The Business Challenge

Specialized healthcare workers need secure, quick access to patient information while protecting privacy, but that information tends to be spread across multiple systems and accessed through shared workstations. Password-based security doesn’t measure up and delivers a poor user experience on all sides.

Through an innovative approach to identity verification and authentication, 1Kosmos BlockID meets regulatory mandates for patient privacy and identity assurance while delivering an elegant, modern experience for all users. The result is a non-phishable multifactor authentication without passwords that eliminates identity-based attacks, improves healthcare, and accelerates patient access to the services they need with the control they want over their own data.

For patients, 1Kosmos’ innovative platform ensures individuals can create and control their own digital identity to access benefits and coverage, giving patients more control over their health data and allow them to make more informed decisions about their care.

Day-to-day activities for workers improve with 1Kosmos as our flexible platform provides IT with a secure foundation to meet stringent compliance mandates and provide a modern approach to authentication that doesn’t impede patient care.

The 1Kosmos Advantage

Automate Identity Verification for Healthcare Professionals and Supporting Staff
Most logins assume identity, leaving IT and security teams hoping they’ve granted access to the legitimate user. 1Kosmos proves identity and provides flexibility to tailor the levels of identity assurance for different workers or groups of users.

For example, providers with privileged access requirements, like prescription writing or drug dispensing, might require the highest assurance with liveness detection (ie, IAL2), whereas workers in routine functions might only need to match their biometric to an employment photo on file or use a device-level biometric.

We support drivers license, passport and national ID verification via app-based or appless enrollment and can verify identity at lower levels of assurance using banking, telco (eg, SIM binding), email, social security number, and phone number, NPIN (National Physician Information Number) among other methods.

The 1Kosmos BlockID platform is not only complaint-to NIST 800-63-3, but fully certified to that standard by Kantara
Build Secure Authentication Through Verified Identity
After employment verification, organizations typically issue weak credentials such as user ID and password or some type of biometric that assumes identity on each use. The 1Kosmos approach to identity verification generates a verified credential and utilizes it as an artifact for passwordless MFA. The credential is used by the healthcare employee to access their endpoints any required applications.

Verified identity is matched to the user’s biometric captured at enrollment, and since the BlockID platform is certified to FIDO2 standards and bound to a public / private key pair, the biometric can’t be spoofed and their session can’t be compromised. Every access attempt physically verifies the healthcare provider's identity leaving no chance for impostors to login.

The flexibility built into the 1Kosmos platform enables security teams to deploy authentication methods that match the associated risk, meaning, practitioners can authenticate via: device biometrics, push message, email/SMS/Token, 3rd party hardware token, Microsoft Entra ID, or user biometric.
Give Admins and DevOps the Tools They Need
Some passwordless systems provide biometric authentication, but not much more … no identity verification, no support for legacy applications that can’t go passwordless, and limited support for a particular operating system with no backward compatibility for prior OS levels.

NIST 800-63-3, UK DIATF, FIDO2, and ISO27001 are contemporary technical standards designed to ensure security and interoperability for biometric authentication and passwordless access. 1Kosmos is certified to these standards and our solution has passed rigorous testing to validate our development is to the highest quality standards.

As a cloud-based identity provider, BlockID comes with several exciting administration features. The administration portal provides easy access to the configuration and management of the BlockID platform. Starting with over 50 out-of-the-box integrations and a robust API framework enabling quick and easy integrations into common technologies including Microsoft Entra ID, Ping, Okta, and more.
Secure Electronic Prescription Drug Programs
In the United States the EPCS standard, or Electronic Prescriptions for Controlled Substances, is a set of regulations established by the Drug Enforcement Administration (DEA) in the United States for the electronic prescribing of controlled substances. There are similar requirements worldwide. These standards sets requirements for the security and integrity of electronic prescriptions, in order to prevent fraud and abuse.

The standards call for 2-factor authentication. The 1Kosmos platform can be used to meet the strict “something you have” (mobile phone) and “something you are” (a biometric), enhancing security as well as the user experience. The approach binds healthcare workers to their verified credential through the identity enrollment process. In doing so, 1Kosmos BlockID creates an identity-based biometric authentication and a passwordless experience, eliminating the need for 3rd party 2FA, one-time codes, and other external authentication devices. As a result, each access event is associated with a real, verified identity.
Automate Identity Verification for Healthcare Professionals and Supporting Staff
Most logins assume identity, leaving IT and security teams hoping they’ve granted access to the legitimate user. 1Kosmos proves identity and provides flexibility to tailor the levels of identity assurance for different workers or groups of users.

For example, providers with privileged access requirements, like prescription writing or drug dispensing, might require the highest assurance with liveness detection (ie, IAL2), whereas workers in routine functions might only need to match their biometric to an employment photo on file or use a device-level biometric.

