成立时间 01
2010 [CO001] 尽调报告
ID.me
ID.me — 数字身份尽调报告
ID.me 是真实的可复用身份资产,覆盖已达全国级;但当前 >$2B 私募估值仍跑在公开证据前面,收入质量、利润率、集中度和政策韧性都还没跟上。
封面要素
公司概况
ID.me 总部位于弗吉尼亚州 McLean,是一家可复用身份钱包公司。公司从军人社区起家,扩展成高保证数字身份平台,服务美国政府、医疗、雇主和消费品牌流程。公开证据显示公司已有显著规模、依赖方覆盖广,并拿到新融资支持;但后期投资人最该核验的变量——当前收入质量、毛利率、客户集中度,以及债务或优先权条款——仍未公开。结论是:这是一项有全国足迹的真实战略资产,但其高估值仍建立在部分披露的经济性之上。
- 成立时间
- 2010-02-02
- 创始人
- Blake Hall, Matt Thompson
- 创立地点
- McLean, Virginia, USA
- 总部
- McLean, Virginia, USA
- 产品
- 可复用数字身份钱包,加上身份网关、核验、MFA 和属性共享栈,让用户完成一次验证后,即可在政府、医疗、雇主和品牌流程中复用凭证。
- 客户
- 需要高保证身份核验、登录安全或已验证属性流程的美国联邦和州政府机构、医疗组织、雇主和消费品牌。
- 商业模式
- 以使用和复用驱动的身份验证模式:客户为成功核验结果和重复凭证使用付费,而不是购买传统席位许可。
- 阶段
- Late-stage private company with national public-sector penetration and a September 2025 financing at a valuation above $2 billion.
- 融资情况
- 2025 年 9 月融资组合总额 $340 million,估值超过 $2 billion;公开报道显示其中包括 Series E 股权和一笔大额信贷额度。
执行摘要
主要优势
- 覆盖政府、医疗和商业流程的全国级可复用凭证网络。
- 公开分发证据很强,包括 IRS、SSA、VA、Pennsylvania 失业救济、VEC 以及 Medicare 相关流程。
- 2025 年新融资和投资人持续支持,降低了近期资本充足性担忧。
- 产品面已越过登录,延伸到身份核验、MFA、钱包复用、API、SDK 和人工辅助恢复路径。
- 身份欺诈和合规顺风仍利好这个品类。
主要风险
- 在 >$2B 估值下,公开证据仍不足以清晰承销当前收入、毛利率或留存。
- 政府客户集中和采购依赖,让业务暴露在监督、预算和合同结构风险下。
- 生物识别隐私、数据留存和 AI 治理审查可能拖慢扩张,或压缩估值倍数。
- Login.gov 与 CLEAR 可见的多供应商部署,削弱了公共部门赢家通吃逻辑。
- 2025 年融资包中的债务或优先权条款公开信息不清。
未决问题
- 2025 和 2026 年经审计收入、毛利率,以及按主要客户队列划分的留存。
- 2025 年融资包中的债务契约、优先股堆叠和完整股权结构经济账。
- IRS、CMS 和其他大型公共部门部署的客户集中度与续约可见度。
- 人工审核率、排队时间、钱包或 API 服务水平等运营指标。
- 可复用凭证经济性足以支撑长期溢价倍数的硬证据。
目录
01公司概览
1.1 身份、总部、阶段和运营模式
ID.me 是一家位于弗吉尼亚州 McLean 的数字身份公司,Blake Hall 于 2010 年创立,2013 年从 TroopSwap/Troop ID 更名并扩展为更广义的 ID.me 钱包平台。公司现在把自己定义为可复用数字身份钱包:用户验证一次,存储已验证身份或社区「卡片」,之后即可在政府、医疗和商业网站之间复用这些凭证,无需每次重新走核验流程。官方材料强调用户可以控制共享哪些数据;产品页面则把产品定位为不止一个登录组件:这套栈覆盖身份验证、MFA、访问管理、凭证校验和钱包服务。 公开渠道中最清晰的商业模式描述来自 Sacra,也与 ID.me 自身产品界面一致。公司采用 B2B2C 模式,机构、医疗组织和品牌为成功验证和持续凭证复用付费,终端用户不直接买单。只要同一高保证凭证能在多个依赖方之间复用,这种模式就最有力,尤其是在公共部门流程中。公开材料和案例研究显示,同一个身份层已经用于联邦福利访问、州失业救济流程、医疗身份核验和商业社区验证。 截至本次报告日期,估值超过 $2 billion、2025 年 Series E 加信贷组合、以及不断扩大的联邦合同足迹,足以把 ID.me 归入后期私营公司。更不清楚的是典型封面指标的深度:公开来源在用户、机构和融资标题上信息更强,但对经审计收入、员工数、设施数量和董事会透明度披露有限。[CO001, CO003, CO007, CO008, CO009, CO010]
| 指标 | 数值 / 状态 | 日期 | 置信度 | 缺口 / 备注 |
|---|---|---|---|---|
| 创立时间 | 2010-02-02 | 2010 | 高 | 创始日期由 ID.me 周年文章和 MicroVentures 摘要交叉印证 |
| 总部 | McLean, Virginia | 2025-2026 | 高 | 官方新闻稿日期行和 GovConWire 简介提供支持 |
| 当前阶段 | 后期未上市 | 2026-06-03 | 高 | 基于 >$2B 估值、2025 年融资和扩张中的联邦合同基础 |
| 最新披露估值 | >$2B | 2025-09-03 | 高 | 官方融资公告;未披露具体估值倍数 |
| 最新披露融资方案 | $340M | 2025-09-03 | 高 | 官方方案合并 Series E 融资和近期信贷额度 |
| 2021 年以来公开可追踪最低资本 | $572M+ | 2021-2025 | 高 | 由 Sacra 报道的 2021/2023 轮次加 2025 年方案推算;生命周期总额仍不完整 |
| 收入 / 运行率 | 2024-2026 | 低 | 第三方来源显示 2024 年收入约 $150M,但未审阅到经审计收入或运行率披露 | |
| 员工数 | 2026-06-03 | 低 | 本章审阅材料未浮现当前员工数的一手来源 | |
| 地点 | 2026-06-03 | 低 | 审阅材料未公开列举当前办公地点数量 | |
| 公开董事会披露 | 未发现 | 2026-06-03 | 中 | 审阅来源未识别当前董事会名单或委员会结构 |
表格优先列出封面事实和明确未支持缺口;null 表示审阅的公开来源无法支撑该指标。
[CO001, CO007, CO025, CO030, CO031, CO050]ID.me 的模式把一次性验证,与可复用凭证、多行业访问和组织端经常性支出串起来。
[CO008, CO009, CO010, CO011, CO012, CO037]最新公开披露的网络规模指标强调触达,而不是经审计的财务深度。
州机构数量以区间展示,因为 2025 年末至 2026 年初的披露在 45 到 50 之间不一。
[CO020, CO021, CO022, CO023, CO024]1.2 创始人主导的管理层、治理可见度与关键人依赖
ID.me 仍明显由创始人主导。Blake Hall 仍是创始人兼 CEO,已审阅的官方来源反复让 Hall 作为公司使命、重大融资和重要政府合同里程碑的外部发声人。这种模式很重要:它说明公司的公开可信度仍与 Hall 的创始人叙事、军旅背景和长期的隐私与信任框架紧密绑定。从尽调角度看,这是典型的关键人信号。它不必然是负面,但确实意味着战略叙事、投资人信心和公共部门信任异常集中在一个高管形象上。 公开可见的其他领导梯队更薄。Carahsoft 2023 年合作公告披露 Derrick Roberts 为业务拓展总监,FedScoop 对 CMS 的报道提到 Wes Turbeville 是联邦与医疗高级副总裁,说明公共部门分销和行业 GTM 周围有职能领导。但本次审阅的来源未给出当前完整高管名单、具名董事会成员或委员会结构。考虑到 ID.me 现在横跨敏感的政府和医疗流程,却仍是私营公司,且治理信息相对不透明,这一点值得注意。 实际含义是,领导连续性看起来很强,但治理尽调不能只依赖公开材料。任何严肃尽调都应直接索取董事会名单、投资人权利结构,以及 Hall 之外哪些高管分别负责产品、财务、运营、安全和监管事务。[CO015, CO016, CO017, CO018, CO019]
| 人物 | 在所审来源中的角色 | 背景 / 证据 | 职能覆盖 | 关键人依赖 |
|---|---|---|---|---|
| Blake Hall | 创始人兼 CEO | 2010 年起担任创始人;前陆军侦察 / 狙击排排长;在融资和 CMS 公告中多次被引用 | 战略、使命、融资、外部信任叙事 | 高 |
| Derrick Roberts | 业务发展总监 | 在 Carahsoft 公共部门分销公告中被点名 | 政府采购和转售渠道覆盖 | 中 |
| Wes Turbeville | SVP,联邦与医疗 | FedScoop 在 CMS/Medicare 报道中识别 | 联邦和医疗 GTM 执行 | 中 |
行覆盖所审来源中公开可见的具名领导者;这不是完整高管名单。
[CO015, CO016, CO017, CO018, CO019]1.3 融资历史、投资人图谱与披露限制
融资标题很清楚:ID.me 2025 年 9 月宣布一揽子 $340 million 融资,估值超过 $2 billion。公司披露 Ribbit Capital 领投,Ares Credit funds、Moonshots Capital 和 Positive Sum 参与;Sacra 则报道该组合大致由 $65 million 新股权和 $275 million Ares 信贷额度构成。Sacra 还指向此前已披露的 2021 年 $100 million、2023 年 $132 million 融资,以及 2021 年 $1.5 billion 估值。这些披露支持 2021 年以来至少 $572 million 的资本投入,但无法完全回答公司生命周期累计融资问题,因为早期轮次、二级交易和债务工具的精确范围仍只部分公开。 投资人组合本身也有信号。Ribbit 领投说明身份基础设施获得金融科技级别的信心;Ares 带来资本,也带来债权人影响;Sacra 列出的早期支持者包括 CapitalG、Morgan Stanley Counterpoint、FTV Capital、PSP Growth 和 Viking Global,说明资金更像长期增长资本,而不只是小型 VC 支持。话虽如此,投资人可见度仍强于股权结构精度。外部看不到持股比例、清算优先权、二级交易或契约细节。 对投资读者来说,正确结论不是资本基础薄弱,而是公司在后期阶段财务可信,同时仍把核心融资机制留在私域。这种组合在高关注度私营公司中很常见,但意味着下行和控制权分析无法仅凭公开材料完成。[CO025, CO026, CO027, CO028, CO029, CO030]
| 利益相关方 | 角色 | 控制 / 经济重要性 | 公开证据 | 尽调要求 |
|---|---|---|---|---|
| Blake Hall | 创始人兼 CEO | 叙事和关系集中;即便没有公开董事会细节,也很可能有重要治理影响力 | 创始人仍站在使命、融资和重大合同前台 | 要求持股比例、董事会权利和继任规划 |
| Ribbit Capital | Series E 领投方 | 传递对金融科技 / 基础设施的信念,也很可能带来董事会或观察员影响力 | 2025 年 9 月融资公告中列名为领投方 | 确认治理权利和持仓规模 |
| Ares Management / Ares Credit | 债权人和股权参与方 | 可能是创始人之外最重要的财务利益相关方,因为债务会塑造下行和契约 | 官方公告加 Sacra 均识别 Ares 信贷支持 | 审阅完整信贷协议和贷款方保护 |
| Moonshots Capital & Positive Sum | Series E 股权参与方 | 支持轮次银团化,但公开影响力水平不清 | 在 2025 年 9 月官方轮次披露中被点名 | 确认所有权和任何战略权利 |
| CapitalG、Morgan Stanley Counterpoint、FTV、PSP、Viking 等投资方 | 早前披露的成长投资者 | 传递后期机构背书和潜在跨市场预期 | Sacra 将其列为多个轮次的知名投资者 | 要求入场价格、所有权和二级交易历史 |
| 联邦机构(IRS、CMS、SSA、VA) | 关键任务客户基础 | 经济集中度和声誉杠杆可能不亚于投资者影响力 | 公开合同和流程文件显示重大依赖 | 按机构拆分收入集中度和合同续约风险 |
| Carahsoft | 政府分销伙伴 | 塑造公共部门采购触达和转售渠道规模 | Carahsoft 合作公告 | 厘清渠道经济性和独占性 |
这里混合了投资者、债权人、创始人以及关键任务渠道 / 客户利益相关方,因为公开控制可见度比股权表可见度更宽。
[CO015, CO025, CO026, CO027, CO029, CO032]1.4 里程碑、政府规模与反向信号
ID.me 的里程碑轨迹显示,公司先在信任敏感的政府和福利流程中扩张,之后再拓展到医疗和商业身份用例。早期时间线从 2010 年创立,到 2013 年更名和 NIST 拨款,再到 2016 年 VA.gov,以及 2017–2018 年的政府安全里程碑。疫情期似乎是拐点:公司称 7 个州认为它帮助阻止了超过 $270 billion 的失业欺诈,Virginia Employment Commission 案例研究称,2024 年上线后,数字化采用率、呼叫中心负载和员工效率均出现实质改善。 近期动能集中在政府项目。官方和独立来源显示,CMS 扩展到 Medicare.gov、Social Security 2025 年把在线登录改为仅支持 ID.me 或 Login.gov、以及据报道 IRS BPA 到 2030 年最高可达 $1 billion。公开规模指标也在 2025 年持续上升,从周年文章中的 139 million 用户,到 9 月融资公告中的 152 million,再到 12 月 CMS 公告中的 157 million。尽管不同来源之间并不完全同步,这些数字的方向仍很强。 下行情景不在明显商业崩塌,而在监督和运营可靠性。GAO 和 Biometric Update 记录了 IRS 项目的严重监督缺口,包括缺少绩效目标和 AI 清单控制;FedScoop 则记录了面部识别争议仍在持续。另一个信号是,状态页在 2026 年 5 月下旬记录了一起移动钱包事件。这些事实都不能推翻规模故事,但说明 ID.me 的信任护城河同时依赖监管信心和正常运行纪律。[CO004, CO005, CO006, CO020, CO021, CO022]
| 日期 | 事件 | 类型 | 金额 / 估值 / 状态 | 参与方 | 含义 |
|---|---|---|---|---|---|
| 2010-02-02 | Blake Hall 创立 ID.me(最初名为 TroopSwap) | 创立 | Blake Hall | 起点故事扎根于对军事身份进行隐私敏感型证明 | |
| 2013 | 更名为 ID.me 并获得 NIST 拨款 | 治理 | $1.2M 拨款 | ID.me 与 NIST | 从小众退伍军人折扣转向更广泛的数字身份钱包命题 |
| 2016 | 拿到首个联邦合同,与 VA 合作在 VA.gov 上提供安全认证 | 监管 | ID.me 与 Department of Veterans Affairs | 在高信任退伍军人流程中锚定政府可信度 | |
| 2017 | 在政府场景部署 FIDO U2F 安全密钥 | 产品 | ID.me, 联邦机构 | 早期抗钓鱼认证里程碑 | |
| 2018 | 达到 NIST IAL2/AAL2 认证 | 监管 | 已认证 | ID.me, Kantara/NIST 框架 | 支撑联邦级信任定位 |
| 2020-2021 | 疫情期间扩容,并提出失业欺诈防范成效 | 规模 | 声称拦截 >$270B 欺诈 | ID.me, 七个州 | 公司从小众验证方变成公共部门规模化供应商 |
| 2024-01 | Virginia Employment Commission 推出 | 合作 | 声称线上使用量 +173%,呼叫量 -57% | ID.me 与 VEC | 福利访问和欺诈控制的高可见度案例研究 |
| 2024 | HHS Tribal CX 试点和 OtisHealth 合作被重点提及 | 合作 | ID.me、HHS 与 OtisHealth | 显示扩张超出失业和退伍军人流程 | |
| 2025-06-07 | SSA 将在线访问迁移为仅支持 ID.me 或 Login.gov | 监管 | 政策变更已生效 | SSA、ID.me 与 Login.gov | 在大型福利机构扩大联邦身份相关性 |
| 2025-09-03 | 宣布 Series E 加信贷方案 | 融资 | $340M,估值 >$2B | ID.me、Ribbit、Ares、Moonshots、Positive Sum 等参与方 | 确认后期私有融资和债权人参与 |
| 2025-12-16 | CMS 宣布 Medicare.gov 身份选项 | 合作 | 2026 年初开始推出 | ID.me、CMS 与 HHS | 增加医疗访问和互操作相关性 |
| 2026-01-06 | GovConWire 报道 IRS BPA 到 2030 年最高 $1B | 规模 | 报道上限 $1B | IRS 与 ID.me | 重要联邦客户集中度和验证 |
| 2025-06 | GAO 识别 IRS 项目中的监督和 AI 治理缺口 | 负面 | 4 项建议 | GAO、IRS 与 ID.me | 信任护城河依赖监管信心,而不只是规模 |
| 2026-05-25/26 | 移动钱包服务事件出现在状态页并已解决 | 负面 | 部署修复后解决 | ID.me | 随着钱包使用增长,运营韧性仍很关键 |
这条时间线是本章唯一的公开里程碑记录,并刻意把正向规模里程碑与负面监督、可靠性事件放在一起。
[CO001, CO003, CO004, CO005, CO006, CO021]公开时间线覆盖从创立到 2026 年 5 月钱包事件,包含融资、政府规模化以及负面监督节点。
[CO001, CO003, CO004, CO005, CO006, CO025]02市场分析
2.1 市场边界、纳入支出与相邻预算
ID.me 并不争夺所有贴着数字身份标签的支出。最有防御力的市场边界,是面向受监管数字访问的可复用、高保证身份核验、认证和属性交换。纳入支出由核验、强认证、凭证复用和流程集成构成,让政府机构、医疗组织、雇主或商户可以信任此前已验证的用户。这比一次性 KYC API 更宽,因为钱包复用和已验证属性会在多个依赖方之间产生后续价值;但它又小于整个数字身份服务栈。广义编排、通用 CIAM 和员工 IAM 预算属于相邻预算,因为它们也解决登录和访问问题,但通常不具备 ID.me 差异化所依赖的高保证核验、可携带钱包或社区 / 资格属性。商业边界还包括品牌和雇主的福利与社区验证流程,同时排除大多数物理访问订阅和低保证认证工具。实践中,这个品类更像跨垂直行业的信任基础设施:同一个钱包可以打开 IRS 服务、Social Security、VA 访问、Medicare.gov、雇主流程和已验证属性电商,但每个买家仍会按自己的预算、合规和集成视角评估支出。[CM009, CM010, CM011, CM014, CM016, CM018]
| 细分 / 类别 | 纳入支出 | 排除支出 | 买方 / 付款方 | 相关性 |
|---|---|---|---|---|
| 政府身份核验和登录 | 面向联邦 / 州门户的高保障公民核验、MFA、可复用登录和身份恢复 | 通用网站 SSO、低保障账户创建、无关机构软件 | 机构采购并付款;公民使用 | ID.me 已经实现规模化采用的核心当前市场 |
| 医疗患者和受益人访问 | 面向 Medicare、患者门户、记录访问和互操作流程的身份验证与可复用凭证 | 与身份无关的临床系统支出、通用 EHR 授权 | 机构、付款方、服务提供者或健康平台付款;患者使用 | CMS 和更广医疗足迹已经验证的具体相邻市场 |
| 雇主和劳动力 / 福利身份 | 劳动力或资格核验、强登录、社区或就业状态验证 | 未绑定核验的通用 HRIS、薪资或协作软件 | 雇主付款;员工或申请人使用 | 经过验证的身份可降低欺诈和帮助台摩擦,因此是有用相邻市场 |
| 品牌、商户和社区验证 | 面向折扣、门控访问和信任项目的已验证属性与社区检查 | 广义营销技术支出或通用忠诚度软件 | 品牌付款;消费者使用 | 重要商业切入口,但不是整个消费者互联网认证市场 |
| 可复用钱包和属性交换 | 钱包卡、便携凭证复用、经同意的属性分享和依赖方集成 | 没有复用层的一次性证件检查 | 依赖方付款;用户携带凭证 | 这是能把价值扩展到一次性验证之外的差异化因素 |
| 更广数字身份 / CIAM 相邻市场 | API 身份流程、编排、云身份服务和身份基础设施 | 不需要高保障核验或可复用属性的通用 IAM 或 CIAM 合同 | 横跨安全、IT、产品和合规的混合企业买家 | 对预算语境重要,但太宽,不能称为 ID.me 的直接 SAM |
边界由受监管流程和可复用信任价值界定,而不是由最宽泛的身份软件标签界定。最后一行是相邻支出,不是完全纳入的市场池。
[CM009, CM010, CM011, CM013, CM014, CM016]三层嵌套视角从最宽的数字身份服务框架,收敛到更窄的美国身份验证代理指标;后者最贴近 ID.me 当前足迹。
这些层级币种可比,但定义并非完美嵌套。它们旨在作为逐步收窄的公开视角,而不是精确的自下而上 TAM/SAM/SOM 瀑布。
[CM001, CM003, CM016, CM047]2.2 受证据约束的 TAM、SAM 与公开市场视角
公开市场数据有方向价值,但数字并不一致。MarketsandMarkets 预计全球身份验证市场 2025 年为 USD 14.34 billion,2030 年为 USD 29.32 billion;Grand View Research 则给出略小的历史基数,但仍预计 2030 年达到 USD 33.93 billion。Future Market Insights 采用更宽的数字身份服务口径,2025 年为 USD 28.5 billion,因为它纳入编排、凭证签发、钱包和纯验证之外的其他服务层。正确结论不是某个估算「正确」,而是这些视角描述了不同边界。更窄的地域代理是 2025 年 USD 4.34 billion 的美国身份验证市场,比全球数字身份标题更贴近 ID.me 几乎完全在美国的足迹。买家层面的公开预算信号更窄:GovConWire 报道 IRS 一揽子采购协议到 2030 年最高 USD 1 billion,FedScoop 把 CMS/Medicare 扩展放在约 USD 5 million 的合同背景中。这些视角比模型生成的 SOM 更能框定机会。ID.me 披露的 152 million 至 157 million 用户、76 million 至 80 million 个 IAL2 验证身份,证明采用规模可观;但公开数据仍没有充分披露合同定价、垂直行业组合、续约或附加率,无法支撑精确的可获取份额模型。[CM001, CM002, CM003, CM004, CM005, CM021]
| 发布方 / 视角 | 年份 | 地理范围 | 数值 | 增长 | 方法 | 置信度 | 局限 |
|---|---|---|---|---|---|---|---|
| Grand View Research | 2022/2030 | 全球 | 2022 年 USD 9.87B;2030 年 USD 33.93B | 16.7% CAGR (2023-2030) | 身份验证市场收入预测 | 中 | 品类定义宽且基准年份较早,因此只适合作方向性参考,不是 ID.me 专属 |
| MarketsandMarkets | 2025/2030 | 全球 | 2025 年 USD 14.34B;2030 年 USD 29.32B | 15.4% CAGR (2025-2030) | 身份验证市场收入预测 | 中 | 仍是宽口径全球品类,覆盖许多超出 ID.me 当前足迹的垂直领域 |
| MarketsandMarkets | 2025/2030 | 美国 | 2025 年 USD 4.34B;2030 年 USD 8.16B | 13.5% CAGR (2025-2030) | 美国身份验证市场子集 | 中 | 比全球 TAM 更好的 SAM 代理,但仍包含 BFSI 和其他 ID.me 尚未证明的赛道 |
