RealMe for Developers and Integration Teams
RealMe.

Search

What's the RealMe assertion service?

RealMe assertion service

RealMe® assertion service provides the means for a customer to prove personal information online. At present, we offer verified identity (name, date and place of birth, gender) and verified residential address. The service is often referred to as RealMe verified identity as this is usually the most essential set of personal data. 

Organisation benefits include:

  • no need to incorporate an in-person or third party capability for verifying personal information for use online
  • high strength attribute verification is guaranteed by real-time access to the authoritative source record
  • provide customers with a verify once - use online many time experience

The RealMe assertion service is available to organisations in the wider government sector and to approved organisations in the private sector such as financial institutions.

If your organisation wants to maximise use of the online channel and needs strong proof of your customer's identity and other personal details before services can be provided, then the RealMe assertion service may be a good fit. See the RealMe website about business use(external link) for more information on the assertion service.

Combining RealMe login service and RealMe assertion service

For most online services, the customer will authenticate many times, but only verify their identity, address or other attributes once at registration or perhaps at infrequent intervals when circumstances change. An assertion of customer's attributes must take place in a managed session to protect the personal information being shared. 

For private sector organisations, that are not able to use RealMe login, the customer requires a RealMe verified identity in order for authentication to succeed. 

For government agencies, the login and assertion flows can be combined to provide a more seamless user experience. There are two likely use cases:

  •  Assert and always log in - the customer must have a RealMe login but may not have a verified identity. If they do have a RealMe login but no verified identity, the customer will still be authenticated. If the customer does not have a RealMe login they can create a RealMe login. The online service then handles the verification of the customer either by encouraging them to apply for a RealMe verified identity or triggering their own alternate verification process. Until the customer's identity is verified the agency service can limit the functions the customer can perform. The online service may choose to authenticate the user at low or moderate strength however, whenever the customer shares their verified attributes, they are authenticated at moderate strength.
  • Log in and assert - in the registration process, the first step for the customer is to log in, and possibly provide some initial personal information. For many agencies' online services, the registration can be completed with a low strength, username and password login. At the point the agency process requires identity, address or other attributes, the customer is given the choice of completing this online via the RealMe assertion service or by using an alternate verification process. If the customer chooses the RealMe assertion service as their verification method, they are authenticated at moderate strength. Logging in as the first step of registration is usually the simplest approach, however the customer will need to log in again to assert their details.