Identity Confirmation

Confirm Identity & lock away data
with Luciditi GlassVault

Confirm an individuals’ identity at a point in time without the responsibility to hold the underlying data.  Retain break-glass access for emergency situations.

Scroll

The Identity Verification and Data Security Dichotomy

By definition, remotely verifying someone’s identity to a high level of confidence requires the processing of a lot of sensitive personal information including facial, identity document images and often credit file data.

When a requesting party uses a Digital Identity for verification – for a process or transaction which may exist beyond the lifetime of the ID – it is necessary to keep a point-in-time record of the data supplied for audit and often regulatory purposes.

Normally, this requires the data it to be duplicated and recorded outside of its originating secure environment – which point it is no longer in the control of the user or system that gathered it.

Furthermore, the requesting party now has the additional responsibility and high cost of keeping that very sensitive data safe from loss, be able to supply it for FOI requests and prevent hackers getting hold of it.

Failing to do any of those things puts that business at severe risk of financial penalty and reputational damage if something goes wrong. Unfortunately, the increasing number of serious data leaks reported over the last couple of years suggest its safer to assume when rather than if.

So how do you achieve confidence that an individual is who they say they are without increasing risk?

Step forward Luciditi GlassVault.

Apply for your Luciditi Business Account

Comply with Age and Identity Regulation | Conduct Right to Work Pre-Employment Checks | Protect minors from inappropriate content and services | Secure Exchange Sensitive Data in Real-Time | Protect your cyber-perimeter with Passwordless Authentication. Signing up is free!

GlassVault, a Digital Escrow for Sensitive Data

We have approached this tricky problem by providing requesting parties with the confirmation that the identity is authentic by verifying only the minimum amount of data about an individual, providing a Luciditi User ID and a unique reference to an identity confirmation transaction held in GlassVault.

GlassVault is a time-limited store of identity data recorded when a user consented to its access by a requester.

Rather than supplying it to the requestor directly, Luciditi records a GlassVault transaction and send a reference to it back in response.

Since GlassVault data is encrypted with requesters keys only they can access it between the time of request and the time of auto-expiry. Even if the user deletes their Luciditi ID, the GlassVault-held data remains intact.

Transparent Legitimate Access

Users can see when their data is recorded in GlassVault and if it has ever been accessed. This is an important feature which builds trust between all parties and provides assurance to the user that their data remains secure and is not being used without their knowledge.

If a legitimate situation arises – such as a social media company needing to provide details of a user to the authorities – it is possible to access the data within Luciditi by providing a valid reason. The data owner will be notified in this event and can see the reason for access.

Service Monitoring

To prevent misuse by compromised systems, Luciditi actively monitors GlassVault access to prevent malicious access to data.

Suspicious access patterns or unexpected request volumes automatically disable requests and trigger a human intervention.

Luciditi GlassVault acts as an ‘Automated, secure escrow agreement for highly sensitive data’

BENEFITS

Legitimate Data Access, When absolutely necessary

Business

  • Remotely verify individual identity to a high level of confidence
  • Does not increase risk of sensitive data exposure
  • Does not increase costs associated with additional secure storage mechanisms
  • Ability to access data in legitimate situations (e.g. for law enforcement)
  • Demonstrates a responsible approach to data storage with transparent legitimate access disclosure
  • Demonstrates a responsible approach to data storage with transparent legitimate access disclosure

Data Owner

  • Consent to time-limited data access
  • Realtime alert if data accessed, by who and for what reason
  • Record of GlassVault data and when due to expire
  • Knowledge that requestor does not have access to the data used to confirm identity