Identity Management Innovation, transforming identity assurance enrolment functions
Security of the NGID*Trust Platform™ Managed Service
Security is the cornerstone within each architectural layer of the NGID*Trust Platform™. Going beyond mandated physical and logical security requirements, the multi-layered security includes automated measures and assessments. The NGID*Trust Platform™ MSO is audited and certified to adhere to the technical standards, implementation directives, and operating guidelines established by the National Institute of Standards and Technology (NIST) and Federal Government Directives.
NextgenID ID*CAPTURE Kiosk’s patented technology, you can perform all levels of identity assurance enrolment functions, including IAL3, in-person operator and applicant compliance.
NextgenID ID*CAPTURE Kiosks complies with applicable government standards including ADA, FBI, GSA, HSPD-12, NIST, ISO, ANSI, HSPD 12, PIV, PIV-I and CAC.
Management & Services
NextgenID ID*CAPTURE Kiosks enables tenants to federal multiple workflows based on their requirements using our management services and Identity as a Service solutions.
The NextgenID*TRUST Platform™
is one of very few U.S. government-certified, end-to-end turn-key solutions for trusted identity enrollment, issuance and management services. A turnkey managed service, it provides enrolling, credentialing and managing trusted identity credentials across the global enterprise. Flexible, scalable and secure it combines people, process, and technology to deliver a total end-to-end credential management and delivers cost effective, on-premise credentialing solutions.
A sound portfolio of security protections
All system administrative activities require two-factor authentication – Smart Card and PIN, system role authorization and must be conducted by two certified administrators.
Separation of duties
All system users require certification through training specific to their function, and mandatory separation of duties prevents accidental or intentional violations of system, user or network actions.
RBAC in action
Role-based access control (RBAC) allows organizations to define who can carry out specific functions, allowing for centralized, delegated or self-service operations models.
Web and mobile security
Functions are delivered via web-based multi-stage workflows or through an identity agent application on a mobile platform, combining security with ease of use.
Cryptographic audit trails
System administrators use smart cards to digitally sign operations that they perform resulting in a complete audit trail, full traceability and non-repudiation of actions.
Encryption at rest
All sensitive fields contained in the systems databases are explicitly encrypted at rest, using Hardware Security Module (HSM) integrated key management security.
Encryption in transit
All external communications are protected using TLS at the transport layer and secure data envelopes at the application layer. During transmission, the system uses high-integrity ‘secure channels’ to deliver end-to-end encryption.
Biometric enrollment data collected at the ID*Capture® Kiosk is encrypted and transmitted to the backend servers. Upon successful transmission, the enrollment data is purged from the Kiosk.
Strong physical security
The data center has a very high degree of physical security enforced by a GSA-approved physical access control system. Security cameras, motion detectors and an alarm system with 24x7 monitoring protects the facility.
To ensure that no one person can access to the servers, entrance to the data center requires two authorized administrators to simultaneously authenticate at smart card door readers. In addition, no remote access or administration is enabled.
Sound key management
Cryptographic keys, such as the management keys for smart cards and credentials, are stored on a Hardware Security Modules (HSM).
NextgenID follows the policies and procedures specified in the Certificate Policy approved to be cross certified to the Federal PKI Bridge.
Resources & Case Studies
Take a brief minute to go through our papers and case studies that may save you some time and effort.
NextgenID's Latest News
April 29, 2020
NextgenID Presents Identity-as-a-Service, Minimizing Identity Enrollment Costs and Offering Long-term Savings
April 15, 2020
NextgenID Announces Supervised Remote In-person Proofing to Enable Government Agencies’ HSPD-12 Identity Credential Issuance to Comply with COVID-19 Safety Guidelines
Jan 13, 2020
NextgenID’s Newly Appointed CEO Continues Support of the Secure Technology Alliance
Jan 7, 2020
Zeva Holdings Group Announces Acquisition of Identity & Access Management Company NextgenID & Names New CEO