Verification & Authentication

Verification Engine (VE)

The Verification Engine protects sensitive identity information by absolutely restricting how it can be accessed. Not only are users required to be authorized to access data but more importantly, the data itself can only be retrieved according to pre-defined, enforceable queries. The Verification Engine is an n-tier J2EE 2.0 compliant application. It has been fully certified on Weblogic, JBOSS, and Websphere, and on both Solaris and Linux operating systems. As a J2EE application, it is easily adaptable to other J2EE containers and operating systems. Interfaces to the system are all XML/HTTP (with schema validation). Ease of integration was designed into the system from the outset, and is currently being used by the United States Department of Treasury Pay.gov website to securely validate the identity of individuals registering for on-line financial transactions with federal agencies.

The Treasury provides key pieces of information (Data Elements) such as Name, Address, Date of Birth etc. Government and commercial databases are referenced by the verification service as part of a customer verification request. The Data Elements are submitted to the databases in a structured format, and depending upon whether they are found or not, a confidence level on the identity of the customer is established. The confidence level returned is compared with an acceptable threshold value – if this value is met or exceeded the customer is granted access to the site. An .xml interface allows the agency sites to interact with the verification service, which resides on the highly secure Treasury Web Application Infrastructure (TWAI).

For more information, call RAF Technology at 425.867.0700 or e-mail info@raf.com.