PingOne

Use cases

The following are common uses for the PingOne Verify Integration Kit.

Account Recovery

For password reset and sign-on flows, a malicious user could try to reset the password of an account other than their own by using their own ID.

To prevent this:

  1. Set up a comparison in the PingFederate policy to check if the identity verified matches the user’s record.

  2. After the PingOne Verify Integration Kit succeeds, confirm that the first and last names of the verified ID match those in the directory for the username that was entered on the sign-on or forgot password page.

Authentication

When a user signs on, you can use PingOne Verify to verify a user’s identity instead of, or in combination with, a standard multi-factor authentication (MFA) step.

For example, you might use PingOne MFA by default and only trigger PingOne Verify based on:

  • Frequency: For example, annually.

  • Group: For members of the "contractors" group.

  • Account Age: For accounts made in the last two months.

  • Past Verification: For users that have never completed the verification process.

  • Security Risk: For users with a PingOne Protect risk evaluation of MEDIUM or HIGH.

You can create these rules in your PingFederate authentication policy.

Registration

When a person registers a new user account, you can use PingOne Verify to verify their identity against information from a government photo ID. For example, an address.

By requiring identity verification, you can reduce the number of accounts created by bots, spammers, and imposters.