Verv IAM Identity Federation

Identity Management for Internet User Access to Secure Systems See Verv IAM product information.

Verv IAM allows you to protect your existing identity management systems for the public internet. Today communications are global, with interconnectivity across international boundaries. The current generation of security technology is no match for well funded attackers, better resourced than the average large corporation and government spending on cyber defence. The best protection for private data is encryption. Only the account holder has access to clear text private details at the time of input into the browser. Verv IAM provides a secret key and PKI key pair for each account holder, rotated daily, more frequently if required, and on demand.

Verv IAM provides a Zero Trust network layer data privacy protection solution to provide additional security to internet sign up and sign in.

Why Choose Verv IAM?

The most vulnerable part of any Identity Management system is the initial registration, and the sign in prior to the issue of identity tokens. The most common exploit is identity fraud, capturing or counterfeiting identity credentials and access tokens. As all data access depends on privileges that can be compromised by persistent, carefully planned and patient interception attacks, the race against global fraud is underway. The success of these attacks is not only because of poor implementation of security and lack of threat modeling, but also because the information protocols, initially developed in the twentieth century, inherited from hub and spoke network configuration on private infrastructure.

Set up an account. Verv IAM Identity Management is fully GDPR compliant.

Your endpoints are protected by a signed JWT bearer token and field level encryption. Your keys are kept secure by AWS KMS, PKI and key rotation. All connections are encrypted over the internet. Current authentication mechanisms are often complex and display insecurities in the identity lifecycle. Verv IAM does not handle, or store customer, end user, application or device information unencrypted. In fact Verv IAM collects a bare minimum of private data. In addition to encryption, your data is protected by best practise security with cloud infrastructure platform and perimeter defences.

Credentials and Endpoints

An end user ID may be person ID, device ID, or application client ID. Credentials are key-value pairs. Common Use Cases are UserID/Password, ClientID/Secret, ID and OAuth/OpenID/SAML/JWT tokens. Verv IAM issues encrypted JWS tokens validated at a secure API Gateway, before REST URIs are retrieved from encrypted storage, then forwarded to configured endpoints.