We support drivers license, passport and national ID verification via app-based or appless enrollment and can verify identity at lower levels of assurance using banking, telco (eg, SIM binding), email, social security number, and phone number, NPIN (National Physician Information Number) among other methods.

The 1Kosmos BlockID platform is not only complaint-to NIST 800-63-3, but fully certified to that standard by Kantara
Build Secure Authentication Through Verified Identity
After employment verification, organizations typically issue weak credentials such as user ID and password or some type of biometric that assumes identity on each use. The 1Kosmos approach to identity verification generates a verified credential and utilizes it as an artifact for passwordless MFA. The credential is used by the healthcare employee to access their endpoints any required applications.

Verified identity is matched to the user’s biometric captured at enrollment, and since the BlockID platform is certified to FIDO2 standards and bound to a public / private key pair, the biometric can’t be spoofed and their session can’t be compromised. Every access attempt physically verifies the healthcare provider's identity leaving no chance for impostors to login.

The flexibility built into the 1Kosmos platform enables security teams to deploy authentication methods that match the associated risk, meaning, practitioners can authenticate via: device biometrics, push message, email/SMS/Token, 3rd party hardware token, Microsoft Entra ID, or user biometric.
Give Admins and DevOps the Tools They Need
Some passwordless systems provide biometric authentication, but not much more … no identity verification, no support for legacy applications that can’t go passwordless, and limited support for a particular operating system with no backward compatibility for prior OS levels.

NIST 800-63-3, UK DIATF, FIDO2, and ISO27001 are contemporary technical standards designed to ensure security and interoperability for biometric authentication and passwordless access. 1Kosmos is certified to these standards and our solution has passed rigorous testing to validate our development is to the highest quality standards.

As a cloud-based identity provider, BlockID comes with several exciting administration features. The administration portal provides easy access to the configuration and management of the BlockID platform. Starting with over 50 out-of-the-box integrations and a robust API framework enabling quick and easy integrations into common technologies including Microsoft Entra ID, Ping, Okta, and more.
Secure Electronic Prescription Drug Programs
In the United States the EPCS standard, or Electronic Prescriptions for Controlled Substances, is a set of regulations established by the Drug Enforcement Administration (DEA) in the United States for the electronic prescribing of controlled substances. There are similar requirements worldwide. These standards sets requirements for the security and integrity of electronic prescriptions, in order to prevent fraud and abuse.

The standards call for 2-factor authentication. The 1Kosmos platform can be used to meet the strict “something you have” (mobile phone) and “something you are” (a biometric), enhancing security as well as the user experience. The approach binds healthcare workers to their verified credential through the identity enrollment process. In doing so, 1Kosmos BlockID creates an identity-based biometric authentication and a passwordless experience, eliminating the need for 3rd party 2FA, one-time codes, and other external authentication devices. As a result, each access event is associated with a real, verified identity.
Automatically Verify Identity for Patients
1Kosmos digital identity provides a streamlining and user-friendly remote onboarding experience delivered via an app or appless experience. Patients can create and manage a digital identity that is secure, private, and easy to use. Our identity proofing utilizes a user’s driver’s license, passport, or National ID to verify user identity and is completed within a few minutes with 99%+ identity proofing accuracy and 99%+ spoofing and counterfeit detection.

Our solutions support document verification for over 205 countries. We can also verify identity at lower levels of assurance using banking, telco (eg, SIM binding), email, social security number, and phone number, among other methods. 1Kosmos detects stolen and synthetic identity fraud through a our self-service, tightly aligned to the Know Your Customer (KYC) enrollment process.

The verified identity can be now be used to access to their medical records, prescriptions, and other sensitive information.

By deploying 1Kosmos BlockID, healthcare providers can streamline the patient onboarding process, reducing the time and resources required for identity verification and authentication. And as a result improve the patient experience, as well as reduce the risk of fraud and data breaches. Patients can be confident that their personal information is secure only accessible by them and cannot be tampered with or altered.
Implement Non-Phishable Customer Multi-Factor Authentication
After identity verification, 1Kosmos BlockID provides an authentication platform to support biometric passwordless multi-factor authentication. Our Identity proofing provides flexible levels of identity assertion.

1Kosmos BlockID authentication methods are available through our SDK, and can be easily integrated into an existing mobile app or delivered through the 1Kosmos BlockID app, which can be white labeled.

Users will authenticate via any of our methods depending on the business need, the risk profile of the activity, and the security requirement for each access request. These methods include: device biometrics, LiveID, push message, email/SMS/Token, 3rd party hardware token, and Microsoft Entra ID.
Deploy What You Need to Meet Patient Expectations
Many people believe that passwordless customer authentication is difficult to deploy. Others just want to migrate from their antiquated 2FA systems and go passwordless gradually to stay with customer expectations. Still, others have some passwordless capabilities but want to improve security because there are gaps in their current deployment.

