Appendix II: Vendor Evaluation of Supplemental Considerations
For more information on each item, please see Supplemental Considerations.
Note: as none of the evaluated vendors are under a recognized socioeconomic program or status, that information isn’t duplicated in the chart below. For some of the vendors, the answer is “unknown,” and we continue working to try to find that information.
Notable commercial customers | Notable government customers | Relevant certifications | Schedule information | |
Alloy | Austin Capital Bank, Langley Federal Credit Union, Radius Bank | Unknown | Unknown | Unknown |
Cognito | Brex, Nextdoor, Coinbase, BBVA | None | SOC2 Type 2 Compliance | No |
Ekata | Lyft, Alaska Airlines | None | SOC2 Type 2 Compliance | No |
Experian | NASWA Integrity Data Hub | Healthcare.gov, IRS, Michigan's MyLogin, 5-6 state UI agencies | NIST 800-63-3 IAL2 (for their full ID proofing product) | GSA (GS-35F-188AA) & NASPO |
ID.me | LinkedIn, Lenovo | NIST 800-63-3 IAL2/AAL2; in process of FedRamp authorization | Have a growing government business line, but do not promote availability on any found schedule | |
Idemia | n/a | TSA, USPS, US Dept. of State, 37 state DMVs, 1 state UI agency (Okla.) | -In process for NIST IAL2 -IEC CD 18013-5 Compliance | GSA |
IDology | Unknown | Unknown | Unknown | Unknown |
SentiLink | Several of the largest banks, credit card issuers, credit unions, and auto lenders | With at least one state’s PPP | SOC2 Type 2 Compliance, PCI Compl., EI3PA Compl. | Unknown |
Socure | Seven of the nine largest U.S. banks, six of the top 10 U.S. card issuers, Chime, SoFi | Unknown | -In processes for FedRamp authorization & NIST IAL2 -SOC2 Type 2 Compliance - ISO 27001/ 27017/27018 | Available on AWS Marketplace, so it may be simple to procure via an existing AWS contract |
Last updated