| Future Market Insights 估算 | 2025/2035 | 全球 | 2025 年 USD 28.50B;2035 年 USD 86.54B | 11.7% CAGR (2025-2035) | 包含钱包 / 编排的更广数字身份服务市场 | 中 | 过宽,不能不切出高保障验证和可复用身份就直接当 TAM 使用 |
| GovConWire / FPDS 视角 | 2026-2030 | 美国联邦公共部门 | IRS BPA 上限最高 USD 1.0B | n/a | 单一买方的公共部门合同上限视角 | 中 | 预算上限不是已实现支出,也不能外推到所有机构 |
| ID.me 披露足迹 | 2025 | 以美国为中心的多垂直网络 | 157M 用户;80M IAL2 用户;21 家联邦机构 | n/a | 装机基础和网络效用视角 | 高 | 牵引力视角不是收入、利润率或可获得份额披露 |
这张表刻意混合市场收入、预算上限和装机基础视角,因为公开证据不足以支持一套干净的 ID.me TAM/SAM/SOM 栈。混合单位方法,是在机会区间上最少引入假设的办法。
[CM001, CM002, CM003, CM005, CM021, CM023]低 / 基准 / 高三行展示:当发布方使用不同边界和预测期,市场规模数字如何变化。
每行使用发布方自己的当前/基准值和最外侧预测终点。这些行不可相加,也不是同一个统一市场定义。
[CM001, CM002, CM003, CM004, CM046, CM048]2.3 买家、用户与付款方分层
理解 ID.me 的市场分层,最好看谁拥有流程和预算,而不是看单一终端行业。在联邦和州项目中,买家和付款方是试图保护福利、税务或公民服务访问的政府机构,用户则是越来越希望复用既有凭证的居民、纳税人或申领人。在医疗领域,买家可以是付款方、公共机构、医疗系统或数字健康平台,它们需要以更强核验和互操作性支持患者或受益人访问。在雇主和商业品牌用例中,组织付费,让用户无需反复人工检查就能证明资格、员工身份或社区状态。可复用钱包很关键,因为它缩短后续依赖方的入门流程:IRS、SSA、VA 以及现在的 CMS 都告诉用户,既有 ID.me 凭证可以沿用。这种复用创造了真实网络效应,但每个细分仍以不同方式评估 ID.me。公共机构关心减欺诈、可及性和采购路径;医疗买家关心合规、患者体验和数据共享信任;品牌和雇主关心转化、欺诈和已验证属性的效用。因此,同一平台横跨多个买家类别,但每条赛道的采用触发因素、预算所有者和竞争替代品不同。[CM011, CM012, CM013, CM014, CM018, CM019]
| 细分 | 买方 | 用户 | 付款方 | 流程 | 预算负责人 | 采用触发点 |
|---|---|---|---|---|---|---|
| 联邦税务和福利访问 | 机构数字服务或欺诈项目负责人 | 纳税人、受益人或申领人 | 联邦机构 | 创建账户、验证身份、登录、恢复账户,并跨服务复用凭证 | 项目运营 / 数字服务 / 防欺诈 | 降低欺诈,同时让公民仍能顺利访问 |
| 州劳动力与公共福利访问 | 州劳动力或福利主管部门 | 居民或申领人 | 州机构 | 一次性身份核验、重复登录,以及减少申诉 / 支持负担 | 机构运营和居民服务预算 | 降低欺诈、积压和支持负担 |
| 医疗患者与受益人访问 | CMS、支付方、服务提供方或医疗平台 | 患者或受益人 | 医疗组织或政府机构 | 身份核验、患者门户访问和跨项目凭证复用 | 数字医疗 / 患者访问 / 合规 | 互操作性和安全数字访问 |
| 雇主与劳动力 / 福利身份 | 雇主人力、安全或福利管理员 | 员工、承包商或申请人 | 雇主 | 访问敏感流程前证明身份或状态 | 人力 / 安全 / 运营 | 降低敏感流程中的欺诈和帮助台成本 |
| 消费品牌与社区验证 | 商户、品牌或会员体系负责人 | 消费者 | 品牌或商户 | 核验军人、学生、护士等身份,只共享必要属性 | 增长、防欺诈或社区营销预算 | 提升信任,同时尽量压低结账或验证摩擦 |
| 受监管企业与平台集成 | 产品、安全或合规团队 | 终端客户 | 企业客户 | 将核验、钱包或身份网关嵌入现有应用栈 | 安全 / 产品 / 合规 | 不从零搭核验,也能满足保证要求 |
各行按谁拥有工作流和预算拆分细分市场经济性。同一可复用凭证可以跨细分市场流转, 但采用触发点会随付款方和合规负担大幅不同。
[CM011, CM012, CM013, CM018, CM029, CM032]这张矩阵突出:即便底层是同一个可复用凭证,不同细分市场的决策标准也会变化。
[CM014, CM018, CM019, CM020, CM030, CM034]2.4 增长驱动、采用约束与关键缺口
这个品类最强的增长驱动来自持续的欺诈压力、政府和受监管流程数字化,以及复用已验证身份、避免反复人工核验的价值。MarketsandMarkets 和 Grand View Research 都把网络犯罪、身份盗窃和合规列为需求引擎;CMS 和 Medicare 的表述也显示,现代化和互操作性已经成为公共部门的明确购买动机。ID.me 还受益于 Carahsoft 带来的采购杠杆、与主流身份栈的技术兼容性,以及案例研究显示买家上线后能提升服务水平、降低支持成本。但约束同样重要。高保证核验不是轻量插件:集成工作、合规审查、人工兜底和包容性路径都会推高服务成本。隐私和信任仍是结构性门槛,因为监管机构、立法者、民权组织和媒体持续审视面部识别、生物识别留存和 AI 监督。多供应商竞争也很真实。Login.gov 仍是联邦访问中的替代方案,FedScoop 报道 CMS 也在 Medicare 流程的一部分使用 CLEAR;Sacra 还强调 Apple、Google 和企业身份套件带来的长期平台风险。结论是,市场有强劲长期顺风,但在毛利、政策耐久性或干净的可获取份额假设上,没有免费通行证。[CM007, CM017, CM018, CM019, CM020, CM028]
| 驱动因素 / 约束 | 方向 | 时点 | 含义 | 尽调问题 |
|---|---|---|---|---|
| 身份欺诈、网络犯罪和 KYC/AML 压力 | 驱动因素 | 当前 + 持久 | 受监管行业会更优先为高保证身份核验安排预算 | 按对欺诈敏感的工作流和合规制度拆分需求 |
| 政府数字服务现代化与互操作性 | 驱动因素 | 当前 + 中期 | 支撑 CMS、IRS、SSA、VA 及相关项目扩张 | 梳理哪些机构要可复用的跨项目凭证,哪些只要点状方案 |
| 可复用凭证和钱包网络效应 | 驱动因素 | 当前 + 持久 | 如果大量用户已完成验证,后续依赖方的获客摩擦可能更低 | 要求提供复用率、重复登录和跨依赖方转化的队列数据 |
| API 优先与云集成模式 | 驱动因素 | 当前 + 中期 | ID.me 能嵌进现有身份栈时,企业嵌入会更可行 | 按细分市场测算平均集成时间和对合作伙伴的依赖 |
| 实施成本、人工审核和包容性运营 | 约束 | 当前 | 相比更轻量的 API,高保证和兜底路径可能抬高服务成本 | 按工作流索取毛利率和人工审核强度 |
| 隐私、生物识别留存和 AI 监管审视 | 约束 | 当前 + 政策敏感 | 信任出问题会拖慢采购、触发监督,或限制用户接受度 | 审查删除控制、可审计性和反向政策暴露 |
| 替代方案和多供应商工作流 | 约束 | 当前 + 中期 | 即便 ID.me 在场,Login.gov、CLEAR 和平台原生钱包也能拿下部分工作流 | 量化买方同时使用多家供应商时的工作流份额和续约风险 |
| 公共部门集中度和采购节奏 | 约束 | 当前 | 大型公共部门交易能撑起规模,也会带来集中度和政策风险 | 要求提供垂直收入结构、最大客户暴露和采购管线时点 |
表中同时放入品类层面的需求驱动因素和买方特定采用约束,因为 ID.me 卖进的是 受监管工作流,而不是一个同质的软件市场。
[CM007, CM017, CM018, CM028, CM029, CM030]采用从欺诈或合规压力开始,经过采购与集成;只有凭证被复用、买方看到可衡量 ROI,价值才会复利。
[CM014, CM019, CM020, CM028, CM032, CM033]2.5 核心展示
03竞争格局
3.1 直接同行、相邻套件与可能替代品
ID.me 的竞争场域比一份简单的身份验证供应商名单更宽,因为买家可以用多种方式完成同一任务。最接近的直接同行是 Persona、Socure、Jumio 和 Trulioo 等 API 优先的身份与欺诈平台,它们都强调可配置入门、KYC/KYB、证件或生物识别检查,以及可编程流程。只要买家把身份视为交易型验证层,而不是可携带钱包或可复用凭证,这些供应商就会与 ID.me 重叠。Auth0 从另一个方向竞争:它大规模销售 CIAM 和登录基础设施,开发者工具强、公开定价清晰、装机基础信誉广,但不提供消费者钱包或政府级可复用身份网络。CLEAR1 和 Login.gov 重要,因为它们是可见的公共部门替代品。SheerID 范围更窄,但在已验证属性电商中仍有相关性,因为它解决优惠和资格验证,而不要求买家采用 ID.me 更宽的钱包模式。[CP001, CP004, CP008, CP013, CP016, CP019]
| 竞争对手 | 类别 | 规模 / 公开信号 | 目标客户 | 产品范围 | 战略方向 | 相对 ID.me 的局限 |
|---|---|---|---|---|---|---|
| Persona | API 优先的直接同业 | 私营供应商,公开价格从每月 USD 250 起 | 金融科技、市场平台、数字医疗、政府、受监管入驻团队 | 模块化 KYC/KYB、年龄保证、劳动力 IDV、防欺诈编排 | 从模板化自助服务扩展到可配置和企业级身份项目 | 暂无公开证据显示其有可复用跨机构钱包或广泛公共部门凭证网络 |
| Socure | API 优先的直接同业 | Launch 自助定价,加上企业销售动作和 FedRAMP 授权的公共部门覆盖 | 金融科技公司、银行、发起银行、政府、高等教育 | 身份验证、防欺诈、eCBSV、生物识别、图谱智能、制裁筛查、编排 | 把 AI 驱动的风险和欺诈捕获同时接入自助与企业部署 | 公开定位最强的是欺诈决策,而不是消费者持有的可复用身份 |
| Jumio | 全球身份验证同业 | 声称有数十亿笔交易、数千万个已知身份、5K plus 身份证件类型 | 受监管行业的全球入驻团队 | 验证、AML、风险评分、编排、分析、API 和 SDK | 销售可配置的全球身份智能,并扩展到有限的可复用身份 | 公开入口以演示为主,可见的公共部门凭证叙事弱于 ID.me |
| Auth0 / Okta | 既有 IAM / CIAM 替代方案 | 每月 10B plus 次认证,并提供公开自助定价 | 消费应用、联网设备、企业开发团队 | 登录、SSO、MFA、无密码、机器人检测、集成、可扩展性 | 将客户身份打包进更广的开发者和企业身份工作流 | 针对 CIAM 和账户编排优化,而不是跨机构与品牌的可复用核验 |
| Trulioo | 全球入驻与 KYC 同业 | 私营全球身份平台,销售以演示带动 | 跨境入驻、支付、交易、市场平台、受监管服务 | 个人验证、KYC 数据和文件、电子身份、企业验证、防欺诈智能 | 在最看重全球覆盖和工作流灵活性的场景拿单 | 公开信息未显示消费者钱包或透明入门价格 |
| CLEAR1 | 公共部门与医疗替代方案 | 官方信息显示 41mm plus 现有用户,并入选 Medicare | 医疗、劳动力、客户入驻、账户恢复买方 | 多信号身份验证、劳动力和患者工作流 | 将可信生物识别品牌延展到企业身份和 Medicare 相邻工作流 | 广泛跨机构复用的证据少于 ID.me,企业销售仍以报价带动 |
| Login.gov | 政府替代方案 | FedRAMP Moderate ATO 和官方机构合作伙伴模式 | 联邦、州、地方和属地机构 | MFA、认证、身份验证、SAML 和 OIDC 集成 | 作为政府拥有的登录基础设施服务机构项目 | 政府合作之外,不能作为商业、商务或医疗钱包使用 |
| SheerID | 相邻的已验证属性替代方案 | 声称覆盖数百个品牌和 200K plus 权威数据源 | 零售、媒体、旅游、电信、消费应用、会员和优惠团队 | 受众资格验证、优惠保护、已验证客户数据采集 | 将已验证身份转化为营销、会员和优惠保护工作流 | 在高保证身份、跨机构登录和公共部门凭证上比 ID.me 窄 |
公开来源对竞争对手类别、产品范围和 GTM 姿态的支撑强于实际合同规模。因此, 规模单元格使用最强的可支撑公开信号,而不是强行统一成收入或融资数字。
[CP004, CP008, CP013, CP016, CP020, CP022]| 购买标准 | ID.me | Persona | Socure | Jumio | Auth0 | CLEAR1 | Login.gov | SheerID |
|---|---|---|---|---|---|---|---|---|
| 可复用跨依赖方身份 | 强 | 有限 | 有限 | 起步但有限 | 低 | CLEAR 网络内中等 | 仅政府内部中等 | 低 |
| 高保证公共部门凭证 | 强 | 中等 | 强 | 中等 | 低 | 中等 | 强 | 低 |
| 开发者可配置工作流和 API | 中等 | 强 | 强 | 强 | 强 | 中等 | 中等 | 中等 |
| 防欺诈与风险编排广度 | 中等 | 中等 | 强 | 强 | 中等 | 中等 | 低 | 低 |
| 商业已验证属性和资格用例 | 强 | 中等 | 低 | 低 | 低 | 低 | None | 强 |
| 消费者网络和品牌分发杠杆 | 强 | 低 | 低 | 低 | 借助 Okta/Auth0 资产较强 | 强 | 仅政府内部较强 | 商业受众中等 |
| 包容性辅助恢复和兜底支持 | 强 | 中等 | 中等 | 中等 | 低到中等 | 中等 | 中等 | 低 |
评级是有证据支撑的方向性判断,不是实验室基准。矩阵把可复用身份、公共部门保证 和开发者可配置性拆开,因为这些是 ID.me 买方最核心的取舍。
[CP001, CP002, CP005, CP009, CP013, CP016]按序数比较 ID.me 与直接同行、替代方案在可复用身份强度和部署可配置性上的位置。
轴值为 1-5 序数评分,来自公开定位、定价和替代证据,不是经审计的市场份额。
[CP001, CP016, CP020, CP022, CP026, CP030]矩阵说明 ID.me 为什么靠复用和高保证身份胜出,而 API 优先的对手在可配置性和透明试用动线上更强。
[CP005, CP006, CP009, CP013, CP019, CP026]3.2 能力、定价与分销对比
公开证据显示,面向开发者采用的身份供应商,与面向高保证企业或政府部署的供应商之间分化明显。Persona、Socure 和 Auth0 都公开了有意义的自助或入门定价,降低了测试、集成和从小账户扩张的摩擦。Socure 和 Persona 还宣传可配置套餐,并可上探到企业定制;Auth0 则把免费和付费层级连接到企业支持。相比之下,Jumio、Trulioo、CLEAR1 和 ID.me 在公开界面上仍更偏演示或报价驱动。分销锚点同样不同。ID.me 的分销来自可复用钱包和公共部门足迹;Auth0 的分销来自开发者心智和 Okta 规模;CLEAR1 来自既有消费者生物识别网络;Socure 来自欺诈工具宽度和 FedRAMP 授权公共部门打包;SheerID 来自已验证受众电商 ROI。结果是,买家不只在选择能力,也在选择能多快试用产品、前期能拿到多少定价确定性,以及自己需要的是可复用凭证、可配置 API,还是已有用户触达的可信品牌。[CP005, CP006, CP007, CP009, CP011, CP014]
| 供应商 | 公开定价信号 | 打包姿态 | 销售动作 | 对买方的含义 |
|---|---|---|---|---|
| ID.me | 引用信息中没有广泛公开标价 | 高保证身份钱包和机构 / 企业项目 | 以报价和采购流程带动 | 很适合复杂受监管账户,但自助发现较弱 |
| Persona | Essential 每月 USD 250 起;Growth 和 Enterprise 转为联系销售 | 分层身份平台,提供自助和定制选项 | 自助入口加企业增购 | 小团队更容易试用,同时仍能支持复杂项目 |
| Socure | Launch 标价每次评估 USD 0.80 至 USD 1.30,另有 USD 1,000 月度额度;Enterprise 定制 | 预置自助方案加完整 RiskOS 企业栈 | 自助与企业混合 | 给买方一个清晰的 API 式验证经济性基准 |
| Auth0 | 企业版之前有免费、每月 USD 35、每月 USD 240 自助方案 | CIAM 平台,带附加项和企业层级 | 产品驱动自助,再向企业扩张 | 适合想要开发者快速采用和预算清晰的团队 |
| Jumio | 引用平台页面仅提供演示 | 可配置身份智能平台 | 企业销售带动 | 最适合买方已准备好进入顾问式入驻流程的场景 |
| Trulioo | 引用产品页面仅提供演示 | 全球身份平台,提供模块化服务 | 企业销售带动 | 全球覆盖叙事不错,但公开价格透明度弱 |
| CLEAR1 | 引用页面没有公开企业标价 | 企业身份产品绑定医疗、劳动力和账户恢复用例 | 企业和合作伙伴销售带动 | 受益于品牌信任,但价格发现仍需要销售周期 |
| SheerID | 引用页面没有公开标价 | 资格验证和受众数据平台 | 以演示和联系销售为主 | 对商业优惠有吸引力,但不太适合作为受监管登录定价的直接基准 |
本表比较面向买方公开展示的打包方式,不是实际合同费率。公共部门和医疗的谈判价格 可能与标价或自助入口价格有实质差异。
[CP006, CP011, CP018, CP021, CP038, CP039]| 供应商 | 分发锚点 | 公开信任或合规信号 | GTM 动作 | 对 ID.me 的含义 |
|---|---|---|---|---|
| ID.me | 可复用钱包已用于机构、州、医疗和品牌 | IAL2/AAL2 和公共部门核验叙事 | 自上而下的受监管销售,加上消费者凭证复用 | 如果钱包接受度持续累积,网络效应会真实释放 |
| Persona | 面向开发者和创业公司的可获得性,配套可配置平台 | SOC 2 信息和按成功验证计价的逻辑 | 产品驱动入口加企业方案 | 买方先要灵活工作流、还没要钱包网络时,Persona 能赢 |
| Socure | 防欺诈工具广度、自助 Launch 和企业 RiskOS | FedRAMP 授权和公共部门采购工具 | 自助与企业混合动作 | 以欺诈捕获为核心的机构和金融科技交易中威胁很强 |
| Auth0 | Okta 装机基础和开发者触达 | 公开网站上的 99.99 percent SLA 和规模指标 | 强自助能力和企业扩张 | 任何被包装成登录和客户身份编排的新支出,门槛都会被抬高 |
| Jumio | 全球证件和身份覆盖 | 平台声称有数十亿笔交易和 5K plus 身份证件类型 | 企业顾问式销售 | 在跨境开户或欺诈驱动型部署中,是强替代方案 |
| CLEAR1 | 消费者生物识别网络,品牌信任度高 | 41mm 以上用户,并在官网列为 Medicare 选项 | 面向企业医疗和劳动力场景销售 | 在账户恢复和医疗身份流程中切入点强 |
| Login.gov | 官方政府合作伙伴模式 | FedRAMP Moderate、NIST 对齐,支持 SAML 和 OIDC | 仅走机构合作路径 | 机构偏好政府自有基础设施时,会压制 ID.me 在公共部门的上行空间 |
| SheerID | 商务和忠诚度项目,拥有数百个品牌关系 | 200K 以上权威数据源,并有结果导向的案例 | 营销和权益项目销售路径 | 守住已验证属性商务这个细分市场,但不具备 ID.me 更大的钱包野心 |
这个品类的分发来自不同资产:有的供应商从用户网络起步,有的靠开发者、欺诈工具或政府认证切入。资产组合决定获胜率,也决定切换成本。
[CP002, CP010, CP017, CP023, CP026, CP041]3.3 政府替代品与现状替代方案
公共部门赛道尤其重要,因为 ID.me 第一眼看上去最强,但仍面对可见替代品。Login.gov 不是商业身份市场,但对希望采用政府自有伙伴模式的机构来说,它是真实替代方案,并提供 MFA、SAML/OIDC 集成和 FedRAMP Moderate 授权。SSA 和 VA 都明确同时支持 Login.gov 和 ID.me,这意味着机构和终端用户已经可以在多个登录系统之间多归属,而不是把 ID.me 视为排他标准。CLEAR1 也重要,因为 Medicare.gov 也没有统一到单一身份供应商:CLEAR 称自己被 Medicare 选中,FedScoop 报道 CLEAR 负责账户创建和恢复,而 ID.me 支持验证和登录。这种共存削弱了任何简单的赢家通吃叙事。现状替代方案也仍以机构专属恢复、采购和合规决策形式存在,因此高保证身份仍是凭证政策、减欺诈、互操作性和支持路径要求共同塑造的采购,而不是一套统一市场打法。[CP024, CP025, CP026, CP027, CP028, CP029]
| 替代方案 | 公开来源中的可见位置 | 买家可能选择它的原因 | 相比 ID.me 的约束 | 竞争含义 |
|---|---|---|---|---|
| Login.gov | Login.gov 合作伙伴页面;SSA 和 VA 同时支持 Login.gov 与 ID.me | 政府自有 MFA 和身份基础设施,具备 FedRAMP Moderate,并支持 OIDC/SAML | 仅面向政府,不是广泛的商业钱包 | 真实替代机构登录项目,尤其是在公共所有权重要时 |
| CLEAR1 | CLEAR1 官方 Medicare 声明,加上 FedScoop 的 Medicare 报道 | 消费者生物识别品牌强,定位覆盖账户恢复、医疗和劳动力场景 | 公开证据较少,无法证明凭证可在多机构间广泛复用 | 可与 ID.me 共存,并削弱医疗和恢复流程中的钱包独占性 |
| 机构或州自建的现状方案 | IRS、SSA 和 VA 仍通过自身账户流程和 MFA 政策页面界定身份 | 把控制权留在现有门户和政策内 | 在可携带性、复用和私营部门连续性上往往更弱 | 拖慢“单一私营钱包成为通用前门”的叙事 |
| Socure 公共部门打法 | 通过 FedRAMP 授权的联邦与州 / 地方页面,并列出采购载体 | 面向机构主打欺诈降低和 AI 决策 | 公开页面没有可比的消费者钱包复用故事 | 当欺诈拦截优先级高于凭证可携带性时,会威胁 ID.me |
| API 优先的全球供应商 | Persona、Jumio 和 Trulioo 都主打可配置的开户、KYC 和全球验证 | 工作流灵活,覆盖跨境,并能接入开发者 | 机构登录标准化的公开证据较弱 | 现代化项目更想要组件而非品牌钱包时,这类供应商最重要 |
| IAM 和 CIAM 套件 | Auth0 公开的 CIAM 页面和定价 | 试用容易,已有企业关系,登录功能集合宽 | 设计目标不是可复用的公共福利钱包 | 可吸收部分购买标准,降低买家新增专用身份层的意愿 |
本表聚焦能拿走同一预算全部或部分份额的替代方案。这里同时列入供应商和现状方案,因为机构解决身份问题时,并不总是用另一家商业供应商替换现有供应商。
[CP024, CP025, CP026, CP027, CP028, CP029]3.4 切换成本、多归属与护城河耐久性
当买家需要高保证核验、凭证复用,以及多语言协助或跨项目恢复等包容性兜底路径时,ID.me 的护城河最可信。这些功能会制造真实切换成本,因为买家替换的不只是一项证件检查,而是一个可能已经横跨多个依赖方的凭证网络、支持流程和合规工作流。但同一组证据也说明,护城河并非绝对。API 优先的身份供应商正在把品类推向编排和经常性 SaaS 经济性,让身份更容易围绕流程灵活度和开发速度进行比较。平台原生和套件供应商可能把更多登录与信任预算吸收到更大的合同里。同时,公共部门客户可以在不同旅程中同时使用 ID.me、Login.gov 和 CLEAR。最稳妥的结论是护城河耐久性中等:ID.me 在可复用、高保证身份上确有防御力,但当买家更看重速度、可配置性或套件杠杆,而不是钱包复用和包容性时,商品化风险会上升。[CP003, CP033, CP034, CP035, CP036, CP037]
