 93

Expert Comment

by:John Hurst
ID: 41725480
You are very welcome and I was happy to help.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
On Beyond Tools A conversation I recently had with the DevOps manager of a major online retailer really made me think about DevOps monitoring tools (https://www.onpage.com/devops-incident-management-tool/). The manager and I discussed how sever…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

825 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question