We've updated our Privacy Policy. For more information about how ID.me may use your information, and to understand your privacy rights, please review our Privacy Policy.
Multi-Factor Authentication (MFA) provides a high level of security for logging in online - ensuring only verified users are granted access. Implementing MFA protects accounts from hackers and account takeover.
MFA can be customized based on your internal policies using knowledge, possession, and/or biometric authentication methods. Two or more of these methods will achieve MFA. When implemented, MFA mitigates hacking vulnerabilities associated with each method.
More than two in three people reuse passwords for their online accounts. Once a password is compromised, accounts using that password are at risk*.
Smartphones and other devices can be stolen, compromised with malware, or bypassed through SS7 vulnerability exploits.
Biometric authenticators are vulnerable to replay attacks (e.g. masks, fake videos) as faces and voices are inherently public traits.
*Google/Harris Poll, February 2019 and Verizon Data Breach Investigations Report, 2018
Once an individual’s identity has been verified, ID.me requires MFA for some subsequent high-assurance transactions. ID.me offers a comprehensive set of MFA options that align to each organization’s internal policies for authentication. This allows all users to securely log in.
SMS (OTP)
Landline (OTP)
Native App
Push Notification
Native App
Code Generator (TOTP)
FIDO U2F Security Keys
Provide options for all users to enroll in MFA to protect their account from takeover. Our MFA solution supports SMS OTP, Voice OTP (for users who don't own mobile phones), Push Notifications and Code Generator TOTP, and FIDO U2F keys for the most security conscious users.
ID.me's MFA solution complies with NIST 800-63-3 Authenticator Assurance Levels (AAL) 2 and 3 and FIPS 140-2. Our solution also complies with the DEA's requirements for Electronic Prescription for Controlled Substances.
Instantly elevate the security and accessibility of password based logins by implementing ID.me's complete MFA solution. Configure MFA requirements by policy and according to the specific risk of your workflow.