IPSP – Identity Proofing Service Provider Assessment
The certification scheme for Remote Identity Verification Service Providers (PVID, or Prestataires de service de Vérification d’Identité à Distance) was opened in France on April 1st, 2021 following the publication by the French National Agency for Information Systems Security (ANSSI) of the standard drawn up jointly with the French Treasury.
The European standard to certify IPSPs is the ETSI TS 119 461, published in July 2021.
Beyond a specific sectoral need, these standards constitute the basis of an evaluation scheme for Identity Proofing Services, whatever the level of guarantee (substantial and high) and whatever the regulatory framework.
This certification is intended for all types of companies or services whose activity is remote identity verification or which plan to develop this activity in a broader context.
This certification is issued on the basis of three types of assessment tasks:
- Assessment of the conformity of the service,
- Computer and physical tests of the effectiveness of the service on the biometric aspect,
- Tests of the effectiveness of the service on the identity document component (carried out by the administration).
The certification attests to the provider’s compliance with:
- Contractual aspects, legislation and regulations and impartiality,
- Protection of information,
- The quality and security requirements of its verification processes,
- The competence of its auditors for qualified activities,
- The reliability of the electronic identification means used for the acquisition of verification data.
The certification is issued for two years, without the need for monitoring. A full audit is required every two years to renew and maintain this certification.
LSTI and CLR Labs, as partners, offer all three types of tasks: conformity assessment (LSTI) and computer and physical assessment of the effectiveness of the biometrics component.