iProov has become the first and only vendor to meet the biometric verification requirements of the newly released NIST Special Publication 800-63-4 Digital Identity Guidelines. This recognition follows independent verification by an ISO-accredited lab confirming iProov’s Dynamic Liveness technology complies with the new CEN18099 injection attack standard, alongside its existing FIDO Face Verification Certification and multiple global accreditations for data security, privacy, and accessibility.
The updated NIST SP 800-63-4 guidelines set new technical and security baselines for digital identity systems used by the U.S. government, emphasizing resilience against deepfakes and AI-generated attacks. These guidelines also formalize requirements for phishing-resistant authentication at the highest assurance level (AAL3). Though U.S.-based, NIST standards are widely regarded as global benchmarks for trustworthy digital identity and are often adopted by governments and private institutions worldwide.
At the core of iProov’s achievement is its patented Flashmark technology, which powers Dynamic Liveness to verify genuine user presence in real time. By capturing unique, real-time biometric signals for each session, the system prevents spoofing, injection, and remote key exploitation—critical safeguards for AAL2 and AAL3-level authentication.
“iProov is the only company proven to protect against the full spectrum of real-world threats,” said Andrew Bud, founder and CEO of iProov. “In an era when AI-generated attacks are evolving faster than ever, biometric verification must be the new root of digital trust. Our technology, backed by the iProov Security Operations Center, provides proactive defense through continuous threat monitoring—going far beyond traditional security software.”
Blake Hall, founder and CEO of ID.me, added: “iProov has been a trusted partner in securing access to vital services for millions of Americans. Meeting NIST’s toughest standards demonstrates their leadership in providing scalable, inclusive, and fraud-resistant verification as AI-driven threats become increasingly advanced.”
iProov’s compliance with NIST SP 800-63-4 is underpinned by multiple certifications and test results that validate its readiness for the AI era:
• Injection Attack Detection (IAD): Passed CEN TS 18099 Level 2 (High) testing for protection against deepfakes and forged media—the world’s only IAD benchmark—verified by ISO 17025-accredited Ingenium Biometrics (September 2025).
• Presentation Attack Detection (PAD): Certified under the FIDO Face Verification Program, the global benchmark for PAD resilience against deepfakes, masks, and replay attacks.
• High-Assurance Identity Proofing: Certified to eIDAS 2 Level of Assurance High (equivalent to IAL3/AAL3).
• Information Security: SOC 2 Type II and CSA STAR Level 2 certified, confirming robust cloud and operational controls.
• Accessibility & Usability: WCAG 2.2 Level AA certified, compliant with U.S. Section 508 standards.
• Data Privacy: GDPR-compliant and recognized as a Qualified Trust Service Provider under eIDAS 2.
With these achievements, iProov solidifies its position as the trusted foundation for deepfake-resilient digital identity systems—setting a new global standard for secure, inclusive, and AI-aware verification.