Business February 2, 2023

NIST approval explained

profile picture Matt Prendergast 3 min read
Man working at laptop in office setting

Many companies in the identity space talk of NIST certification. What does this mean for you as a user of identity services and what does it mean for your customers?

 

Who is NIST?

NIST is the National Institute of Standards and Technology (NIST), a non-regulatory agency of the United States Department of Commerce. NIST’s remit is to create and certify measures, standards and technology to enhance trade and productivity. Formed in 1901, their remit is to provide standards and certification for businesses. At first this included clocks and thermometers, all kinds of ‘weights and measures’.  But over time the agency has grown to include tech, such as election technology and, of interest to us, cybersecurity.

 

What is NIST compliance?

Broadly, NIST certification means the product in question meets defined standards. Liveness is an anti-spoofing process that checks to ensure we are dealing with a real person. Not someone who is, for example, wearing a mask or using a photo or image of someone else. Our proprietary liveness detection technology, MyFace, is used across our suite of solutions including identity verification, digital ID and age verification

 

What does NIST certified liveness mean?

NIST provides a framework for testing performance levels of liveness. 

NIST Level 1 involves testing using things that could be found in a normal home or office. Materials used for testing should not cost more than $30. Masks are excluded. To pass NIST Level 1, you must detect every attack and limit false negatives to less than 15%. 

NIST Level 2. Involves testing against more specialist attacks, such as latex facemasks or 3D printers. Materials used for testing should not cost more than $300.To pass NIST Level 2, you must detect 99% of attacks and limit false negatives to less than 15%.

Once a liveness service has passed testing, they will be issued with a Presentation Attack Detection (PAD) Confirmation letter that provides results and methodology used and what product was tested. 

To learn more about our liveness products, please do get in touch.

Related stories

An image of a laptop screen displaying a Yoti Verified Call. Icons surrounding the main screen show the verified identities of each attendee.
Articles November 19, 2025

Introducing Yoti Verified Calls

Yoti Verified Calls is a new innovative service, designed to combat identity fraud and cyber attacks, while building trust during video calls. It enables businesses and individuals to verify the identity of attendees before or during video calls, reducing the risk of impersonation, deepfakes and unauthorised access.   The rising threat of deepfakes Barely a week goes by without a headline about deepfakes. Whether it’s a celebrity finding fake images of them circulating online, political leaders appearing in a deepfake video, or a member of the public scammed, the technology behind deepfakes is growing more accessible, believable, sophisticated and

#authentication#news
Yoti Yoti
4 min read
Zero trust authentication methods
Articles November 13, 2025

How strong authentication powers Zero Trust and protects against cyber threats

Until recently, organisational cybersecurity typically relied on a fortress mentality, by building a strong perimeter with firewalls and VPNs, and trusting everything inside. But in today’s digital world of cloud apps, remote work and hiring, supply chain integrations, virtual connections and sophisticated attacks, that approach is no longer enough. Once criminals breach the walls, they can often move freely and undetected. If a business can’t reliably confirm who’s accessing its systems, it leaves the door open for cyber criminals. When authentication is weak, malicious actors can: Steal employee or customer login credentials through phishing and use them to access

#authentication#business
Sofi Summers Sofi Summers
6 min read
An image of a woman looking directly at the camera. A guide over her face indicates that the image is a deepfake.
Articles November 5, 2025

The rising challenge of detecting deepfakes

Artificial intelligence (AI) has come a long way in just a few years. What started as a tool for automating routine tasks and processing data more efficiently has now become integrated into nearly every industry. It seems as though it’s everywhere we look right now. One of the most controversial, and perhaps concerning, developments in AI is the rise of deepfakes. In simple terms, deepfakes are incredibly realistic synthetic media, such audio, video or images, generated by AI. These digital forgeries have become so convincing that telling real from fake is becoming a serious challenge. We look into how

#authentication#business
Amba Karsondas Amba Karsondas
8 min read