| 锁定路径 | 黏性来源 | 黏性证据 | 多平台并用的出口 | 含义 |
|---|---|---|---|---|
| 可复用钱包采用 | 用户可把一个已验证凭证带到更多依赖方 | ID.me 公开强调钱包可在机构和私营实体间复用 | 买家仍可为特定工作流加入其他验证方 | 护城河有帮助,但前提是更多依赖方持续接受该钱包 |
| 高保障合规姿态 | 项目不愿重做保障、无障碍和支持设计 | ID.me、Login.gov 和机构页面都用标准与 MFA 选择来界定身份 | 机构可把部分流程转到 Login.gov 或分层供应商 | 合规带来惯性,但不保证独占 |
| 恢复与支持运营 | 多语言恢复、辅助验证和视频兜底很难快速重建 | ID.me 与 CLEAR 都强调监管工作流中的恢复和支持价值 | Medicare 显示,恢复流程可以按旅程拆分 | 运营支持有黏性,但买家仍可切分技术栈 |
| API 与工作流配置 | 工程团队会把真实时间投入定制集成和策略逻辑 | Persona、Socure、Jumio、Trulioo 和 Auth0 都主打可编程身份层 | 若身份被视为组件,竞品 API 可以相互替换 | API 占比高的账户,耐久性可能不如钱包驱动账户 |
| 已验证属性和忠诚度项目 | 营销项目会长期复用同一套受众逻辑和优惠 | SheerID 在已验证受众商务中给出强商业证据 | 商务买家可选择更窄的已验证属性工具,而非完整身份钱包 | 即便有钱包卡片,ID.me 也没有完全占住这条赛道 |
| 采购和伙伴渠道 | 联邦和企业买家常依赖获批采购载体和熟悉的伙伴 | Socure 列出采购载体;Login.gov 是官方方案;ID.me 有机构覆盖 | 新进入者仍可通过相邻合同或打包套件进入 | 渠道准入抬高门槛,但不足以挡住侧翼进入者 |
切换成本证据在监管运营和可复用身份中最强,但公开记录也显示,买家可按工作流、受众或采购路径清晰地多平台并用。
[CP001, CP002, CP025, CP026, CP028, CP031]| 护城河或风险 | 证据 | 威胁来源 | 严重性 | 尽调要点 |
|---|---|---|---|---|
| 可复用的高保障钱包是真正差异化 | ID.me 和 Sacra 都强调价值不止一次性检查,而在复用 | 若依赖方接受度停滞,钱包价值会下降 | 中 | 按垂直行业衡量复用频率、依赖方增长和重复登录变现 |
| 政府和医疗立足点带来信任与分发 | ID.me 公开声称已有机构和医疗规模 | Login.gov 和 CLEAR 显示,同一批买家仍可采用替代方案 | 高 | 获取当前机构层面独占部署与共享部署的拆分 |
| 透明 API 定价会重置买家预期 | Persona、Socure 和 Auth0 都公布自助入门价格 | 较小或中端市场买家可能拿 ID.me 与更便宜或更容易试用的方案比较 | 中 | 量化有多少交易因其他地方更容易发现价格而在采购前流失 |
| Medicare 证明多平台并用,而非赢家通吃 | CLEAR 官网和 FedScoop 都显示其与 ID.me 共存 | 类似拆分部署可能出现在其他公共项目 | 高 | 请求 CMS、SSA 和 VA 账户旅程的范围、量级和续约细节 |
| API 优先和编排迁移可能让单点身份检查商品化 | Future Market Insights 指出,API 优先 SaaS 和编排正成为收入重心 | 买家想要组件而非网络时,Persona、Socure、Jumio 和 Trulioo 竞争力强 | 高 | 测试 ID.me 靠复用赢单的频率是否足以抵消低摩擦 API 竞争 |
| 平台原生和套件供应商可能吸收身份预算 | Sacra 强调 Apple、Google 和企业套件是长期替代风险 | 更宽的平台可把专业厂商挤到边缘场景或备用流程 | 中 | 跟踪移动凭证、套件捆绑或政府自有基础设施是否降低对第三方钱包的需求 |
严重性反映的是 ID.me 竞争耐久性的承销风险,而非被替代的确定性。公开证据支持“中等护城河且压力点清晰”的判断,而不是赢家通吃的市场结构。
[CP033, CP034, CP035, CP036, CP037, CP038]用一张紧凑的尽调视图看 ID.me 当前的竞争准备度,以及替代风险最容易暴露的位置。
[CP033, CP034, CP035, CP039, CP042]3.5 核心展示
04财务
4.1 收入模型:横跨公共与私营部门的可复用身份结果
ID.me 的收入模型更像交易与复用驱动的身份网络,而不是按席位收费的 SaaS 供应商。Sacra 称,身份验证成功时客户付费,已验证凭证被用于登录和属性检查时客户继续付费。公司官方公告让这条复用回路具象化:ID.me 称 2024 年新增 20.4 million 个钱包,支撑 409 million 次成功登录,并在 2025 年末达到 152 million 至 157 million 用户。钱包、IRS、SSA、VA 和 CMS 界面都强化了同一商业逻辑:一旦用户拥有已验证凭证,下一个机构或企业就可以接受该凭证,而不必强迫用户完整重走流程。这对收入质量有利,因为装机基础可以复利增长,公司不必从零重新获取每个用户。负面是,公开证据仍未披露按垂直行业确认的收入、按客户类型实现的定价,或首次验证、经常性登录和属性验证收入之间的拆分。[CI001, CI002, CI003, CI004, CI005, CI006]
| 收入流 | 机制 | 单位 | 当前值 / 状态 | 质量 | 尽调要点 |
|---|---|---|---|---|---|
| 联邦机构身份核验和登录 | 机构合同覆盖初始核验和可复用凭证登录 | 验证事件 / 登录 | IRS、SSA、VA 以及现在的 CMS/Medicare.gov 显示联邦需求;具体收入占比未披露 | 中 | 按机构、任务订单和重复登录量索取收入。 |
| 州劳工和福利机构 | 福利访问身份核验,兼顾欺诈降低和服务 ROI | 验证事件 / 续约 | 2025 年末材料披露 45-50 个州机构;VEC 案例研究给出量化采用率和支持节省 | 中 | 索取州机构收入集中度和续约时间表。 |
| 医疗机构 | 患者访问、确定性匹配和受监管的数据访问工作流 | 账户 / 验证事件 | 披露 70+ 家医疗机构;CMS 扩张增加联邦医疗可信度 | 中 | 索取医疗 ARR、实施范围和与报销挂钩的使用量。 |
| 消费品牌和社群验证 | 面向军人、学生、护士和其他社群福利的属性检查 | 订阅和 / 或按验证付费 | 披露 600+ 个品牌和 500+ 家雇主,但实际变现未公开 | 中 | 索取品牌 / 雇主收入结构、附加率和留存队列。 |
| 跨部门凭证复用 | 已验证一次的凭证复用于未来登录和资格检查 | 成功复用身份结果 | 2024 年 409M 次成功登录和 20.4M 个新钱包显示活动规模在累积放大 | 中 | 索取从首次核验到经常性复用事件的收入桥。 |
| 渠道驱动的政府采购 | Carahsoft 和基于采购目录的转售拓宽获客路径,而不是改变终端用户工作流 | 任务订单 / 转售商合同 | Carahsoft、GSA Schedule 和 ITES-SW2 扩大采购路径;终端定价仍为私有信息 | 低 | 索取转售商经济性、折扣和渠道利润率结构。 |
公开证据支持这些变现场景和客户垂直行业,但无法支持按收入流拆分的已确认收入结构。
[CI001, CI002, CI003, CI004, CI006, CI007]| 产品 / 变现路径 | 价格 / 单位 / 合同 | 标价 vs 实际成交价 | 折扣 / 未知项 | 来源 |
|---|---|---|---|---|
| 联邦 IAL2 核验合同 | Sacra 描述多年协议下按成功验证计费的经济性 | 仅实际成交价 | 任务订单定价、量级阶梯和罚则未公开 | Sacra + 政府合同报道 |
| 商业属性验证 | Sacra 描述订阅层级和 / 或按验证付费定价 | 仅实际成交价 | 留存的公开资料中,没有 ID.me 价目卡显示标准标价 | Sacra + 已审阅的官方页面 |
| 可复用凭证登录 | 变现似乎与重复成功身份结果绑定 | Unknown | 按登录或按认证计费的经济性未披露 | Sacra + 官方钱包 / 机构页面 |
| 医疗访问工作流 | 从 Medicare.gov 和医疗部署推断为定制合同定价 | 仅定制企业价 | 实施、匹配和支持费用未公开 | CMS 发布 + FedScoop + 合规页面 |
| 政府渠道采购 | 转售商和采购目录载体塑造采购路径,不一定决定终端用户价格 | 基于采购载体、按客户定制 | 渠道折扣、转售商利润率和混合实现价未知 | Carahsoft + GovConWire |
本次审阅的 ID.me 公开材料没有发布广泛适用的标价卡;公开证据反而指向定制合同和使用量挂钩变现。
[CI003, CI004, CI005, CI011, CI012, CI013]ID.me 把一次性身份核验转化为跨行业的重复登录和属性验证活动。
该桥接图只表示方向,因为 ID.me 未按验证步骤披露确认收入。
[CI001, CI002, CI003, CI004, CI006, CI007]4.2 GTM 与合同经济性:采购驱动分销,排他性不一
政府采购是公开记录中最清晰的 GTM 引擎。Carahsoft 通过经销伙伴、GSA Schedule 和 ITES-SW2 扩大触达;VA 和 VEC 案例研究则显示,合规可信度和可量化服务结果可以把实施胜利转化成续约故事。合同证据也说明,投资人应区分管线和已入账收入。GovConWire 报道 IRS 一揽子采购协议到 2030 年最高 $1 billion;FedScoop 则把 CMS Medicare.gov 扩展描述为 HHS 合同的一部分,金额约 $5 million。两者都有经济意义,但代表的货币化阶段完全不同。上限型合同工具代表预算入口和战略重要性,并不保证收入确认。竞争进一步限制定价权。SSA 明确允许 Login.gov 或 ID.me 二选一,FedScoop 报道 CLEAR 也会支持 Medicare.gov 身份流程。这种共存说明,ID.me 的 GTM 强项来自信任、合规和复用,而不是垄断式联邦排他性。[CI012, CI013, CI014, CI015, CI016, CI017]
4.3 成本结构与单位经济性:包容性和合规推高交付成本
公开证据显示,ID.me 的毛利率路径取决于两件事:有多少用户能留在自动化流程里,以及多少量仍会升级到成本更高的人工审核。服务可能要求证件上传、自拍或活体检测、SSN 校验、MFA 和可复用凭证签发。官方帮助内容显示,视频通话验证可能需要多份证件和真人客服审核;安全页面则强调受监督的远程或线下路径,避免自动化失败的用户被排除。这种包容性优势在政府采购中有商业价值,但几乎肯定会增加纯 API 供应商不用承担的人工成本。固定成本也不低。ID.me 描述了专职安全人员、FedRAMP 托管基础设施、加密、年度审计和多项 NIST/Kantara 控制。GAO 和 Biometric Update 显示,IRS 会从 ID.me 收到详细的通过率和流失仪表盘,这意味着公司在运营层面衡量单位经济性,即便没有公开披露。投资人能看到成本栈的大致形状,但看不到实际毛利率或回本测算。[CI021, CI022, CI023, CI024, CI025, CI026]
| 指标 | 数值 / 空值 | 置信度 | 重要性 | 尽调要点 |
|---|---|---|---|---|
| 2023 年收入估计 | 130 | 中 | 2024 年前规模最好的留存公开收入锚点 | 索取经审计的 2023 年收入和已确认收入桥。 |
| 2024 年收入估计 | 150 | 低 | 表明 2023 年估计后增长仍在继续 | 索取经审计的 2024 年收入和垂直行业结构。 |
| 2024 年成功登录 | 409 | 高 | 显示可能驱动经常性变现的复用规模 | 按客户类型索取登录到收入的转换率。 |
| 2024 年新钱包 | 20.4 | 高 | 表明可复用凭证的漏斗顶部仍在扩张 | 索取每个新钱包的获取和验证成本。 |
| 毛利率 | null | 核心问题是 ID.me 更像软件公司,还是服务占比重的供应商 | 按自动、视频和线下路径索取毛利率。 | |
| 人工兜底率 | null | 影响劳动强度和支持成本的最重要缺失驱动因素 | 索取升级到视频或线下审核的用户占比。 | |
| CAC / 回本周期 | null | 需要用来判断政府和商业 GTM 效率 | 按细分市场索取全口径销售和营销支出。 |
公开证据不足以支撑审慎承销单位经济时,空值是有意保留的。
[CI010, CI021, CI022, CI023, CI024, CI026]ID.me 公开可见的成本结构由自动化、人工兜底和合规开销拼成。
人工兜底占比和利润贡献不公开,因此该桥接图是定性判断。
[CI021, CI022, CI023, CI024, CI025, CI026]4.4 资本充足性与最终判断:融资可信,投资判断信息不完整
短期资本可得性看起来充足,但尚未完全尽调。ID.me 宣布 2025 年 $340 million 融资,估值超过 $2 billion;Sacra 称其中包括 $65 million 股权和 $275 million 信贷额度。这足以说明公司仍获得投资人和贷款人支持,尤其是在 IRS 和 CMS 合同动能延续的背景下。收入估算也有建设性方向:Sacra 估计 2023 年收入为 $130 million;MicroVentures 报道 2024 年收入为 $150 million,并复述管理层称截至 2024 年增长超过 450%。但这些数字都未经审计,也未分部披露;已保留的公开来源没有披露手头现金、月度烧钱、现金续航、债务契约或客户集中度。市场报告和公开身份软件可比公司支持长期需求,以及 API 优先经常性模型的吸引力;但 ID.me 自身证据基础仍更像合同驱动、服务偏重,而不是纯软件。投资判断因此是:需求、分销和新融资为正面;但在产品级毛利、集中度和资产负债表披露可见之前,对估值支撑保持谨慎。[CI030, CI031, CI032, CI033, CI034, CI035]
| 项目 | 公开证据 | 当前值 / 状态 | 含义 | 尽调路径 |
|---|---|---|---|---|
| 2025 年新融资 | 官方公告加 Sacra 拆分 | 总计 $340M;Sacra 称包括 $65M 股权 + $275M 信贷额度 | 支持近期扩张,并传递贷款方 / 投资方支持信号 | 索取已签署信贷协议和 Series E 股权结构表。 |
| 最新估值信号 | 官方公告 | 超过 $2B | 估值仍有机构支持,但准确估值未公开 | 索取投后估值和稀释时间表。 |
| 累计融资 | Sacra 估计 | 创立以来约 $500M | 表明已有大量资本投入平台 | 索取完整融资台账,并按债务 vs. 股权拆分。 |
| 大型联邦合同载体 | GovConWire 关于 IRS BPA 的报道 | 到 2030 年上限最高 $1B | 表明战略相关性,但不保证收入或现金 | 索取已义务化 vs. 剩余 BPA 金额和任务订单节奏。 |
| 更广的 HHS / CMS 收入基础 | FedScoop 关于 Medicare 扩张的报道 | USASpending 引用约 $5M HHS 合同 | 显示医疗扩张在放量前可能先以较小合同金额起步 | 索取 CMS/HHS 收入确认和扩张假设。 |
| 现金、烧钱速度、现金跑道和债务契约 | 未公开披露 | 近期充足性只能推断,无法直接衡量 | 索取最新资产负债表、月度烧钱速度、现金跑道模型和契约。 |
公开融资证据有意义,但仍缺少直接资产负债表可见度。
[CI013, CI014, CI015, CI034, CI035, CI036]| 缺失的私有指标 | 影响 | 精确尽调路径 |
|---|---|---|
| 按机构和商业队列拆分的实际成交价 | 没有它,投资者无法区分竞争胜率和经济质量 | 索取合同排期、价格手册,以及按细分市场拆分的实际 ASP。 |
| 2025 年收入 / ARR / 细分结构 | 需要用来判断业务是否仍由政府驱动,还是正变得更均衡 | 索取 2025 年管理账和递延收入桥。 |
| 按验证路径拆分的毛利率 | 需要判断人工兜底和合规成本是否压过软件经济性 | 索取自动、视频和线下验证的毛利润拆分。 |
| 现金余额、烧钱速度、现金跑道和债务条款 | 需要测试 2025 年融资是否真的移除资金风险 | 索取最新现金报表、预算、现金跑道模型和信贷协议。 |
| 客户集中度和续约时间表 | 需要判断对联邦采购周期或单一机构压力的暴露 | 索取前 10 大客户、收入占比和续约日历。 |
| 登录复用变现和队列留存 | 需要证明钱包网络效应能转化为耐久的经常性收入 | 索取队列留存、重复登录收入,以及按垂直行业拆分的交叉销售转化。 |
要从方向性信心走向高置信度承销,至少需要补齐这些缺失数据点。
[CI005, CI027, CI033, CI038, CI039, CI043]公开证据只能支撑方向性的财务区间,不能支撑经审计的精确数字。
这些是已披露或第三方报道的公开数字;没有一个可以替代经审计的收入或现金流披露。
[CI013, CI014, CI030, CI031, CI034, CI035]ID.me 有可见的融资支撑,但资产负债表上最关键的变量仍不透明。
[CI015, CI037, CI038, CI039, CI043, CI045]05产品与技术
5.1 产品交付与用户流程
从客户流程看,ID.me 销售的是可复用数字身份钱包。个人创建一次账户,用 MFA 加固,完成高保证核验步骤,然后同意把已验证数据回传给政府机构、医疗站点、雇主或消费品牌。公司并不把钱包只呈现为登录容器:同一个界面用于政府访问、社区身份卡和属性共享。最强的流程证据来自政府用例,用户旅程很明确。依赖方把用户引导到 ID.me,用户创建或复用钱包,完成 MFA,上传证件和 SSN 证据,然后自助完成,或升级到短时视频、延长视频或线下核验,最后返回伙伴网站同意释放数据。这一流程足够具体,可以把产品判断为身份与属性经纪层,而不只是凭证保险箱;但公开材料仍未披露各路径转化率、步骤流失率或辅助验证的人员服务水平。[CE001, CE002, CE003, CE004, CE005, CE006]
| 模块 / 资产 | 主要用户 | 状态 / 成熟度 | 差异化 | 尽调缺口 |
|---|---|---|---|---|
| 可复用身份钱包 | 个人和依赖方 | 已广泛部署 | 一次性身份核验,凭证可跨站复用 | 未公开按路径拆分的转化率或服务水平 |
| Identity Gateway 和联合身份层 | 政府机构和企业集成方 | 有公开文档 | OIDC、SAML、OAuth 2.0、PKCE 和 API 集中在同一文档入口 | 未公开速率限制、租户模型或故障切换设计 |
| 社群 / 属性验证卡 | 商户、雇主、政府机构、终端用户 | 已上线生产入口 | 钱包从身份延伸到军人、护士、学生等可复用状态卡 | 未公开按垂直场景拆分的独立采用情况 |
| 移动 SDK 和示例集成 | 移动开发者 | 公开产物仍在活跃维护 | Chrome Custom Tab 认证、加密存储、令牌刷新、JWT 校验 | GitHub Packages + PAT 要求增加了接入摩擦 |
| 辅助核验路径 | 信用资料薄或自助核验失败的用户 | 已在公开部署中运行 | 短视频、延长视频和线下选项比纯自动化更能覆盖边缘用户 | 未公开人员配置模型或排队时长 SLA |
成熟度指公开证据能证明的产品界面,不是经过审计的模块附着率或商业渗透率。
[CE001, CE002, CE003, CE007, CE010, CE016]| 用户任务 | 当前工作流 | ID.me 方案 | 可量化收益 | 局限 |
|---|---|---|---|---|
| 访问 IRS 在线账户 | 创建并加固账户、证明身份,再按服务逐次登录 | 两段式设置,一个 ID.me 账户可在多数 IRS 账户和服务中复用 | 一个已验证账户可复用于多个 IRS 服务 | IRS 仍依赖单一供应商完成 IAL2 核验 |
| 为 VA.gov 完成验证 | 访问福利前完成在线身份验证 | 标准证件走自助流程,另有视频或线下兜底路径 | 一次性验证通常约 10 分钟 | 证件和 MFA 要求仍可能把部分用户挡在外面 |
| 申请 Virginia 失业救济 | 欺诈控制和客服负担拖慢福利获取 | 可复用钱包,加上自助、视频聊天和线下核验 | VEC 披露线上使用量提高 173%,来电量下降 57% | 结果来自一份公开案例研究,不是广泛基准 |
| 自 2026 年起登录 Medicare.gov | SSA、VA 和 CMS 触点各用一套凭证 | 复用现有 ID.me 凭证,配合高保证匹配和多语言视频支持 | 减少跨机构重复核验和服务连续性断点 | Medicare 流程已官宣,但尚未在生产环境中被广泛观察 |
收益来自公开工作流结果或机构 / 公司表述,不是独立的队列级转化研究。
[CE004, CE005, CE006, CE018, CE019, CE021]公开资料记录了从创建钱包,到核验、同意授权,再到凭证复用的用户流程。
[CE004, CE005, CE006, CE018]5.2 集成界面与运营架构
ID.me 的公开技术界面比消费者钱包落地页暗示的更宽。开发者文档列出 OIDC、SAML、OAuth 2.0、PKCE、Shared Signals Framework、Applications API、Document Passback API、Events API、Services API、Identity Gateway、Digital Wallet、Work Authentication、Attributes Exchange 和 Attribute Matching,说明它要做的是夹在依赖方和钱包之间的联合身份层,而不是单一固定登录流程。最具体的代码级披露是 Android SDK。公开代码库和 README 显示,它支持基于 Chrome Custom Tab 的认证、OAuth PKCE 和 OIDC 模式、令牌存储与刷新、加密凭证、JWT 校验、生产与沙盒环境,以及分组策略支持。同一代码库还暴露了认证、令牌、JWT、存储、网络和演示代码的内部模块边界,比高层文档更能让外部看清集成机制。代价是后端架构仍选择性不透明:公开材料清楚标出协议界面和 SDK 模块,但没有披露核验、钱包和联合身份服务之间的内部服务拓扑、租户隔离设计、速率限制或故障域边界。[CE010, CE011, CE012, CE013, CE014, CE015]
| 层 / 组件 | 作用 | 依赖 | 风险 |
|---|---|---|---|
| 证据采集层 | 采集证件、SSN、自拍 / 视频和辅助证据 | 政府证件、SSN 可用性、带摄像头设备、辅助客服 | 覆盖和准确性取决于证件质量和路径设计 |
| 钱包 + 凭证层 | 签发并保存可复用已验证凭证和社群卡 | 持久账户、MFA 注册、经用户同意的共享模型 | 依赖方信任或用户连续性一旦断开,复用护城河就会变弱 |
| 联合身份 / API 层 | 撮合依赖方访问和属性交换 | OIDC、SAML、OAuth 2.0、PKCE、Applications / Events / Services / Document Passback API 等协议与接口 | 公开文档展示接口面,但不披露后端租户或速率控制 |
| 移动客户端层 | 将核验和登录嵌入应用 | Android SDK、GitHub Packages、重定向 URI 处理、Chrome Custom Tabs | 基于 PAT 的包安装和移动重定向正确性增加了集成摩擦 |
| 运营 + 信任层 | 托管、加固、监控并披露服务状态 | FedRAMP 授权 AWS、加密、RBAC、状态页、合规项目 | 公开控制披露强于公开架构或 SLA 细节 |
这是基于公开证据拼出的运营模型,不是内部工程图或控制叙事。
[CE005, CE010, CE011, CE012, CE013, CE014]公开栈视图从核验输入一路延伸到钱包、联邦和信任运营。
[CE010, CE011, CE017, CE032, CE046, CE049]5.3 部署、凭证复用与差异化
