| Trustmark Definition Name | Version |
|---|---|
|
Credential Service Providers engaging in unsupervised remote identity proofing must verify the applicant's address.
|
1.0 |
|
Credential Service Providers must use an authenticated and protected channel for identity proofing transactions involving third parties.
|
1.0 |
|
Credential Service Providers should use fraud mitigation measures to increase confidence during identity proofing. These fraud mitigation measures must undergo risk assessments properly documenting all mitigations.
|
1.0 |
|
Credential Service Providers must have a written policy and/or procedure describing how a trusted referee is determined and describing the lifecycle by which they retains their status.
|
1.0 |
|
Credential Service Providers must have a written policy or practice statement that details the identity proofing and enrollment processes that they perform.
|
1.0 |
|
Credential Service Providers must maintain audit logs recording all steps taken to verify the identity of applicants.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement USABLE-5: ACCESSIBILITY.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement INTEROP-8: ACCOUNTABILITY.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-12: ANONYMITY.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-3: ATTRIBUTE MINIMIZATION.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-15: ATTRIBUTE SEGREGATION.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-9: AUTHENTICATION RISK ASSESSMENT.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-13: CONTROLS PROPORTIONATE TO RISK.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-5: CREDENTIAL ISSUANCE.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-4: CREDENTIAL LIMITATION.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-4: CREDENTIAL PROTECTION.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-3: CREDENTIAL REPRODUCTION.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-6: CREDENTIAL UNIQUENESS.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-5: DATA AGGREGATION RISK.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-2: DATA INTEGRITY.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-1: DATA MINIMIZATION.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement PRIVACY-14: DATA RETENTION AND DISPOSAL.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement INTEROP-5: DOCUMENTED PROCESSES.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-11: KEY MANAGEMENT.
|
1.0 |
|
Specifies requirements in accordance with Identity Ecosystem Framework (IDEF) requirement SECURE-8: MULTIFACTOR AUTHENTICATION.
|
1.0 |