A result of our flexible architecture is an ability to meet the needs of most any workflow. As new mandates, regulations or even integrations come to market the 1Kosmos API framework can help organizations quickly adapt and integrate, providing a future proof platform.

The 1Kosmos BlockID mobile app can be white labelled, so you can easily customize the look and feel to fit in with your brand identity and improve the customer or citizen experience.

Alternatively, by implementing our mobile SDK/API, you can securely integrate all functionality into your existing app or service. This approach eliminates silos created when managing multiple apps and services.
Empower Patients to Control Their Personal Information
Privacy and security of patient biometrics and other personal identifiable Information (PII) is critical to comply with GDPR and somewhere in excess of 230 GDPR-like regulations around the world. It’s also important to give patients the assurance they need that their information is not accessible without their explicit consent.

1Kosmos places users in sole control of their own information by securing information via cryptographically paired public-private key architecture. For added security, 1Kosmos BlockID utilizes a private and permissioned blockchain to decentralize data, eliminating administrative access to a centralized “honeypot” of information that hackers often target in data breach or ransomware attacks.

All updates are encrypted and written according to W3C DID standard, ensuring privacy, security and complete auditability. Only the enrolled user has access to the private key required to access and share their information at any time and with any online service.
Automatically Verify Identity for Patients
1Kosmos digital identity provides a streamlining and user-friendly remote onboarding experience delivered via an app or appless experience. Patients can create and manage a digital identity that is secure, private, and easy to use. Our identity proofing utilizes a user’s driver’s license, passport, or National ID to verify user identity and is completed within a few minutes with 99%+ identity proofing accuracy and 99%+ spoofing and counterfeit detection.

Our solutions support document verification for over 205 countries. We can also verify identity at lower levels of assurance using banking, telco (eg, SIM binding), email, social security number, and phone number, among other methods. 1Kosmos detects stolen and synthetic identity fraud through a our self-service, tightly aligned to the Know Your Customer (KYC) enrollment process.

The verified identity can be now be used to access to their medical records, prescriptions, and other sensitive information.

By deploying 1Kosmos BlockID, healthcare providers can streamline the patient onboarding process, reducing the time and resources required for identity verification and authentication. And as a result improve the patient experience, as well as reduce the risk of fraud and data breaches. Patients can be confident that their personal information is secure only accessible by them and cannot be tampered with or altered.
Implement Non-Phishable Customer Multi-Factor Authentication
After identity verification, 1Kosmos BlockID provides an authentication platform to support biometric passwordless multi-factor authentication. Our Identity proofing provides flexible levels of identity assertion.

1Kosmos BlockID authentication methods are available through our SDK, and can be easily integrated into an existing mobile app or delivered through the 1Kosmos BlockID app, which can be white labeled.

Users will authenticate via any of our methods depending on the business need, the risk profile of the activity, and the security requirement for each access request. These methods include: device biometrics, LiveID, push message, email/SMS/Token, 3rd party hardware token, and Microsoft Entra ID.
Deploy What You Need to Meet Patient Expectations
Many people believe that passwordless customer authentication is difficult to deploy. Others just want to migrate from their antiquated 2FA systems and go passwordless gradually to stay with customer expectations. Still, others have some passwordless capabilities but want to improve security because there are gaps in their current deployment.

A result of our flexible architecture is an ability to meet the needs of most any workflow. As new mandates, regulations or even integrations come to market the 1Kosmos API framework can help organizations quickly adapt and integrate, providing a future proof platform.

The 1Kosmos BlockID mobile app can be white labelled, so you can easily customize the look and feel to fit in with your brand identity and improve the customer or citizen experience.

Alternatively, by implementing our mobile SDK/API, you can securely integrate all functionality into your existing app or service. This approach eliminates silos created when managing multiple apps and services.
Empower Patients to Control Their Personal Information
Privacy and security of patient biometrics and other personal identifiable Information (PII) is critical to comply with GDPR and somewhere in excess of 230 GDPR-like regulations around the world. It’s also important to give patients the assurance they need that their information is not accessible without their explicit consent.

1Kosmos places users in sole control of their own information by securing information via cryptographically paired public-private key architecture. For added security, 1Kosmos BlockID utilizes a private and permissioned blockchain to decentralize data, eliminating administrative access to a centralized “honeypot” of information that hackers often target in data breach or ransomware attacks.

All updates are encrypted and written according to W3C DID standard, ensuring privacy, security and complete auditability. Only the enrolled user has access to the private key required to access and share their information at any time and with any online service.

Contact us for a demo!