ID.me 产品成熟度最强的证据不是架构白皮书,而是公开部署行为。IRS、SSA、VA、Virginia 失业系统和已宣布的 Medicare.gov 上线都描述了同一套可复用凭证逻辑:用户完成一次身份核验,之后可在多个服务中复用该凭证,无需重复完整核验仪式。这种复用把钱包变成分销和数据可用性护城河。公司声称用户超过 157 million,覆盖广泛的联邦、州、医疗和商业场景;VEC 还给出了更运营化的证据,称上线后数字采用率提高、支持量下降。这种网络效应是 ID.me 区别于 API 优先验证供应商的主要方式;后者优化一次性检查。它也区别于 Carahsoft 等更宽采购渠道;这些渠道能帮助分销,但不能替代核心凭证层。同一模式也制造依赖:产品在这些情况下最有价值——机构彼此信任对方的凭证签发、用户到达时已预验证、政府继续偏好可复用中介,而不是多个本地凭证或更新的平台原生身份栈。[CE018, CE019, CE020, CE021, CE022, CE023]
| 日期 / 阶段 | 功能或里程碑 | 状态 | 含义 | 来源 |
|---|---|---|---|---|
| 2016 | VA.gov 安全认证部署,并延续旧凭证 | 已交付 | 显示早期联邦生产适配度和迁移敏感性 | 15 周年文章 / VA 案例研究 |
| 2017 | FIDO U2F 安全密钥在政府领域部署 | 已交付 | 说明其比许多同行更早押注抗钓鱼 MFA | 15 周年文章 |
| 2018 | NIST IAL2 / AAL2 认证里程碑 | 已交付 | 为联邦级复用建立保证基础 | 15 周年文章 / 合规页面 |
| 2025 | Series E 轮和信贷额度围绕 AI 驱动的欺诈防御与可复用身份展开 | 已宣布 | 资金投向欺诈工具和规模化,不只是品牌扩张 | 2025 年融资公告 |
| 2026 年初 | Medicare.gov 身份验证和登录选项 | 已宣布推出 | 将复用从 SSA/VA 延伸到 CMS 路径 | CMS 公告 / FedScoop |
| 2026 年 5 月 | 公开 GitHub 活动和 Android SDK 包版本可见 | 活跃维护信号 | 开发者界面看起来仍在维护,而非被弃置 | GitHub 组织 / Android 示例仓库 |
这里混合已交付里程碑、已宣布上线和开发者信号证据,因为公开路线图细节稀少。
[CE015, CE018, CE023, CE024, CE038, CE047]ID.me 要守住复用价值,靠的是政府机构信任、辅助核验运营、开发者集成和云运营。
[CE016, CE018, CE022, CE043, CE045]5.4 安全、隐私、可靠性与技术风险
公开信任材料足够详细,可以建立有意义的控制基线。ID.me 称其用 AES-256 和动态密钥轮换加密 PII,运行在 FedRAMP 授权的 AWS 隔离 VPC 内,并在属性释放前执行基于角色的访问、职责分离、MFA、最小数据请求和用户同意。在受监管流程中,公司还宣传符合 NIST 800-63-3 IAL2/AAL2,并覆盖 TEFCA、DEA EPCS、CCPA 和 KYC 等相邻合规界面。但风险面同样真实。IRS 专属公开材料称,自拍、视频和生物识别数据会自动删除,除非涉及可疑或欺诈活动;但 GAO 发现,IRS 仍缺少项目的可衡量目标、正式绩效评估和 AI 治理文档。Biometric Update 补充说,部分删除控制已写入合同,但监督仍高度依赖供应商证明。运营上,公开状态页显示移动钱包会发生真实事件,包括 2026 年 5 月一次故障,在修复部署前用户看到 “Couldn’t load your wallet” 错误。结论是,产品在控制和合规叙事上看起来安全成熟,但仍需要尽调 AI 治理、辅助核验运营、定价经济性和真实服务水平透明度。[CE030, CE031, CE032, CE033, CE034, CE035]
| 控制 / 信号 | 状态 | 范围 | 缺口 |
|---|---|---|---|
| 最小数据共享 + 用户同意 | 已公开描述 | 依赖方请求必要字段,用户授权释放 | 未公开逐合作方字段最小化审计 |
| 加密 + 密钥管理 | 已公开描述 | AES-256、FIPS 140-2 认证算法、动态密钥轮换 | 未公开 KMS 拓扑或轮换节奏细节 |
| 基础设施控制 | 已公开描述 | FedRAMP 授权 AWS VPC、RBAC、职责分离、MFA | 租户隔离和 DR 设计仍未公开 |
| 受监管保证与合规覆盖 | 已公开宣传 | NIST 800-63-3 IAL2/AAL2、TEFCA IAS、DEA EPCS、CCPA、KYC 等合规框架 | 审计报告和精确范围边界未公开 |
| IRS 生物特征留存控制 | 已公开描述 | IRS 称除可疑 / 欺诈活动外,自拍、视频和生物特征数据会被删除 | 公开删除声明不等于独立定期审计 |
| 独立监督 | 存在不利公开证据 | GAO 指出目标、评估流程和 AI 清单监督缺失 | 机构侧治理仍需成熟 |
| 运营透明度 | 有公开状态页 | 事件更新和修复说明公开发布 | 未公开 SLA 或周期性服务健康评分卡 |
本表把可见信任信号,与仍属私密或机构专属的深层审计、可用性和 AI 治理证据分开。
[CE030, CE031, CE032, CE033, CE034, CE035]公开证据显示,成熟度在集成接入面最强,在商业透明度和模型级基准方面最弱。
这些是基于公开披露深度作出的证据支撑型等级判断,不是内部遥测或服务评分卡。
[CE015, CE029, CE041, CE042, CE044]5.5 核心展示
06客户
6.1 客户分层与可复用钱包模型
ID.me 的客户地图很特殊,因为买家、付款方和终端用户在各细分中差异很大。在联邦和州福利中,CMS、IRS、SSA、VA、Pennsylvania DLI 和 VEC 等机构是发起客户,公民是终端用户。在医疗中,场景从患者访问病历,扩展到医疗服务方为 EPCS 证明身份,以及医护人员为伙伴优惠验证身份。在雇主和劳动力流程中,Sterling 把 ID.me 定位为招聘中的身份优先筛查层;商业和社区细分则覆盖政府雇员、医疗、医院和公司员工在数千个合作品牌中的折扣。共同主线是钱包复用。IRS、SSA、VA、Pennsylvania、VEC 和 CMS 的官方材料都描述了「验证一次」行为:已经证明身份的用户可以返回或跨服务迁移,而不用重复完整核验步骤。这是最强的公开信号,说明客户关系可以在每次部署后复利,而不是重置。[CU005, CU006, CU007, CU008, CU009, CU010]
| 细分市场 | 买方 / 用户 / 付款方 | 主要使用场景 | 点名证据 | 规模 / 战略价值 | 公开缺口 |
|---|---|---|---|---|---|
| 联邦机构和福利网站 | 买方 / 付款方:联邦机构;用户:公民、受益人或纳税人 | 高保证登录、身份核验和账户访问 | CMS、IRS、SSA 和 VA 已被公开点名 | 生产证据最深,合规护城河最强 | 未公开续约或按机构拆分收入 |
| 州劳工和福利机构 | 买方 / 付款方:州机构;用户:申领人或居民 | 福利登录、失业救济申请和身份恢复 | Pennsylvania DLI 和 VEC 有直接文档记录 | 显示钱包复用不止一个联邦项目,也保留包容性兜底路径 | 已点名州名单和逐州收入仍未公开 |
| 医疗患者和病历访问用户 | 买方 / 付款方:医疗机构或合作应用;用户:患者 | 安全患者登录、病历访问和经同意的数据共享 | OtisHealth 和 CMS/Medicare 是被点名的医疗侧证据 | 医疗把政府端安装基础延伸到持续患者访问 | 70+ 家医疗机构没有被点名名单 |
| 医疗服务提供者和医护人员 | 买方 / 付款方:医疗机构、药房工作流或零售合作方;用户:服务提供者或工作人员 | EPCS 身份核验,加上基于雇佣或执照的状态验证 | 医疗服务提供者、医疗状态和医院员工流程已公开 | 显示医疗场景不只服务患者登录,也能服务另一侧 | 服务提供者与患者用例之间的量和收入拆分未披露 |
| 雇主和劳动力筛查 | 买方 / 付款方:雇主或筛查合作方;用户:求职者或员工 | 入职前身份验证、面试欺诈防范和 I-9 相关工作流 | Sterling 是最清晰的点名证据 | ID.me 进入招聘和承包商访问场景,而不只做福利 | 除 Sterling 外,被公开点名的企业客户很少 |
| 消费品牌和社群验证 | 买方 / 付款方:零售商或品牌;用户:政府工作人员、医务专业人员、医院员工或公司员工 | 折扣资格、社群验证和电商优惠 | ID.me Shop,加上面向医疗人员和政府 / 医院员工的帮助流程 | 数千个合作方优惠被展示,说明覆盖面很广 | 多数证据来自结账或优惠流程,不是量化企业案例研究 |
细分同时覆盖赞助客户和终端用户群,因为 ID.me 销售的是可复用凭证层,不同工作流里的经济买方会变化。点名证据在政府和受监管访问细分中最强; 私营部门证据更广,但通常量化较少。
[CU006, CU017, CU018, CU021, CU022, CU023]客户旅程从发起方或合作伙伴入口开始,经过一次高保障核验,再通过跨项目复用、重复登录和相邻行业激活累积价值。
该旅程图综合了政府官方帮助页、州部署指南、医疗和雇主工作流页面,以及公司案例研究。ID.me 未发布覆盖所有细分的单一标准客户旅程图。
[CU005, CU007, CU008, CU009, CU010, CU011]6.2 采用轨迹与具名客户证据
公开采用规模已经足够严肃对待,尽管精确细分数字会随日期漂移。2025 年末到 2026 年初的来源显示,ID.me 披露了约 152 million 至 157 million 用户、76 million 至 80 million 联邦验证用户、20 至 21 个联邦机构、45 至 50 个州机构、70 多个医疗组织、500 多个雇主,以及 600 多个消费品牌或私营部门实体。最强的具名证据集在政府和其他受监管流程中。CMS 选择 ID.me 用于 Medicare.gov,IRS 通过多年 BPA 扩展,SSA 把 Login.gov 和 ID.me 设为唯二登录路径,VA 把 ID.me 作为核心凭证提供商选项,Pennsylvania 用 ID.me 做申领人验证,VEC 则把官方上线通知与后续成功案例配套呈现。公共部门福利之外,最具体的具名证据是 OtisHealth 的患者主导医疗记录访问,以及 Sterling 的雇佣筛查。这种宽度有意义,但也暴露了证据较薄的地方:私营部门品牌和雇主存在感主要来自帮助流程和商店界面,而不是大量独立描述的企业案例研究。[CU001, CU002, CU003, CU013, CU014, CU015]
| 指标 / 里程碑 | 数值 | 日期 | 来源视角 | 置信度 | 含义 | 缺失分母 |
|---|---|---|---|---|---|---|
| 数字钱包用户 | 1.39 亿用户;6500 万 IAL2/AAL2 已验证 | 2025 年公司回顾 | 官方周年文章 | 中 | 显示 Series E 前的安装基础,先于 2025 年后续扩张说法 | 未按政府、医疗或私营部门用途拆分 |
| 数字钱包用户 | 1.52 亿用户;7600 万联邦级已验证 | 2025-09-03 | 官方融资公告 | 中 | 新近规模标记,与雇主和医疗扩张说法绑定 | 缺少活跃用户或月度使用分母 |
| 数字钱包用户 | 1.57 亿用户;8000 万联邦级已验证 | 2025-12-16 | 官方 CMS 客户公告 | 中 | Medicare 上线前披露的最新用户规模 | 未拆分仅注册钱包和高频复用钱包 |
| 组织覆盖广度 | 20-21 家联邦机构、45-50 个州、70+ 家医疗机构 | 2025-09 至 2026-01 | 官方和独立报道 | 中 | 尽管日期口径有漂移,仍确认其公共部门和医疗覆盖很大 | 未公开同一日期下的数量调和 |
| 私营部门覆盖广度 | 500+ 家美国雇主和 600+ 个消费品牌 | 2025-09-03 | 官方融资公告 | 中 | 显示其从福利登录扩张到劳动力和商业 | 没有点名名单或收入集中度数据 |
| 钱包创建 | 2024 年新增 2040 万个钱包 | 2025-09-03 | 官方融资公告,Sacra 复述 | 中 | 即使已有规模,新客户获取仍然强劲 | 未披露 CAC 或增长来源组合 |
| 重复使用 | 2024 年成功登录 4.09 亿次,同比增长 44% | 2025-09-03 | 官方融资公告,Sacra 复述 | 中 | 比客户标识数量更能代表耐久性,因为它反映回访使用 | 未按细分、客户或付费事件类型拆分 |
| 雇主复用代理指标 | 超过三分之一求职者已通过 ID.me 验证 | 2023-07-18 | Sterling 合作公告 | 中 | 说明劳动力产品可以搭上现有钱包基础 | 未公开从候选人验证到雇主收入的转化率 |
| 医疗复用代理指标 | 5000 万+ 已在联邦和州机构验证过的成年人可复用于医疗访问 | 2024-01-17 | OtisHealth 合作公告 | 中 | 医疗扩张是在撬动政府端安装基础,而不是从零开始 | 未披露这些用户中实际启用医疗工作流的比例 |
轨迹行混合了带日期的官方快照和合作公告里的复用代理指标。最大缺失分母是按细分拆分的活跃重复使用,而不只是已注册钱包数量。
[CU001, CU002, CU003, CU004, CU028, CU038]| 点名客户 | 细分 | 部署 / 使用场景 | 生产还是试点 | 结果或质量证据 | 局限 |
|---|---|---|---|---|---|
| CMS / Medicare.gov 流程 | 联邦医疗 | Medicare 受益人的身份验证和登录 | 2026 年初投产承诺,不只是一个客户标识 | 复用逻辑强,因为受益人可以带着现有 SSA 或 VA 凭证进入 | 公开记录中仍处于上线前,因此还没有 Medicare 专属采用指标 |
| Internal Revenue Service | 联邦税务管理 | 多个 IRS 在线应用的 IAL2 身份核验 | 超大规模生产部署 | 公开记录包含 1.5 亿+ 次应用访问和已披露通过率改善 | 质量和监督仍有公开争议 |
| Social Security Administration | 联邦福利 | 在线 SSA 服务的主要登录选项 | 生产部署且嵌入政策 | SSA 明确告知用户复用现有 ID.me 账户 | SSA 未披露 ID.me 专属使用量或满意度指标 |
| VA.gov | 联邦退伍军人服务 | VA 数字服务的身份验证和账户访问 | 生产部署且持续运行 | VA 将核验描述为一次性,公共部门方案页也把 VA 作为信任背书引用 | 未公开 VA 合同经济性或重复登录量 |
| Pennsylvania DLI | 州失业救济 | 申领人身份验证,提供自助、视频和线下选项 | 生产部署 | Pennsylvania 和 ID.me 均发布工作流细节和复用指南 | Pennsylvania 未发布已完成验证量或节省指标 |
| Virginia Employment Commission | 州失业救济 | 福利登录、每周申领和文档访问 | 生产部署 | 官方和公司材料披露:成功率超过 80%,数字使用量提高 173%,来电量下降 57% | 结果证据仍集中在一个州案例研究 |
| OtisHealth | 医疗病历访问 | 支持 TEFCA 的患者登录、同意和健康记录调取 | 生产环境里程碑 | 被点名为 TEFCA 网络上首个通过 ID.me 凭证完成的患者直接请求 | 未披露公开用户量或续约数据 |
| Sterling / 美国雇主 | 雇主筛查 | 以身份为先的招聘和背景筛查工作流,并提供线下验证 | 生产合作延长至 2028 年 | 量化质量证据包括:在 110K 次检查中多发现 45% 刑事记录结果,且每 3 名候选人中有 1 名复用凭证 | 未披露具名终端雇主客户 |
枚举覆盖了公开材料中 ID.me 在联邦、州、医疗健康和雇主细分市场最强的具名客户证据。该清单有意只做部分覆盖,因为公司披露了医疗健康组织、品牌和雇主的宽泛数量,但没有发布完整具名名单。
[CU013, CU014, CU015, CU016, CU017, CU018]ID.me 的采用通常先经过采购或合作伙伴选择,再进入首次核验,随后走向重复使用,最后扩展到其他行业或工作流。
这是机制图,不是数值转化漏斗,因为 ID.me 未披露从采购到重复使用的分阶段转化率。
[CU011, CU013, CU018, CU020, CU021, CU029]政府客户提供最强的公开生产证明;医疗和雇主扩张真实存在,但更依赖合作伙伴公告;品牌证明面很广,量化程度较低。
矩阵标签是分析师判断,依据包括该细分是否有具名部署、量化公开结果、凭证复用证据、第三方佐证,以及公开续约或留存代理指标。它们不是供应商给出的评级。
[CU013, CU014, CU015, CU016, CU017, CU018]6.3 耐久性代理指标、重复登录与扩张循环
ID.me 不披露 NRR、GRR、logo 流失或平均合同期限等经典 B2B 耐久性指标。即便如此,公开记录仍提供了几个有用代理指标。第一,重复使用在产品结构里内嵌:客户为可复用凭证付费,Sacra 明确称,当已验证身份被复用于登录和属性检查时,收入会继续产生。第二,披露的登录量很大,2024 年成功登录超过 409 million 次;相比原始 logo 数,这更能读出耐久性,因为它反映回访使用。第三,州福利证据显示上线后的结果质量:VEC 报告数字使用率提高、呼叫量下降,并且大部分客户通过 ID.me 成功访问福利;Pennsylvania 则描述了快速自助流程以及人工和线下兜底路径。扩张循环也可见。政府装机基础成为 OtisHealth 医疗获客楔子,已验证候选人基础降低 Sterling 招聘流程摩擦,品牌折扣项目把政府、医院和医护人员身份拉入商业场景。这些是真实扩张信号,但在 ID.me 披露留存或分细分的货币化数据之前,它们仍只是代理指标。[CU004, CU005, CU029, CU030, CU031, CU032]
| 指标 | 数值 | 细分场景 | 置信度 | 持久性推断 | 尽调追问 |
|---|---|---|---|---|---|
| 成功登录 | 2024 年 409 million 次 | 跨细分场景用户基数 | 中 | 大规模回访登录量说明,用户首次验证后确实在重复使用 | 索取这些登录的细分场景构成,以及与付费事件的映射 |
| 验证一次后的复用 | IRS、SSA、VA、Pennsylvania、VEC 和 CMS 入口流程均有公开记录 | 政府与福利 | 高 | 钱包复用是最清晰的公开留存代理,因为同一凭证可跨服务持续使用 | 按细分场景索取月活回访用户数 |
| VEC 成功访问率 | 80%+ 客户成功访问福利系统 | Virginia 失业金申领人 | 中 | 已部署产品足够可用,能够支撑重复访问 | 索取放弃、欺诈拦截和错误码拆分 |
| VEC 数字使用量提升 | 在线使用量提升 173% | Virginia 失业金申领人 | 中 | 表明 ID.me 支持的工作流可以把行为推向数字化重复使用 | 询问基准分母,以及提升是否在第一年后延续 |
| VEC 服务效率信号 | 呼叫量降低 57%,节省 9,300 个员工工时 | Virginia 失业机构运营 | 中 | 上线后运营痛点下降,可支撑续约论证 | 询问这些节省是否转化为合同扩张 |
| 公共部门通过率主张 | 公民通过率 87% 至 93% | 政府身份核验 | 中 | 高通过率能提升包容性,也有利于采购密集市场里的续约前景 | 索取机构构成、方法论,以及通过率与欺诈拒绝之间的取舍 |
| Puerto Rico IRS 通过率 | 访问量增长超过三倍后,最终通过率 78.6% | Puerto Rico 的 IRS 用户 | 中 | 这是一个具名公共案例,显示特定人群的访问质量改善 | 索取当前通过率、队列规模和时间区间一致性 |
| 公开合同留存披露 | null | 全部 B2B 细分市场 | 中 | 未找到公开的 NRR、GRR、流失率或平均合同期限 | 尽调必须拿到续约、流失和合同期限表 |
ID.me 未公开披露传统企业留存指标,所以该表用重复登录、通过率和工作流效率信号作为持久性代理。null 表示已审阅公开材料中没有找到该指标,不代表公司内部不跟踪。
[CU004, CU005, CU029, CU030, CU031, CU033]公开披露显示,政府和商业的客户数量远大于具名案例研究数量;雇主和医疗如今也成为有意义的次级细分。
柱状值采用当前公开区间的下限,便于把各细分放在同一尺度上展示。同日精确数量会在披露快照之间漂移,这本身就是尽调缺口的一部分。
[CU001, CU002, CU003, CU027, CU028, CU043]6.4 集中度风险、采购摩擦与关键客户缺口
主要客户风险不在于 ID.me 是否已有采用,而在于按收入看这些采用有多持久、多分散。公开具名证据集中在政府和受监管访问,这与公司的合规优势一致;但组合也意味着对公共采购周期、监督和单一供应商争论有实质敞口。Carahsoft 通过经销商和合同工具拓宽获客渠道,但这并不能消除机构内部围绕包容性、成本和监督进行论证的必要性。GAO 对 IRS 的审查是最清晰的公开警示信号:项目规模很大,但机构没有设定清晰绩效目标,也没有完整记录对 ID.me 支持系统的监督;监管报道仍把隐私、公平性和单一供应商依赖视为正在发生的问题。私营部门宽度是真实的,尤其在品牌、医疗折扣和劳动力验证中;但公开披露仍没有展示头部账户集中度、续约行为或细分 ARR。因此,投资人可以承认真实客户证据和钱包复用,但仍需要尽调:谁支付了大部分账单、哪些细分会续约,以及公共部门扩张能否在更重采购摩擦下继续推进。[CU042, CU043, CU044, CU045, CU046, CU047]
| 扩张驱动 / 风险 | 公开证据 | 影响 | 证据新鲜度 | 反向视角 | 尽调路径 |
|---|---|---|---|---|---|
| 政府间钱包复用 | CMS 称,Medicare 可复用已在 SSA、VA、州机构和私营实体使用过的凭证 | 正向:新机构可以继承一批已预先验证的用户 | 2025-12 官方发布,仍属新鲜 | 仍取决于机构采购和合规选择 | 询问新机构上线时,已验证用户的激活率 |
| 雇主工作流扩张 | Sterling 合作延长至 2028 年,并增加招聘、面试欺诈、I-9 和线下能力 | 正向:打开了一个非福利类企业销售动作 | 虽然发布于 2023 年,但仍足以支撑战略方向判断 | 具名终端雇主集中度不可见 | 索取头部雇主客户、ACV,以及线下验证的附着率 |
| 医疗健康扩张 | OtisHealth 和医疗服务方页面显示患者访问和提供方 EPCS 验证 | 正向:医疗健康可以把同一批政府场景沉淀用户变现 | 2024 年合作加上当前工作流页面 | 医疗健康没有公开的量级、续约或收入拆分 | 索取活跃医疗健康组织、MAU 和重复病历请求率 |
| 商业和社群覆盖广度 | 政府、医院、医疗和公司细分场景里存在数千个合作优惠和员工折扣流程 | 正向:扩大品牌触面和用户效用 | 当前商城和帮助页面仍可见 | 公开证据大多是优惠流程,不是量化合同结果 | 索取活跃品牌数、GMV 影响和头部合作伙伴集中度 |
| 公共部门采购依赖 | Carahsoft 带来经销商和合同渠道;GAO 同时指出 IRS 单一供应商项目存在监督缺口 | 影响混合:渠道有利于分销,但大型机构仍需要谨慎处理采购和治理 | 风险信号来自 2025 年 GAO,渠道证据仍在 | 监督、隐私和单一供应商担忧可能拖慢续约或扩张 | 按采购工具索取公共部门管线、续约胜率和机构审计历史 |
| 集中度不透明 | 公开材料给出了宽泛数量,但头部客户构成、细分 ARR 和续约指标没有披露 | 风险在于,投资人无法判断收入是充分分散,还是锚定在少数大型公共部门账户上 | 截至本次运行日期仍如此 | 可能掩盖对少数机构、医疗健康组织或品牌项目的依赖 | 索取前 10 大客户集中度、细分构成和垂直行业流失率 |
| 成本与包容性主张 | ID.me 称其方案比竞争对手便宜 10-16x,并通过多种兜底路径支撑 87-93% 的通过率 | 如果属实,在采购中很有杀伤力 | 当前公司营销材料 | 方法论来自公司,公开记录中没有完整基准对照 | 索取独立基准研究和并列 win-loss 分析 |
该表把扩张循环与尽调中最可能重要的公开缺口放在一起。乐观情景是一个已验证凭证跨行业复利;风险情景是,收入集中度和续约质量仍不透明,而公共部门监督又格外关键。
[CU012, CU019, CU020, CU021, CU023, CU024]6.5 核心展示
07风险
7.1 监管、法律与隐私风险仍是最高严重度风险栈
