E-Authentication: Making Trust Possible


Home > Frequently Asked Questions

question icon What is meant by level of assurance?

answer icon Level of assurance is a complicated concept that has several components. Online government services and Identity Providers are rated on a scale of 1 to 4, with 1 being low and 4 being high, depending upon several factors.

For online government services, the factors include the level of risk to the application if an incorrectly identified end user is allowed to access the service to perform one or more transactions. For example, an online government service where incorrectly identifying an end user might result in personal injury would likely be assigned an assurance level of at least 3.

For an Identity Provider, the risk is measured by how well the Identity Provider establishes the identity of the end user (i.e. must the end user appear in person and present 2 forms of photo identification, or can the end user simply sign up for an account and make up an account name, such as your_name@Internetserviceprovider.com).

When an end user selects both an online government service and an Identity Provider, the E-Authentication Portal checks to see if the level of assurance for each system is appropriate for use with the other system. The assurance level of the Identity Provider must be equal to or higher than the assurance level of the online government service that the end user is trying to use.

To learn more about levels of assurance, please see http://www.whitehouse.gov/omb/memoranda/fy04/m04-04.pdf