Solved

Identity Proofing, Identity Verification

Posted on 2016-07-17
6
26 Views
Last Modified: 2016-07-22
I am trying to gain a better understanding of identitiy proofing vs identity verification. So far there are 2 types of identity proofing that I am aware of (from the Security Plus Book)

1) 1a. Identity Proofing - Occurs before an account is setup (such as requiring a physical drivers license to setup a bank account, answering questions about your credit report to setup a new online credit card)
2) 1b. Identity Proofing - Random questions about address or you have lived in the past, bank accounts you have had, previus jobs etc, on a transaction by transaction basis to complete a sensitive operation within a bank account (such as a wire transfer).

Now here is my question, how is identity verification different than the above? I am having a hard time understanding the differences between the two points (proofing and verification).

Thanks,

Robert
0
Comment
Question by:castellansolutions
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 95

Accepted Solution

by:
John Hurst earned 500 total points
ID: 41715974
The way you put it above:

1. When you apply for a bank account, you need at least 2 pieces of identification, one of which is Photo ID with your current address. You may be required to prove your current address if you have moved in the last 90 days (e.g. Utility Bill with your name on it. The bank will do a credit check.

2. Now the account is open and you need an account, a PIN and they will likely make you have a phone security question or 3 online security questions.

1 is proofing, 2 is verification
0
 
LVL 64

Expert Comment

by:btan
ID: 41716189
Like the before and after identity provisioning lifecycle of online services
1. To show proof of yourself (establish your detail for trust check)
2. To verify claim of oneself (establish authentication check against your proof provided)
0
 
LVL 6

Author Comment

by:castellansolutions
ID: 41716222
Yeah maybe I am not asking the question right. the book I am reading clearly states there are 2 types of identity proofing. as described by me (page 67 of 518, location 2740 of 15142) in the amazon reader. the book is CompTIA Security+ SY0-401, by Darril Gibson.  

I am unclear on the differences between proofing and verification still. I think its the same thing at this point just done differently or at different times.
0
Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

 
LVL 95

Expert Comment

by:John Hurst
ID: 41716226
My answer 1 covers both your questions on identity proofing. Once the bank has verified you, they will stop asking proofing questions and ask verification questions (much quicker).
1
 
LVL 6

Author Comment

by:castellansolutions
ID: 41716231
You know what John. You are right!! I think I was just over doing it. The title of the chapter says verifying identities with identity proofing and provides those 2 answers.

Thanks.
0
 
LVL 95

Expert Comment

by:John Hurst
ID: 41725480
You are very welcome and I was happy to help.
0

Featured Post

What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Keystroke loggers have been around for a very long time. While the threat is old, some of the remedies are new!
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question