ID.me 最高的剩余风险不是普通产品竞争,而是围绕生物识别身份核验的监管信任。公开记录显示,IRS 仍依赖 ID.me 作为其唯一 IAL2 提供商,用于一个 2021 年至 2024 年处理超过 150 million 次访问的项目;与此同时,GAO 关于目标和 AI 监督的核心建议仍显示未完成。这个组合很重要,因为公司的法律文件清楚表明,ID.me 收集异常敏感的输入——政府身份证件图像、关联 Social Security 的信息、生物识别数据和机构报告数据——而其生物识别同意声明允许在钱包关闭后最多保留一年。这些政策不是不当行为证据;它们是高保证身份提供商的正常法律脚手架。但如果监管机构、立法者或政府机构认定删除规则、公平性证据或 AI 治理控制不足,这些政策就定义了冲击半径。因此,这项风险最好被视为按严重度排序的隐私和采购敞口,而不是单一诉讼标题。[CR001, CR002, CR003, CR005, CR007, CR008]
| 规则 / 牌照 / 案件 | 司法辖区 | 状态 | 可能性 | 严重性 | 缓释措施 | 剩余敞口 | 尽调路径 |
|---|---|---|---|---|---|---|---|
| IRS 监督与 AI 清单缺口 | 美国联邦 | 截至 2026-06-03,GAO 建议仍未关闭 | 高 | 极高 | IRS 隐私指令、双周审查、删除承诺和公司同意控制 | 高 | 审查机构往来函件、整改计划,以及关闭第 1 和第 4 项建议的时间表。 |
| 生物识别隐私与留存治理 | 美国联邦和州 | 现行隐私和生物识别政策于 2026 年更新 | 高 | 高 | 用户同意控制、钱包销毁选项、IRS 专项删除承诺,以及不出售数据承诺 | 高 | 按使用场景索取生物识别留存矩阵、BIPA/CCPA 分析,以及供应商证明之外的删除验证证据。 |
| 民权与无障碍反弹 | 美国联邦和州 | 替代路径增加后,反复批评仍未消失 | 中高 | 高 | 视频、延长视频、线下、座机、备用码和安全密钥路径降低排除风险 | 中高 | 索取投诉率、人口统计维度通过率数据,以及失败或升级验证尝试的整改指标。 |
| 联邦合同与采购合规敞口 | 美国联邦 | 公开来源显示大型 BPA 和依托 Schedule 的销售动作 | 中 | 高 | 多类合同工具、经销商渠道和合规标志拓宽采购路径 | 中高 | 审查 BPA 条款、审计权、违约触发项、经销商经济性,以及任何机构专属隐私附录。 |
各行按剩余严重性排序,而不是按时间排序。IRS 监督和隐私治理的公开证据很强,但没有揭示完整合同包或每一项州法敞口。
[CR001, CR002, CR003, CR005, CR007, CR008]最高的残余风险集中在监管信任、隐私治理和公共部门集中度,而不是纯粹的功能竞争。
[CR057, CR058, CR059, CR061]7.2 运营可靠性、支持复杂度和安全负担是真实执行风险
ID.me 的运营风险,关键不在于公司有没有控制措施,而在于这些控制在当前规模下能否继续跑得快、覆盖得广、也足够可靠。状态页已经证明,钱包故障会公开发生;商业模式又决定了故障不只是客服麻烦:只有验证和复用登录成功,公司才收得到钱。与此同时,ID.me 自己的安全与合规页面也显示,公司确实搭了缓释栈——FedRAMP 托管、加密和多项标准合规。更难的问题在于,包容性需要昂贵路径支撑。NIST 明确推动同等保障选项和例外处理,ID.me 也公开运营自助、短视频、延长视频和线下验证路径。这些路径是优势,因为它们降低排斥、帮助公共部门客户;但它们也带来人员、QA 和恢复复杂度。一旦欺诈压力或政策审查上升,成本可能正好被拉宽。[CR028, CR029, CR030, CR031, CR032, CR033]
| 故障模式 | 可能性 | 严重性 | 缓释成熟度 | 剩余敞口 | 未解缺口 |
|---|---|---|---|---|---|
| 钱包或核验中断会打断复用和新验证 | 中 | 高 | 中 | 中高 | 核心核验服务没有公开 SLA、服务抵扣安排或详细正常运行历史。 |
| 虽已披露较强控制,安全或隐私控制仍可能失效 | 中 | 高 | 中高 | 中 | 公开页面描述了控制措施,但没有给出当前外部审计发现、红队结果或合同特定事件义务。 |
| 欺诈与恢复压力推高人工辅助审核成本 | 高 | 高 | 中 | 高 | 公开来源没有显示视频和线下流程的人员规模、升级率或排队时间。 |
| 缺少标准证件或手机的用户面临体验摩擦 | 中高 | 中高 | 中 | 中高 | 公开材料没有给出兜底路径中转化、放弃或公平性的分人口基准集。 |
这里的运营风险把单纯正常运行时间与包容性、恢复复杂度放在一起,因为公开证据显示,收入和信任都系于可重复完成的成功验证结果。
[CR028, CR030, CR031, CR032, CR033, CR034]| 角色 / 职能 | 依赖或缺口 | 可能性 | 严重性 | 缓释措施 | 尽调路径 |
|---|---|---|---|---|---|
| AI 治理与监管项目管理 | GAO 仍显示目标、评估和 AI 监督事项未关闭 | 高 | 高 | 已记录的隐私指令和已发布法律政策表明存在基础控制 | 审查合规组织架构、控制负责人、审计节奏和建议关闭计划。 |
| 人工辅助核验运营 | 视频和线下路径对包容性关键,但运营强度高 | 中高 | 高 | 多种兜底路径降低排除风险,并在自助失败时支持恢复 | 按核验路径索取人员配置、排队时间、升级率和放弃数据。 |
| 公共部门实施与支持 | 机构专属工作流、合同工具和支持模型看起来经过定制 | 中 | 中高 | VA 和 Virginia 的持久部署说明该模型可以落地 | 索取实施时间线、续约队列和机构专属支持承诺。 |
| 安全与事件响应 | 公开状态页确认,客户可见的钱包事件仍会发生 | 中 | 高 | FedRAMP 托管、加密和合规项目支撑基础响应准备度 | 索取事件响应手册、近期复盘,以及按内部 SLO 恢复的证据。 |
该登记表聚焦必须随包容性、采购和可靠性需求一起扩展的执行职能;除公开证据支持的内容外,不假设未披露的管理层弱点。
[CR015, CR016, CR017, CR031, CR032, CR033]7.3 可携带性有价值,但公共部门集中度和渠道依赖仍会重定价增长
ID.me 的网络效应是真实的,但同一组公开证据也说明,不能把可携带性误读成独占性。Social Security 和 VA 都允许 Login.gov 与 ID.me 并存,Medicare 还在加入 CLEAR 作为另一种选择。也就是说,钱包可以跨机构有用,却仍可能被替代:只要某个供应商看起来更便宜、更容易治理,或政治争议更小。采购集中度会放大这种风险。GovConWire 报道 IRS 的 BPA 最高可达 $1 billion,公共部门分销也经过 Carahsoft 这类政府聚合渠道。这些安排能放大销售、降低导入摩擦,但也意味着预算周期、合同工具、转售商经济性和机构采购偏好会直接传导到收入。VA 和 Virginia 这类最强公共客户证据证明了耐久性和成效;但它们不能消除一个风险:少数公共机构仍主导战略可信度,并贡献有意义的业务量。[CR026, CR027, CR029, CR041, CR042, CR043]
| 依赖 | 交易对手 | 角色 | 集中度 | 失效场景 | 严重性 | 缓释措施 | 剩余敞口 |
|---|---|---|---|---|---|---|---|
| 联邦身份核验量 | IRS / Treasury / GSA | 最大的公开可见公共采购组合 | 高 | 采购重置、监督升级或合同争议拖慢量级,或重定价经济性 | 极高 | 扩大的机构覆盖、可复用钱包价值,以及其他公共部门客户 | 高 |
| 政府分销渠道 | Carahsoft 和经销商生态 | 聚合方 / Schedule / 合同工具入口 | 中 | 渠道经济性、经销商激励或采购工具限制压低销售速度 | 中高 | 直接签约和多类公共部门采购工具拓宽路径 | 中 |
| 机构可选方案 | Login.gov 和 CLEAR | SSA、VA 和 CMS 的替代登录与验证选项 | 中高 | 机构在恢复、开户或政治敏感流程中转向公共或竞争供应商 | 高 | 跨机构可携性和存量集成支撑留存 | 中高 |
| 身份工作流竞争 | Socure、Persona、Jumio、Okta/Auth0 等竞品 | API 优先和企业身份替代方案 | 中 | 买家针对单个工作流选择更快或配置性更强的供应商 | 中高 | 可复用钱包、政府级核验和属性可携性仍是差异化点 | 中高 |
集中度按战略依赖评估,而不是按收入占比精确衡量,因为公开来源没有披露联邦细分构成或头部客户占比。
[CR026, CR027, CR029, CR041, CR042, CR043]ID.me 的公开依赖栈贯穿联邦机构、采购渠道和买方选择集;买方选择比钱包叙事暗示的更宽。
[CR041, CR043, CR044, CR051, CR052, CR053]7.4 财务和模型风险只有设定明确止损标准才可控
公开财务叙事足以证明动能,却不足以让人有把握地承保下行情景。ID.me 披露了一笔融资方案,公司估值超过 $2 billion,也显示钱包和登录增长很快;Sacra 描述的则是按使用量计费的模型,成功身份结果和后续复用推动收入。只要转化率保持高位、机构持续续约,这个模型很有吸引力。但如果监管信任滑坡、故障拖慢恢复流程,或联邦买家转向替代方案,风险就会变大,因为这些变化会同时影响首次验证收入和后续凭证复用。更大的问题是披露深度。公开来源仍未显示当前年收入、联邦收入占比、重大合同利润结构,也没有披露失败场景下决定下行严重度的 SLA 和赔偿条款。因此,正确的投资姿态应当是有条件的:在假设规模自动等于韧性之前,先要求集中度明细、合同包和公平性证据。[CR045, CR046, CR047, CR048, CR049, CR050]
| 风险 | 可监控触发项 | 阈值 / 事件 | 行动含义 |
|---|---|---|---|
| 监管信任破裂 | GAO / 机构监督状态 | 下次刷新时第 1 或第 4 项建议仍未关闭,或新机构审查增加 AI、隐私或公平性发现 | 从观察转为严格重做承销,并要求整改备忘录和带日期的关闭承诺。 |
| 可靠性与支持失效 | 钱包或核验事件 | 反复出现客户可见事件、队列时间拉长,或没有私下证据证明正常运行时间 / SLA 纪律 | 提高要求回报率,并在承销可持续复用收入前要求服务水平证据。 |
| 联邦采购集中度 | 机构选择和合同姿态 | IRS / CMS 范围丢失、缩水或重大重新定价,或明显迁移到 Login.gov 或 CLEAR | 降低敞口,除非管理层证明有抵消性赢单,且对受影响项目依赖较低。 |
| 披露与融资不匹配 | 增长主张对比财务细节 | 新估值或债务扩张发生时,仍未披露细分收入、利润率、集中度和合同经济性 | 将其视为停止并重做承销事件,而不是把使用量指标外推为韧性现金流。 |
这些止损标准设计为通过官方状态页、监督出版物、合同公告和尽调材料监控,而不是凭直觉判断。
[CR015, CR017, CR019, CR020, CR037, CR043]监管和运营冲击会先穿过采购、转化和复用,最终才体现在估值上。
[CR046, CR047, CR048, CR049, CR058, CR061]7.5 展示材料
08估值
8.1 建议仍为 research-more,因为当前标记价已经计入太多好消息
以当前公开价格锚点看,正确判断是 research-more,而不是买入。ID.me 确实有后期公司信号:公司和 Sacra 对一笔 2025 年 $340 million 融资方案口径一致,估值超过 $2 billion;披露的投资财团还包括 Ribbit 和 Ares 这类严肃资本。问题不是 ID.me 看起来弱。问题在于,这个价格已经要求投资者承保公开记录尚未展示的财务结果。第三方收入锚点约为 2023 年 $130 million、2024 年 $150 million,这意味着在投资者了解 2025 年收入、毛利率、NRR 或债务契约之前,后视估值倍数已经高于约 13x 至 15x。对一家有网络效应的身份平台来说,这并非不可能;但在同一记录仍缺少审计财务、股权结构优先权和下行保护细节时,很难说有吸引力。因此,入场纪律比欣赏公司更重要:只有尽调证明当前经济性明显更强,或价格跌向能真正补偿披露缺口的公开证据区间,这个标记价才会变得有吸引力。[CV001, CV002, CV003, CV004, CV005, CV006]
| 建议 | 置信度 | 风险评级 | 估值立场 | 决策含义 |
|---|---|---|---|---|
| 继续研究 | 中 | 高 | 偏高 | 若没有收入桥、利润率证明和干净的资本结构条款,不要按当前 >$2B 估值标记承销;更适合等待更低入场价,或显著更强的尽调证据。 |
这是一个价格敏感型建议,不是泛泛的公司质量判断。
[CV001, CV008, CV034, CV035, CV036, CV037]规模和市场验证是真实的,但当前价格和政策风险仍只能支撑继续研究的结论。
[CV001, CV005, CV018, CV034, CV035, CV037]8.2 正命题是有真实客户验证的可复用身份;反命题是审查、集中度和竞争
ID.me 的多头逻辑很直接。多份市场报告显示,数字身份和验证仍是规模大、还在增长的品类;公司也有公开证据,证明产品不只是一次性证件检查。CMS、Pennsylvania、VA、SSA 和 IRS 的流程页面都指向一种可复用凭证,并在不同政府场景下配有兜底支持。这比纯交易型 KYC 更像护城河。同一模式也制造出最尖锐的反命题。GAO 称 IRS 仍缺少可衡量的项目目标和合格的 AI 清单纪律;Biometric Update 强调删除控制依赖供应商证明;Politico 描述了延长生物特征留存的压力;ID.me 自己的隐私政策也保留了有意义的留存弹性。竞争也不是假设。CLEAR 已经进入 Medicare 推出计划,Jumio、Mitek 和 Okta/Auth0 也都在销售相邻的身份、风险或客户认证栈。所以本章论点不是「好公司,所以照买」,而是「这是一个真实的可复用身份资产,但如果政策耐久性、独占性或经济性不及预期,溢价会很快压缩」。[CV010, CV011, CV012, CV013, CV014, CV015]
| 论点 | 证据 | 何种证据会改变判断 |
|---|---|---|
| 投资逻辑 | 可复用凭证如今已出现在 IRS、SSA、VA、宾夕法尼亚州失业救济和 Medicare 流程中;市场报告仍支持身份领域的长期顺风,2025 年融资也证明资本仍可获得。 | 只有管理层证明这种复用能转化为比公开锚点强得多的当前收入、利润率和留存,才上调判断。 |
| 反向逻辑 | 同一份公开记录也显示,隐私和 AI 监督正受审查,政府部署由多家供应商参与,CLEAR、Jumio、Mitek 和 Okta/Auth0 构成真实竞争,名义估值已经高于公开可比公司快照。 | 如果留存规则拉长、采购放缓,或隐藏融资堆叠对新投资者明显更优先,就应迅速下调判断。 |
反向逻辑关注的是估值耐久性和证据质量,并不是否认 ID.me 已经搭起了真实平台。
[CV010, CV018, CV020, CV021, CV022, CV025]8.3 公开可比公司和情景区间支持纪律,而不是追逐动量
公开可比公司会给私有叙事加上纪律。按 2026 年 6 月快照,CompaniesMarketCap 显示 Okta 约 8.1x 销售额、CLEAR 约 8.4x、Mitek 约 4.25x。这些公司不是完美可比,但足以框定投资者通常愿意为已披露身份或身份相邻业务支付什么价格。在这个背景下,ID.me 基于公开收入锚点的隐含后视倍数仍明显高于区间。这不能证明私有标记价错了;但它意味着举证责任转向管理层。牛市情景需要当前收入明显高于公开锚点,还要证明复用、医疗扩张和反欺诈定位正在转化成软件式经济性。基准情景认为今天的标记价略领先公开证据,应更接近经过可比公司调整的区间。熊市情景则认为,隐私审查、采购放缓或隐藏融资结构会把公司拉向更严苛的公开市场视角。换句话说,情景分布很宽,因为证据缺口很宽。[CV031, CV032, CV033, CV034, CV038, CV039]
| 情景 | 假设 | 估值 / 回报逻辑 | 关键风险 | 概率信号 |
|---|---|---|---|---|
| 乐观 | 当前收入已高于大约 $200M,复用驱动的增长保持强劲,Medicare 和相邻机构扩张加深,隐私审查仍可控。 | 支撑约 $2.2B-$2.8B;除非收入明显强于公开锚点,否则较当前估值只有温和上行。 | 投资者必须相信其经济性比公开记录显示的更像软件公司。 | 在披露经审计或董事会层面的 2025/26 指标前,概率较低。 |
| 基准 | 公开 2023 和 2024 年收入锚点大方向正确,增长继续,但利润率或集中度尚未完全去风险;投资者给出按可比公司调整后的溢价,而不是稀缺性溢价。 | 支撑约 $1.4B-$1.8B,意味着当前估值已经跑在公开证据之前。 | 如果债务或优先权安排激进,这个估值仍可能过于慷慨。 | 最符合当前证据集。 |
| 悲观 | 采购势头放缓,留存或隐私审查恶化,或隐藏融资条款吸收的价值高于预期。 | 支撑约 $0.8B-$1.2B,并指向降价轮或严重倍数压缩风险。 | 如果公司无法证明政府规模也意味着耐久经济性,下行会加速。 | 若新尽调无法补上财务和政策缺口,概率会明显上升。 |
区间是以十亿美元计的宽泛判断带,来自公开可比公司纪律和第三方收入锚点,不是管理层预测。
[CV039, CV040, CV041, CV046]| 可比公司 | 指标 | 倍数 / 估值 / 状态 | 关联度 | 局限 |
|---|---|---|---|---|
| Okta / Auth0 | 客户身份基础设施 + 2026 年 6 月 P/S 快照 | 8.13x P/S;上市公司 | 可作为已披露身份软件公司的基准:它有客户身份野心,也有广泛开发者分发。 | 劳动力身份和企业客户组合比 ID.me 更宽,披露质量也高得多。 |
| CLEAR Secure | 身份平台 + 2026 年 6 月 P/S 快照 | 8.43x P/S;上市公司 | 可参考其生物识别、消费者身份认知度以及当前 Medicare 重叠。 | 消费者订阅和旅行场景起家,使其收入模型不同于 ID.me 偏政府的组合。 |
| Mitek Systems | 身份验证 + 2026 年 6 月 P/S 快照 | 4.25x P/S;上市公司 | 可作为上市文件可查的纯身份验证和反欺诈工具参考。 | 规模更小、分散方式不同,IDV 之外还有支票和反欺诈产品。 |
| ID.me 隐含估值 | 相对于公开 2023/2024 收入锚点的估值 | 2024 年收入 >13x,或 2023 年收入 >15x;私营 | 显示新投资者在 >$2B 估值上隐含买单的溢价。 | 依赖第三方收入锚点,因为公司未披露经审计的当前收入。 |
可比倍数只是 2026 年 6 月的粗略公开快照,用来约束估值纪律,不是完整标准化 EV/收入模型。
[CV025, CV027, CV028, CV031, CV032, CV033]估值摆动最大的因素,是 ID.me 是否配得上相对已披露公开身份可比公司的溢价。
这些数值只是粗略的往绩销售快照或隐含倍数锚,用来约束相对估值,并非完整标准化的 EV/revenue 模型。
[CV009, CV031, CV032, CV033, CV034]当前估值标记高于公开证据支撑的基准情景,只是小幅落在乐观情景内。
这些区间是以十亿美元计的判断带,来自公开可比公司约束和第三方收入锚点,不是管理层预测或 DCF。
[CV039, CV040, CV041, CV046]8.4 退出准备度目前仍不完整,所以尽调问题必须聚焦披露质量和下行保护
ID.me 的体量看起来已经重要,但以这里保留的证据集看,还没到上市就绪。Okta 和 Mitek 给投资者年度报告节奏、申报基础设施和经常性 KPI 披露;ID.me 给的是私有融资标题、强客户轶事和间接收入锚点。这个差距很重要,因为公开市场买家惩罚收入质量、利润结构和治理不确定性,往往比后期私募投资者更严厉。战略退出的可选性比 IPO 准备度更容易相信,因为相邻身份和安全平台可以重视客户触达、医疗入口和可复用凭证覆盖,而不必立刻让资产暴露在公开市场披露规范下。但即便这条路,如果隐私留存实践继续有争议,或政府集中度比当前叙事更周期化,也会变窄。因此,必不可少的下一步不是再讲一个市场规模故事,而是一套硬尽调包,把当前收入、利润率、集中度、优先权结构和留存控制对齐。没有这些,正确姿态就是继续跟踪这个真实资产,同时拒绝为公开记录仍无法完全支撑的价格拉伸。[CV029, CV030, CV042, CV043, CV044, CV045]
| 触发项 | 阈值 | 对投资逻辑的传导 | 行动含义 |
|---|---|---|---|
| 收入桥接不及预期 | 私下尽调仍显示经济性接近公开 $130M-$150M 锚点,而不是明显高于它们 | 当前 >$2B 估值相对公开可比公司失去溢价支撑 | 不要领投;按基准或悲观情景重新承销。 |
| 资本结构比预期更偏优先 | 债务契约、清算优先权或认股权证明显压低普通股上行 | 名义估值不再代表投资者入场经济性 | 要求重新定价或更强下行保护。 |
| 生物识别留存义务扩大 | 合作方或政府政策更接近长期留存规范 | 监管和公开市场接受度下降,合规成本与诉讼风险上升 | 下调目标持仓,或退出。 |
| 多机构复用停滞 | 主要项目停止扩张,或大型机构选择不具备可比 ID.me 复用能力的替代方案 | 可复用凭证护城河变弱,变现耐久性下降 | 切换到更低倍数框架。 |
| 公开可比估值带压缩 | 身份类公开可比公司估值下修,而 ID.me 仍寻求私募溢价 | 即便执行稳定,入场价也可能没有安全边际 | 等价格重置前暂停投资。 |
| 监督发现恶化 | GAO、国会或机构客户披露超出现有记录缺口的新控制失效 | 退出准备度和采购耐久性同时恶化 | 立即切换至悲观情景。 |
每个触发项都应能在尽调期间或入场后马上监测,而不是模糊的战略担忧。
[CV020, CV021, CV022, CV023, CV024, CV044]| 主题 | 缺失证据 | 重要性 | 负责人或尽调路径 |
|---|---|---|---|
| 当前收入桥接 | 经审计的 2025 年收入、最新 2026 年收入,以及从公开 2023 和 2024 年锚点出发的桥接 | 没有这些证据,当前倍数很难站住脚 | 财务团队;董事会材料或可审计的月度报表。 |
| 毛利率和净留存率(NRR) | 按客户类型拆分的毛利率、队列留存,以及登录到收入的转化 | 只有使用量能转化为经济复利,可复用身份逻辑才配得上溢价 | 财务 + 收入运营;队列模型和续约材料包。 |
| 政府客户集中度 | 按机构拆分的收入、头部客户集中度、续约日期和采购依赖 | 公共部门验证是优势,直到它变成集中度风险 | 收入运营 + 公共部门销售负责人。 |
| 债务与优先股堆叠 | 信贷协议、契约、认股权证、清算优先权和董事会权利 | 入场经济性可能与名义估值大幅偏离 | CFO + 法律顾问;最新融资文件。 |
| 隐私与留存控制 | 关于生物识别数据删除和按合作方拆分留存计划的独立审计证据 | 政策耐久性直接影响采购和 IPO 准备度 | 安全、隐私和法律审查。 |
| 治理与退出准备度 | 董事会构成、审计流程、风险治理,以及任何 IPO 准备路线图 | 如果公司想守住溢价退出,公开市场披露标准很重要 | CEO、CFO 和董事会观察员尽调会议。 |
这些尽调事项是最低材料包,只有拿到它,方向性判断才能变成可承销的价格判断。
[CV008, CV042, CV044, CV045]ID.me 在市场验证和复用上得分较好,但在当前估值下,经济性透明度和退出准备度得分偏低。
这些分数是基于留存证据综合出的 0-10 档位尽调判断,不是管理层提供的 KPI。
[CV005, CV018, CV034, CV037, CV042, CV043]免责声明
仅基于公开来源尽调;本报告不构成投资建议,应结合管理层材料、客户访谈、法律审查和完整财务尽调补充判断。
证据索引
| 编号 | 陈述 | 可信度 | 来源 |
|---|---|---|---|
| CO001 | ID.me was founded on February 2, 2010 by Blake Hall. | 高 | SO001, SO009 |
| CO002 | Hall founded the company after seeing a veteran disclose a DD214 to claim a discount, which exposed more personal data than necessary. | 高 | SO001, SO009 |
