Logo

Project Overview

Identicrypt is a suite of apps designed for government/enterprise level personnel identity, proofing and vetting management remotely.

3 primary applications with 100's of sub components: (Mobile ID) Public facing mobile application, (Verify ID) Administrative RBAC front and backend and (BioID) Workstation thick client for capturing biometrics.

IdentiCrypt, Mobile, Web Admin, Thick Client Capture

image

Opportunity / Goals / Solutions

OCurrent government installation access process is slow, full of security flaws and outdated.

GDesign/Create a system that can expedite proofing, vetting & credential issuance for individuals seeking government and or enterprise installation access.

SMobile friendly, smart card authentication, highly configurable policies and role based permissions, remote video proofing, scheduling, secure channel communications, facial recognition, machine learning, geo-location, NIST compliant and encrypted.

Research/Analysis

We started by deep diving into requirements and found that current standards require strict identity proofing (identity verification) via official documents, criminal database records checks and in some cases, background investigations for installation access.

When we began to discuss this concept, there were only a few companies that had a product to market. Verifai, Id.me, verified. These companies leveraged: Onfido, Jumio, FBI checks, Entrust, experian, local/state public records.

It's no secret that the public is not a huge fan of facial recognition and geo-location tracking so we opted to shift our focus to government institutions.

We isolated current issues with in-person identity verification and credential issuance creating an irrefutable need. Current time to proof a persons identity can take from 2+ hours to 5 months. This results in; traffic jams for enlisted/credentialed individuals, long lines, short handed staff and unprepared persons requesting access for a wide range of reasons increases frustration for all parties involved.

Interviewing contractors and prospective government applicants was limited, however, after speaking with sponsors, LEO's, BSO's and other administrative individuals I was able to generate some baseline personas.

In addition to interviews I was able to leverage my own personal experience with attempting to gain access.

Implementation

NIST 800-63 Documentation provided a guideline for Pii data handling for both logical and physical access control and driven by strict requirements for proofing and vetting as defined by OPM federal standards I created detailed flows, wire frames, components and prototypes in Figma.

I broke down overwhelmingly massive data structures into an MVP format for presentation and POC digestible components for developers to focus on. Ensuring that the gathering of Pii was quick and simple in order to reduce drop off. This required minimizing time required to register, entering information and utilizing different work flows based on type of access requested.

Conclusion/Reflection

We had an idea, but we needed a place for it to land. Interfacing, explaining and selling the product to high level decision makers, government on boarding sponsors/HR and enterprise level individuals proved to be roadblocked at every step.

Two years of exploration, iterations and pivots turned out to be quite an exercise in patience and perseverance. The public was not ok with facial recognition, geo-location verification and submittal of personal id documents. Innovation, out side of the box thinking, humanity centric design and development are NOT at the forefront of government software solutions. Despite our frustrations, we are still working on getting our MVP in front of other agencies and have not given up despite the roadblocks and hurdles.