Appendix II: Vendor Evaluation of Supplemental Considerations
Last updated
Last updated
For more information on each item, please see Supplemental Considerations.
Note: as none of the evaluated vendors are under a recognized socioeconomic program or status, that information isn’t duplicated in the chart below. For some of the vendors, the answer is “unknown,” and we continue working to try to find that information.
Notable commercial customers
Notable government customers
Relevant certifications
Schedule information
Alloy
Austin Capital Bank, Langley Federal Credit Union, Radius Bank
Unknown
Unknown
Unknown
Cognito
Brex, Nextdoor, Coinbase, BBVA
None
SOC2 Type 2 Compliance
No
Ekata
Lyft, Alaska Airlines
None
SOC2 Type 2 Compliance
No
Experian
NASWA Integrity Data Hub
Healthcare.gov, IRS, Michigan's MyLogin, 5-6 state UI agencies
NIST 800-63-3 IAL2 (for their full ID proofing product)
GSA (GS-35F-188AA) & NASPO
ID.me
LinkedIn, Lenovo
, 22 state UI agencies
NIST 800-63-3 IAL2/AAL2; in process of FedRamp authorization
Have a growing government business line, but do not promote availability on any found schedule
Idemia
n/a
TSA, USPS, US Dept. of State, 37 state DMVs, 1 state UI agency (Okla.)
-In process for NIST IAL2
-IEC CD 18013-5 Compliance
GSA
IDology
Unknown
Unknown
Unknown
Unknown
SentiLink
Several of the largest banks, credit card issuers, credit unions, and auto lenders
With at least one state’s PPP
SOC2 Type 2 Compliance, PCI Compl., EI3PA Compl.
Unknown
Socure
Seven of the nine largest U.S. banks, six of the top 10 U.S. card issuers, Chime, SoFi
Unknown
-In processes for FedRamp authorization & NIST IAL2
-SOC2 Type 2 Compliance - ISO 27001/ 27017/27018
Available on AWS Marketplace, so it may be simple to procure via an existing AWS contract