| CO003 | The company launched as TroopSwap, evolved into Troop ID, and rebranded as ID.me in 2013. | 高 | SO001, SO009 |
| CO004 | ID.me says it received a $1.2 million NIST grant in 2013 to develop online identification technology. | 中 | SO001 |
| CO005 | ID.me says it secured its first federal contract with the Department of Veterans Affairs in 2016 and deployed secure authentication on VA.gov. | 高 | SO001, SO024 |
| CO006 | ID.me says it deployed FIDO U2F security keys in the government sector in 2017 and reached NIST IAL2/AAL2 certification by 2018. | 高 | SO001, SO006 |
| CO007 | ID.me is headquartered in McLean, Virginia. | 高 | SO002, SO003, SO011 |
| CO008 | ID.me describes itself as a next-generation digital identity wallet that lets a user verify once and reuse credentials across websites. | 高 | SO002, SO022, SO023 |
| CO009 | The wallet lets users add verified identity or community cards and review or revoke which relying parties receive their data. | 高 | SO022, SO005 |
| CO010 | Public materials position the platform across identity verification, authentication and MFA, access management, credential validation, and digital wallet services. | 高 | SO019, SO022, SO023 |
| CO011 | Sacra describes ID.me as a B2B2C business in which organizations pay for verification, credential reuse, and subscription plans rather than end-user fees. | 高 | SO008, SO023 |
| CO012 | ID.me’s public-sector materials say the platform supports online self-service, video chat, and in-person verification while remaining NIST compliant. | 高 | SO004, SO018, SO017 |
| CO013 | ID.me says Identity Gateway is certified to NIST 800-63-3 IAL2/AAL2 and holds FedRAMP Moderate authorization. | 高 | SO004, SO006 |
| CO014 | ID.me says it was the first vendor certified against NIST 800-63-3 IAL2 by the Kantara Initiative and supports ISO 27001 and SOC 2 Type II aligned compliance regimes. | 高 | SO006, SO007 |
| CO015 | Blake Hall remains founder and CEO and is the quoted public face in anniversary, financing, and CMS contract communications. | 高 | SO001, SO002, SO003 |
| CO016 | Hall’s founder-market fit is rooted in his Army scout/sniper service and his stated mission to protect veterans from oversharing sensitive paperwork. | 高 | SO001, SO009 |
| CO017 | Derrick Roberts was identified in 2023 as ID.me’s Director of Business Development as the company expanded public-sector procurement channels with Carahsoft. | 中 | SO007 |
| CO018 | FedScoop identified Wes Turbeville as Senior Vice President of Federal and Healthcare in late 2025. | 中 | SO012 |
| CO019 | Public sources reviewed for this chapter did not enumerate a current board roster, leaving governance visibility materially thinner than financing and customer-growth visibility. | 中 | SO001, SO002, SO003, SO010 |
| CO020 | ID.me reported 139 million wallet users, 65 million federally verified users, 20 federal agencies, 44 state agencies, 66 healthcare organizations, and 600-plus consumer brands in its 15-year article. | 中 | SO001 |
| CO021 | The September 2025 financing release reported 152 million users, 76 million federally verified users, 20 federal agencies, 45 states, more than 70 healthcare organizations, 600-plus brands, and 500-plus U.S. employers. | 中 | SO002 |
| CO022 | The December 2025 CMS release reported 157 million users, 80 million verified users, 21 federal agencies, 45 state agencies, and more than 70 healthcare organizations. | 中 | SO003 |
| CO023 | GovConWire’s January 2026 coverage reported 156 million users, 21 federal agencies, 50 state agencies, and more than 70 healthcare organizations. | 中 | SO011, SO009 |
| CO024 | The differing late-2025 to early-2026 scale disclosures suggest fast expansion but make “current” network metrics source-date sensitive. | 高 | SO002, SO003, SO011 |
| CO025 | ID.me announced a $340 million financing package in September 2025 spanning Series E financing and a recent credit facility at a valuation above $2 billion. | 高 | SO002, SO008 |
| CO026 | The September 2025 company release said Ribbit Capital led the Series E, with Ares Credit funds, Moonshots Capital, and Positive Sum also participating. | 中 | SO002 |
| CO027 | Sacra reported the September 2025 package as a $65 million Series E equity round plus a $275 million Ares credit facility. | 中 | SO008 |
| CO028 | Sacra reported earlier disclosed rounds of $100 million Series C in March 2021 and $132 million Series D in April 2023, with the 2021 round valuing ID.me at $1.5 billion. | 中 | SO008 |
| CO029 | Sacra lists earlier disclosed investors including CapitalG, Morgan Stanley Counterpoint, FTV Capital, PSP Growth, and Viking Global. | 中 | SO008 |
| CO030 | Publicly disclosed 2021, 2023, and 2025 financing events support at least $572 million of capital since 2021, but do not fully resolve lifetime capital, secondaries, or early-round history. | 高 | SO008, SO002 |
| CO031 | The 2025 financing package and recurring government-contract wins support classifying ID.me as a late-stage private company rather than an early venture-stage startup. | 高 | SO002, SO003, SO011 |
| CO032 | GovConWire reported the IRS awarded ID.me a BPA valued up to $1 billion with ordering through December 29, 2030. | 中 | SO011 |
| CO033 | FedScoop reported the CMS expansion sits within a broader HHS contract that dates to 2022 and is worth roughly $5 million according to USASpending. | 中 | SO012 |
| CO034 | ID.me’s anniversary article says the company worked in 2024 with HHS on a Tribal CX pilot, with OtisHealth, and with sports partnerships including the Detroit Pistons and Florida Gators. | 中 | SO001 |
| CO035 | The Virginia Employment Commission case study says a January 2024 rollout drove 173 percent higher online claims usage, 57 percent lower call volume, and 9,300 staff hours saved. | 高 | SO018, SO001 |
| CO036 | The VA case study says VA.gov hired ID.me to deliver authentication compliant with the federal government’s most rigorous standards while preserving legacy veteran login credentials. | 高 | SO024, SO001 |
| CO037 | The case-studies hub shows ID.me publicly features both healthcare identity proofing and state-benefits anti-fraud case studies, evidencing cross-vertical GTM beyond a single government use case. | 高 | SO019, SO024 |
| CO038 | GitHub activity shows ID.me maintained public sample repositories updated in May 2026. | 高 | SO020, SO021 |
| CO039 | The Android sample repository documents OAuth 2.0 plus PKCE and OIDC flows and GitHub Packages distribution for the company’s mobile SDK. | 中 | SO021 |
| CO040 | FedScoop said ID.me’s expanding use in government has faced pushback from lawmakers, civil-rights groups, and watchdogs over facial recognition and identity-proofing practices. | 高 | SO012, SO014 |
| CO041 | GAO said IRS relies on ID.me as its sole provider of IAL2 identity-proofing products and supporting activities for many applications. | 高 | SO013, SO014 |
| CO042 | GAO said IRS users accessed IAL2 applications more than 150 million times between 2021 and 2024. | 中 | SO013 |
| CO043 | GAO found IRS had not set measurable goals for the program and had not documented ID.me AI uses in its AI inventory or oversight process. | 高 | SO013, SO014 |
| CO044 | Biometric Update quoted ID.me saying its IRS deployment increased pass rates from 40 percent to over 70 percent relative to the prior solution and delivered three times more access for underserved populations. | 中 | SO014 |
| CO045 | IRS guidance says taxpayers need an ID.me account for many IRS online services and that selfie, video, and biometric data are automatically deleted for IRS users except suspicious or fraudulent activity. | 中 | SO015 |
| CO046 | SSA shifted to ID.me or Login.gov-only sign-in for online services effective June 7, 2025. | 中 | SO016 |
| CO047 | VA guidance says ID.me users can verify online or in person and use multiple MFA methods, reinforcing inclusion fallback for benefits access. | 中 | SO017 |
| CO048 | The May 25-26, 2026 status log shows a mobile-wallet service incident that was later resolved after a fix deployment. | 中 | SO025 |
| CO049 | ID.me’s public-sector pilot materials claimed 87-93 percent citizen pass rates through supervised remote capability and estimated costs 10-16 times lower than competition. | 中 | SO004 |
| CO050 | Public materials reviewed did not provide audited revenue, run rate, headcount, or a current office-location count, even though third-party summaries suggest about $150 million of 2024 revenue and rapid growth. | 中 | SO009, SO008, SO010 |
| CO051 | MicroVentures said revenue grew more than 450 percent from 2020 through 2024 and reportedly reached $150 million in 2024. | 中 | SO009 |
| CM001 | MarketsandMarkets projects the global identity verification market to grow from USD 14.34 billion in 2025 to USD 29.32 billion in 2030 at a 15.4% CAGR. | 中 | SM001 |
| CM002 | Grand View Research estimates the global identity verification market was USD 9.87 billion in 2022 and will reach USD 33.93 billion by 2030 at a 16.7% CAGR. | 中 | SM002 |
| CM003 | Future Market Insights values the broader digital identity services market at USD 28.50 billion in 2025 and USD 86.54 billion in 2035. | 中 | SM003 |
| CM004 | The main public market estimates are not directly comparable because Future Market Insights includes broader digital identity services while MarketsandMarkets and Grand View Research focus more narrowly on identity verification. | 中 | SM001, SM002, SM003 |
| CM005 | Future Market Insights says identity verification and KYC/AML accounts for 35.7% of digital identity services revenue in 2025. | 中 | SM003 |
| CM006 | Future Market Insights says API-first SaaS accounts for 63.8% of digital identity services revenue in 2025 and cloud deployment accounts for 70.3%. | 中 | SM003 |
| CM007 | MarketsandMarkets identifies high implementation costs, technical-expertise gaps, and privacy or data-breach challenges as key restraints on identity verification adoption. | 中 | SM001 |
| CM008 | Grand View Research reports that biometric identity verification held more than 68% of market revenue in 2022 and on-premises deployments held more than 59%. | 中 | SM002 |
| CM009 | ID.me’s most defensible direct market is reusable high-assurance identity proofing, authentication, and attribute exchange for regulated digital access. | 中 | SM004, SM016, SM017, SM018 |
| CM010 | Sacra says ID.me’s revenue scales with successful identity outcomes, credential reuse, and attribute checks rather than consumer subscriptions or generic seat licenses. | 中 | SM004 |
| CM011 | ID.me’s disclosed demand pools include federal agencies, state agencies, healthcare organizations, consumer brands, and employers. | 中 | SM004, SM005, SM006, SM020 |
