Trust Progression Model
Overview
Every user starts as untrusted. ID Dataweb's workflows move users through three states — untrusted, verified, and trusted — and different workflows handle different transitions.
flowchart TD
U([<b>Untrusted User</b>])
V([<b>Verified Identity</b>])
T([<b>Trusted User</b>])
U --> OB[<b>User Onboarding</b>]
OB --> V
V --> TA[<b>Continuous Re-Authentication</b>]
TA --> T
Untrusted → Verified
An untrusted user has not yet had their identity confirmed. The User Onboarding workflow verifies who the user is by cross-referencing their identity data against authoritative sources. On approval, a verified identity is established and the user's device is bound to that credential.
Typical use cases: New customer onboarding, KYC/CIP, account creation, employee provisioning.
Verified → Trusted
Once a user is verified, Continuous Re-Authentication manages ongoing re-authentication. Rather than applying the same challenge every session, it evaluates each session against multiple risk dimensions — the user's role, device, real-time session signals, behavioral patterns, and the sensitivity of what they are accessing. Trusted users pass through seamlessly; elevated-risk sessions receive a proportional challenge or are blocked.
Typical use cases: Risk-based re-authentication, account recovery, call center authentication, ongoing session trust for verified users.
→ Continuous Re-Authentication
Which Workflow to Use
| User state | Workflow | When to use |
|---|---|---|
| Untrusted — identity not yet confirmed | User Onboarding | New user onboarding, account creation, KYC |
| Verified — needs ongoing re-authentication | Continuous Re-Authentication | Risk-adaptive challenges for returning verified users |
Updated 2 days ago