Verification of Identity
Verification of Identity
Verification of Identity is required for numerous applications. Many people or organisations you deal with may need to know that they are dealing with a real person and that their identity has been verified. For example, if you open a bank account you are obliged to identify yourself to the bank.
Some of the organisations that may need to identify you are Banks, Superannuation companies, Car Hire, Accommodation, Telcos, Government, Land Transfer and numerous other entities.
What is most important is that, not only should you properly identify yourself when required, but that the organisation that identifies you, keeps your identity safe! Every time you identify yourself, you risk having your identity documents misused. For instance, many people have been subject to having their identities stolen when the company/organisation they have identified themselves to does not adequately secure their identity. Three recent hacks of major organisations have shown us how vulnerable citizens are to identity theft, because these organisations have improperly dealt with your identity documents.
PharmacyID takes information technology security seriously
That is why PharmacyID deal with several large Commonwealth government departments, and numerous State government departments. They know that IT security is paramount to PharmacyID and the risk of Identity Theft is mitigated.
Here’s some of the measures PharmacyID take to ensure the security of personal information.
- IRAP Assessment. IRAP is one of the most high-level measures an organisation can take to gain the highest IT security levels in Australia. IRAP is governed and administered by the Australian Cyber Security Centre (ACSC). See here for more information in regard to IRAP.
- Highest Level Identity Proofing in Australia. PharmacyID use many of the same methods of Identity Proofing as competing companies in Australia, however, PharmacyID takes Identity Proofing to the highest level by providing face-to-face identification. PharmacyID use:
- Facial matching biometrics. An uploaded selfie is biometrically matched to the photo on the government I.D. document (i.e. passport, drivers licence). For government, PharmacyID can access the photograph on the passport chip.
- Liveness Detection. Another biometric ensures that the applicant is actually a real person, with liveness detection.
- Document Verification Service (DVS). PharmacyID is a DVS Gateway Service Provider (GSP) and authenticates most government issued documents to ensure that they are authentic and legitimate. See more here
- Whilst all of the above provide a degree of certainty when identifying an individual, nothing can provide the added security of having the individual present themselves at a pharmacy and have the pharmacist (a) sight their original identity documents and (b) sight the owner of the documents in person and (c) match the I.D. documents to the documents listed in the online application to ensure that the correct person is presenting for the face-to-face verification of identity.
- All data is held in Microsoft Azure and this data is all held onshore.
- PharmacyID use 2FA for all email accounts and use six-digit tokens sent to smart phone. (The applicant has 30 seconds to log onto the email account).
If you require Verification of Identity Services, please call PharmacyID (03 9379 3383) for more information.
VoI is Verification of Identity. Whether you open a bank account, buy a phone, hire a car, open a superannuation account, or get a police check, you must identify yourself to the organisation you are dealing with. In many cases VoI is mandatory, especially with government services and with financial services. In some cases, it is a protocol, but it is also prudent for these organisations to know who they are dealing with.
A bank will conduct VoI on a person wishing to open a bank account. They do so in accordance with rules for the financial sector whereby they must Know Your Customer (KYC). Many organisations do their own VoI and some contract these services out to organisations that specialise in VoI (such as PharmacyID). For things such as Police Checks, accredited agencies carry out VoI in accordance with contractual obligations with the Australian Criminal Intelligence Commission (ACIC).
The answer to this, unfortunately, is Yes and No. Many organisations do not take the security of their client’s identity documents and personal details seriously. You will all be aware of the recent massive hacks of large organisations, leading to the loss of identity for millions of Australians. A large U.S. organisation operating in Australia lost the personal information of 147,000,000 in the U.S. in 2017.
Below we detail why we believe PharmacyID is the safest VoI company in Australia. Is VoI safe with PharmacyID? Yes.
PharmacyID collect personal information about people for VoI and for such services as Police Checks. The information is collected in accordance with the PharmacyID Privacy Statement. PharmacyID is undoubtedly the safest VoI company in Australia. Here are a few of our credentials:
- PharmacyID have an IRAP assessment. Very few other organisations can make this claim. IRAP is a security assessment under the auspices of the Australian Signals Directorate. For more information about IRAP please click here.
- All PharmacyID data is held in the most secure servers in Australia, that being Microsoft Azure. Microsoft Azure has its own IRAP assessment. All data is held on the east coast of Australia.
- No PharmacyID data is sent overseas. All PharmacyID data and all PharmacyID staff are located in Australia.
- PharmacyID websites are WCAG 2.1 compatible.
- PharmacyID is a Gateway Service Provider (GSP) for the Document Verification Service (DVS). PharmacyID can build in the DVS for all applications.
- PharmacyID use AES265 encryption. AES 265 is the strongest encryption possible, and it has never been hacked. This means your data is safe with us.
- PharmacyID use RESTful API’s and can integrate any of our VoI components within your applications.
- PharmacyID use two types of biometrics. These ensure that we properly identify people. This is safe for the applicant, and it gives added surety to the organisation requesting the VoI. The first biometric is a facial matching service which matches a “selfie” with photos on I.D. documents, such as drivers licences, passports etc., For government, PharmacyID can access the photo on the chip of the passport. The second biometric is a Liveness Detection and is form a separate independent source. The Liveness Detection ensures that a real live person is making the application.
- Our competitors pooh pooh our face-to-face service at our PharmacyID network pharmacies. They state that face-to-face is not required. The reason they will tell you this is because they do not have the PharmacyID network. Whilst biometrics and digital identification is reasonably secure, there is only one way to avoid criminals circumventing the digital process, and that is by visiting a nearby pharmacy and showing the pharmacist your original I.D. documents which will be compared to the documents he can view online. He/she then also looks at the photographs on the documents and compares them to the person presenting the I.D. documents. Face-to-face is now mandatory for many government departments. The only way to be certain about a person’s identity is to take the last step in the VoI process and use the PharmacyID pharmacy network.
- PharmacyID conduct VoI from start to finish. We don’t need to exit our database to do any checks, such as DVS etc. Because everything is conducted under the one roof, our Log of Events captures details of each and every application from start to finish. I.e.. From the time a person commences an application we capture their ISP, we know every time they log on and log off, and we can even tell the name and address of the pharmacist involved in the face-to-face and can also advise the exact time to the second, of the transaction with the pharmacist. This process was advised by AUSTRAC as being highly secure and desirable.
PharmacyID pharmacies are ubiquitous throughout Australia. They are available in cities and most towns in Australia.
PharmacyID have several partnerships whereby existing services incorporate PharmacyID services, such as DVS, Biometrics and Face-to-face at pharmacies. If you wish to partner with PharmacyID and boost your service offerings, please call our office on 03 9379 3383.