| CM012 | In government workflows that use ID.me, the agency buys and pays while the citizen, taxpayer, beneficiary, or claimant is the end user. | 高 | SM013, SM014, SM015 |
| CM013 | In employer and brand workflows, the organization pays while the employee or consumer is the end user proving identity or eligibility. | 中 | SM004, SM005, SM016 |
| CM014 | ID.me’s wallet value proposition is that a user can verify once and then reuse the credential across multiple government and private relying parties. | 高 | SM013, SM014, SM015, SM016, SM017 |
| CM015 | Login.gov remains a substitute path for federal digital access alongside ID.me. | 高 | SM014, SM015 |
| CM016 | Generic CIAM, IAM, and broader digital identity orchestration budgets are adjacent to ID.me’s market but are not all part of its direct SAM because they can solve authentication without reusable high-assurance proofing. | 中 | SM003, SM018 |
| CM017 | ID.me says its Identity Gateway is conformant with NIST 800-63-3 IAL2 and AAL2 and has a FedRAMP Moderate authorization to operate. | 中 | SM007 |
| CM018 | ID.me says it supports compliance workflows tied to ISO 27001, SOC 2 Type II, DEA EPCS, TEFCA individual access services, CCPA, and KYC. | 中 | SM008 |
| CM019 | ID.me’s developer documentation shows integration paths across AWS, Keycloak, Microsoft, Okta, Ping, OIDC, SAML, OAuth 2.0, and APIs. | 中 | SM018 |
| CM020 | ID.me’s security materials say relying parties request only the minimum required data and users must authorize release of that data. | 中 | SM019 |
| CM021 | ID.me said it added 20.4 million new wallets in 2024 and powered more than 409 million successful logins, up 44% year over year. | 高 | SM004, SM005 |
| CM022 | ID.me’s September 2025 funding release said the company served 152 million users, including 76 million verified to federal IAL2 standards. | 中 | SM005 |
| CM023 | ID.me’s December 2025 CMS release said the company served 157 million users, including 80 million verified to federal standards, across 21 federal agencies and 50 state agencies. | 中 | SM006 |
| CM024 | ID.me’s user and agency counts differ across its March 2025 anniversary post, September 2025 funding release, and December 2025 CMS release. | 中 | SM020, SM005, SM006 |
| CM025 | GAO says ID.me is the IRS’s sole provider of IAL2 identity-proofing products and supporting activities for many IRS applications. | 中 | SM010 |
| CM026 | GAO says users accessed IRS IAL2 applications more than 150 million times between 2021 and 2024. | 中 | SM010 |
| CM027 | GovConWire reported that the IRS awarded ID.me a blanket purchase agreement valued at up to USD 1 billion through December 2030. | 中 | SM022 |
| CM028 | Carahsoft said agencies can procure ID.me through GSA Schedule and ITES-SW2 reseller channels. | 中 | SM009 |
| CM029 | CMS selected ID.me as an identity verification and sign-in option for Medicare.gov beginning in early 2026. | 高 | SM006, SM021 |
| CM030 | FedScoop reported that Medicare.gov will also deploy CLEAR for part of the identity workflow. | 中 | SM021 |
| CM031 | Public identity verification demand spans BFSI, government, healthcare, retail, and enterprise verticals, but ID.me’s visible footprint is more concentrated in public sector, healthcare, employers, and brands than the whole category. | 中 | SM001, SM002, SM005, SM006 |
| CM032 | ID.me’s Virginia Employment Commission case study says online usage rose 173%, call volume fell 57%, and 9,300 staff hours were saved after deployment. | 中 | SM023 |
| CM033 | IRS, SSA, and VA public guidance all state that an existing ID.me account can be reused across services. | 高 | SM013, SM014, SM015 |
| CM034 | ID.me’s support and government materials show self-service, video-call, and in-person verification pathways. | 高 | SM025, SM007 |
| CM035 | ID.me claims its supervised remote capability keeps pass rates at 87% to 93% and costs 10 to 16 times less than the competition. | 中 | SM007 |
| CM036 | Biometric Update quoted ID.me as saying the IRS deployment raised pass rates from 40% to more than 70% versus the prior IRS solution and tripled access for underserved populations. | 低 | SM011 |
| CM037 | GAO found that IRS had not defined measurable goals, routinely evaluated vendor performance, or fully subjected ID.me-related AI uses to its oversight process. | 中 | SM010 |
| CM038 | Politico reported that IRS was investigating whether ID.me retained biometric data longer than promised. | 中 | SM012 |
| CM039 | FedScoop said lawmakers, civil-rights groups, and watchdogs have criticized ID.me’s facial-recognition use even as CMS expands deployment. | 中 | SM021 |
| CM040 | Sacra says ID.me competes across government-grade digital identity, enterprise or API identity verification, and platform-native identity ecosystems. | 中 | SM004 |
| CM041 | Sacra says API-first identity vendors tend to win when buyers treat identity verification as a cost center, while ID.me is advantaged when buyers value reusable higher-assurance credentials. | 中 | SM004 |
| CM042 | Sacra says Apple Wallet, Google Wallet, Microsoft Entra, and AWS IAM could compress ID.me’s long-term TAM if platform-native credentials become acceptable for regulated access. | 中 | SM004 |
| CM043 | Sacra says government concentration remains a material risk for ID.me because public-sector programs have historically driven much of its growth. | 中 | SM004 |
| CM044 | Sacra says healthcare, patient-controlled data access, enterprise benefits identity, and age verification are important adjacency-expansion vectors for reusable identity wallets. | 中 | SM004 |
| CM045 | Future Market Insights includes government, healthcare, telecom, BFSI, e-commerce, and travel or mobility among the industries buying digital identity services. | 中 | SM003 |
| CM046 | Grand View Research says North America held 38.4% of identity verification revenue in 2022. | 中 | SM002 |
| CM047 | MarketsandMarkets says the U.S. identity verification market is USD 4.34 billion in 2025 and projected to reach USD 8.16 billion by 2030. | 中 | SM001 |
| CM048 | MarketsandMarkets says Europe is a USD 3.53 billion identity verification market in 2025 and Asia Pacific is a USD 2.73 billion market in 2025. | 中 | SM001 |
| CM049 | ID.me’s inclusion-oriented fallback pathways are likely to raise service cost and operational burden relative to fully automated identity APIs. | 中 | SM004, SM020, SM025 |
| CM050 | MarketsandMarkets and Grand View Research both attribute category growth to rising identity theft, cybercrime, and digitization of regulated services. | 中 | SM001, SM002 |
| CM051 | CMS and FedScoop frame the Medicare rollout as part of a broader interoperability and digital-access modernization push in healthcare. | 高 | SM006, SM021 |
| CP001 | ID.me's wallet can be reused across government and private-sector relying parties after one verification. | 高 | SP001, SP002, SP003 |
| CP002 | ID.me's public-sector proposition combines high-assurance credentialing, deterministic matching, and multilingual assisted verification to reduce friction in regulated access. | 高 | SP002, SP003 |
| CP003 | Sacra says ID.me monetizes initial verifications and later credential reuse, so more relying parties can compound wallet value over time. | 中 | SP004 |
| CP004 | Persona says its platform verifies real people and real businesses online and orchestrates identity across the lifecycle. | 中 | SP012 |
| CP005 | Persona exposes overlap with ID.me on KYC, shareable KYC, KYB, age assurance, workforce verification, and government use cases. | 高 | SP012, SP013 |
| CP006 | Persona publishes an entry price of USD 250 per month for Essential, then moves Growth and Enterprise buyers into contact-sales and custom pricing. | 中 | SP013 |
| CP007 | Persona says it charges per successful verification rather than for every abandoned attempt, explicitly contrasting itself with competitors that charge per use. | 中 | SP013 |
| CP008 | Socure sells an AI-native decisioning and orchestration platform for identity, fraud, risk, and compliance with both Enterprise and self-serve Launch motions. | 高 | SP014, SP016 |
| CP009 | Socure's public product stack includes identity verification, document and biometric verification, eCBSV, sanctions and adverse-media screening, device intelligence, and graph-based fraud tools. | 中 | SP014 |
| CP010 | Socure actively pursues federal and state or local agencies through a FedRAMP-authorized public-sector offer. | 中 | SP015 |
| CP011 | Socure Launch publishes per-evaluation prices from USD 0.80 to USD 1.30 with USD 1,000 in monthly credits, while Enterprise is usage-based and custom. | 中 | SP016 |
| CP012 | Socure claims it can prevent 99 percent of third-party identity fraud in the riskiest 5 percent of users while preserving access to benefits and services. | 中 | SP015 |
| CP013 | Jumio centers its pitch on orchestration, decisioning, analytics, and APIs and SDKs rather than on a broad consumer wallet brand. | 中 | SP017 |
| CP014 | Jumio claims AI trained on billions of transactions, tens of millions of known identities in its graph, and support for more than 5,000 global ID types. | 中 | SP017 |
| CP015 | Jumio is testing reusable identity through selfie.DONE, but the public platform story still emphasizes configurable onboarding and fraud workflows. | 中 | SP017 |
| CP016 | Auth0 competes as a CIAM platform with sign-up and login, SSO, MFA, passwordless, bot detection, and integrations across apps and connected devices. | 中 | SP018 |
| CP017 | Auth0 highlights 10 billion or more authentications per month, 3 billion or more attacks blocked monthly, 99.99 percent uptime, and 30 or more SDKs and quickstarts. | 中 | SP018 |
| CP018 | Auth0 has visible self-serve pricing from free to USD 35 per month and USD 240 per month before enterprise custom tiers. | 中 | SP019 |
| CP019 | Compared with ID.me, Auth0 is stronger as an installed-base IAM and CIAM suite and weaker as a reusable, high-assurance public-benefits credential. | 中 | SP001, SP018, SP019 |
| CP020 | Trulioo markets a global identity platform spanning person verification, KYC data and documents, electronic identification, business verification, and fraud intelligence. | 中 | SP020, SP021 |
| CP021 | Trulioo's public sales motion emphasizes worldwide onboarding and workflow customization, but its public surfaces do not show list pricing or reusable consumer identity. | 中 | SP020, SP021 |
| CP022 | CLEAR1 positions itself as an enterprise identity platform for healthcare, workforce, and customer onboarding using multi-signal verification. | 中 | SP022 |
| CP023 | CLEAR says CLEAR1 already has 41 million or more existing users, 89 percent brand trust or security recognition, and a 2x higher success rate at the highest assurance levels. | 中 | SP022 |
