Definition
NIST SP 800-63A Identity Assurance Level — measures the robustness of identity proofing. IAL1: self-asserted identity (no verification); IAL2: remote or in-person identity proofing with verified evidence (driver's license + biometric, knowledge-based verification); IAL3: in-person or supervised remote with biometric collection. Federal agencies require IAL2 for moderate-impact transactions, IAL3 for high-impact.
- Synonyms
-
- Identity Assurance Level (NIST)
- Discouraged variants
-
- **NIST SP 800-63-4** SP-A (Identity Proofing)
- Application
- Regulatory: NIST SP 800-63 (Digital Identity Guidelines)
- Standards & regulations
-
- NIST
- Sources
-
- NIST SP 800-63A (Identity Assurance Levels) primary source
Related terms
-
Identity Provider (IdP)
System that authenticates users and issues identity assertions (SAML responses, OIDC ID tokens) to relying parties. Cent …
-
Relying Party (RP)
Application or service that depends on an Identity Provider to authenticate users and provide identity assertions. In SA …
-
Authenticated Identity
Authenticated identity is a party or user identity that has been verified by an authentication process and can therefore …
-
Digital Wallet
A digital wallet is a software-based service that stores payment instruments or other digital assets and enables users t …
-
Federated Identity
Federated identity is an identity arrangement in which a user’s authentication and related identity attributes are provi …
-
Identity as a Service (IDaaS)
Identity as a Service (IDaaS) — cloud-based delivery model for IAM functions (SSO, MFA, directory, lifecycle management, …