| CP024 | CLEAR's official site says CLEAR1 was selected to power secure, seamless digital identity for Medicare.gov. | 中 | SP022 |
| CP025 | FedScoop reported that CMS will use both ID.me and CLEAR for Medicare.gov, with CLEAR supporting account creation and recovery and ID.me supporting identity verification and sign-in. | 中 | SP005 |
| CP026 | Login.gov is a government-only substitute with MFA, SAML and OIDC integration, and FedRAMP Moderate authorization for agencies that need official public-sector identity infrastructure. | 高 | SP023, SP007, SP008 |
| CP027 | SSA tells users that both ID.me and Login.gov are acceptable sign-in options and that Login.gov supports non-phone MFA methods while ID.me can use video verification. | 中 | SP007 |
| CP028 | VA likewise supports both ID.me and Login.gov for verified sign-in, showing that agencies can multi-home substitutes instead of standardizing solely on ID.me. | 中 | SP008 |
| CP029 | IRS still uses ID.me for certain online self-help tools and emphasizes NIST 800-63-3 compliance, showing that public-sector procurement remains assurance-led rather than purely CIAM-led. | 中 | SP006 |
| CP030 | SheerID is an adjacent verified-attribute and eligibility specialist rather than a full reusable identity wallet. | 高 | SP024, SP025 |
| CP031 | SheerID says its Audience Data Platform verifies consumers against more than 200,000 authoritative data sources and can run as hosted, API, or customized workflows. | 中 | SP024, SP025 |
| CP032 | SheerID's public proof points focus on marketing and loyalty outcomes such as 200,000 verified Michaels customers, 68 percent more students for YNAB, and 18x ROI for Princess Cruises. | 中 | SP024 |
| CP033 | Market research says identity verification is growing, but Future Market Insights argues competitive advantage is shifting toward ecosystem strength, orchestration, and recurring SaaS revenue. | 中 | SP009, SP010, SP011 |
| CP034 | Future Market Insights says API-first SaaS accounts for 63.8 percent of 2025 digital identity services revenue and cloud accounts for 70.3 percent, supporting commoditization pressure from flexible API-native vendors. | 中 | SP011 |
| CP035 | Sacra argues that platform-native wallets and broader enterprise identity suites from players like Apple, Google, and Microsoft could push third-party identity vendors toward edge cases or backup flows over time. | 中 | SP004 |
| CP036 | ID.me's moat is strongest when the buyer values inclusion, high-assurance proofing, and credential reuse more than the cheapest automated throughput. | 中 | SP002, SP004, SP005 |
| CP037 | ID.me is weaker when buyers frame the job as developer-embedded verification or configurable onboarding, because Persona, Socure, Jumio, Trulioo, and Auth0 all market programmable workflows or self-serve integration. | 中 | SP012, SP014, SP017, SP018, SP020 |
| CP038 | Pricing transparency varies sharply because Auth0, Persona, and Socure publish entry pricing, while ID.me, Jumio, Trulioo, CLEAR1, and most public-sector motions remain largely quote-driven. | 中 | SP002, SP013, SP016, SP017, SP019, SP020, SP022 |
| CP039 | That pricing split matters because transparent self-serve vendors can seed developers and smaller accounts quickly, while opaque enterprise sales align better with government and high-assurance deployments but slow bottom-up adoption. | 中 | SP013, SP016, SP019, SP015, SP018 |
| CP040 | Switching costs grow once ID.me is embedded across wallet reuse, identity recovery, multilingual support, and multiple programs, but public evidence shows buyers can still layer in Login.gov or CLEAR for specific journeys. | 中 | SP001, SP003, SP005, SP007, SP008, SP022 |
| CP041 | Distribution power is fragmented because ID.me has cross-agency wallet penetration, CLEAR has a consumer biometrics network, Auth0 has developer and Okta-installed-base reach, and Socure, Persona, Jumio, and Trulioo compete through API breadth and fraud tooling. | 中 | SP003, SP012, SP014, SP017, SP018, SP020, SP022 |
| CP042 | Public sources still do not provide clean win-rate, migration, renewal, or realized pricing data that would prove ID.me has a dominant long-term moat over these substitutes. | 低 | SP004, SP005, SP022, SP023 |
| CP043 | FedScoop says the CMS expansion sits inside a broader HHS contract worth roughly USD 5 million, which implies that even visible federal wins may start narrower than the platform story suggests. | 中 | SP005 |
| CP044 | ID.me's CMS press release claims 157 million users, 80 million federal IAL2 users, 21 federal agencies, 45 states, 70 plus healthcare organizations, and more than 600 private-sector entities, showing real distribution breadth rivals must displace. | 中 | SP003 |
| CI001 | ID.me presents its core product as a reusable digital identity wallet that lets a user verify once and then reuse credentials across government and commercial sites. | 中 | SI004, SI016 |
| CI002 | Sacra says ID.me revenue scales with successful identity outcomes rather than seats or licenses. | 中 | SI002 |
| CI003 | Sacra says government customers typically pay per successful verification under multi-year contracts tied to high-assurance compliance workflows. | 中 | SI002 |
| CI004 | Sacra says commercial customers use subscription tiers or pay-per-verification pricing for attribute and community checks. | 中 | SI002 |
| CI005 | The reviewed public sources for this chapter do not disclose a general ID.me list-pricing card or standard realized take rates. | 中 | SI001, SI004, SI010, SI011, SI012, SI013, SI016 |
| CI006 | In September 2025 ID.me said it served 152 million users, 76 million IAL2-verified users, 20 federal agencies, 45 state agencies, 70-plus healthcare organizations, 600-plus brands, and 500-plus employers. | 中 | SI001 |
| CI007 | In December 2025 ID.me updated its footprint to 157 million users, 80 million IAL2-verified users, 21 federal agencies, 50 state agencies, 70-plus healthcare organizations, and more than 600 private-sector entities. | 中 | SI004 |
| CI008 | The company’s 15-year retrospective reported an earlier snapshot of 139 million wallet users, 65 million verified users, 20 federal agencies, 44 states, 66 healthcare organizations, and 600-plus consumer brands. | 中 | SI009 |
| CI009 | The progression from the 15-year retrospective to the late-2025 releases implies continuing wallet growth rather than a static installed base. | 中 | SI001, SI004, SI009 |
| CI010 | ID.me said it added 20.4 million new wallets in 2024 and powered 409 million successful logins, up 44 percent year over year. | 高 | SI001, SI002 |
| CI011 | IRS, SSA, VA, CMS, and the wallet overview all show the same credential can be reused across services without forcing full reverification. | 中 | SI004, SI016, SI017, SI018, SI019 |
| CI012 | Carahsoft expands ID.me’s government sales routes through reseller partners, GSA Schedule, and ITES-SW2 rather than limiting the company to direct procurement alone. | 中 | SI012 |
| CI013 | GovConWire reported that the IRS awarded ID.me a blanket purchase agreement worth up to $1 billion with ordering authority through December 29, 2030. | 中 | SI006 |
| CI014 | FedScoop reported that the Medicare.gov expansion sits inside a broader HHS contract that has been ongoing since 2022 and is worth roughly $5 million. | 中 | SI005 |
| CI015 | The gap between a $1 billion BPA ceiling and a roughly $5 million HHS contract shows that contract vehicles communicate potential volume, not guaranteed recognized revenue. | 中 | SI005, SI006 |
| CI016 | The VEC case study says Virginia introduced ID.me in January 2024 as a login and identity-verification option for unemployment claimants. | 中 | SI014 |
| CI017 | The same VEC case study says digital claims rose 173 percent and call-center volume fell 57 percent after rollout. | 中 | SI014, SI009 |
| CI018 | The VA case study shows ID.me won early federal business by meeting strict security standards while preserving credential continuity from existing VA login systems. | 中 | SI015 |
| CI019 | SSA’s June 2025 FAQ says users must sign in through either Login.gov or ID.me for Social Security online services. | 中 | SI018 |
| CI020 | FedScoop reported that CLEAR will also support Medicare.gov identity workflows, implying CMS is willing to multi-source identity providers. | 中 | SI005 |
| CI021 | ID.me’s public workflow can include document upload, selfie or liveness checks, Social Security number validation, MFA, and reusable credential issuance. | 中 | SI010, SI011, SI017, SI020 |
| CI022 | ID.me supports automated self-service, video chat, and supervised remote or in-person-style verification pathways. | 中 | SI010, SI011, SI014 |
| CI023 | The video-call verification path can require multiple documents plus live agent review, making it more labor-intensive than pure self-service verification. | 中 | SI020 |
| CI024 | ID.me’s security and compliance pages describe dedicated security staff, FedRAMP-hosted infrastructure, annual audits, encryption controls, and multiple NIST/Kantara obligations. | 中 | SI010, SI011 |
| CI025 | The IRS says ID.me stores identity information as a credential service provider and automatically deletes selfie, video, and biometric data for IRS users except suspicious or fraudulent activity. | 中 | SI017 |
| CI026 | GAO and Biometric Update say the IRS receives weekly reports and dashboard analytics from ID.me that include true pass rates, document-verification success, and user drop-off data. | 中 | SI007, SI008 |
| CI027 | Those public references to pass-rate and drop-off dashboards show ID.me manages unit economics operationally even though it does not publish enough data to calculate CAC, payback, or gross margin. | 中 | SI007, SI008 |
| CI028 | ID.me’s older government sales material claimed 87 to 93 percent citizen pass rates and solutions that were 10 to 16 times less expensive than competition. | 低 | SI013 |
| CI029 | That same sales material frames GTM around total-cost outcomes and inclusion rather than seat counts or transparent self-serve software pricing. | 中 | SI013 |
| CI030 | Sacra estimates that ID.me generated $130 million of revenue in 2023. | 中 | SI002 |
| CI031 | MicroVentures reported that ID.me generated $150 million of revenue in 2024. | 低 | SI003 |
| CI032 | Sacra says the company disclosed revenue growth of more than 450 percent from 2020 through 2024 without publishing exact 2024 or 2025 revenue figures. | 中 | SI002 |
| CI033 | The retained public record supports a growing revenue base but not a reconciled, audited 2024 to 2025 revenue series. | 中 | SI001, SI002, SI003 |
| CI034 | ID.me announced that it raised $340 million in 2025 at a valuation exceeding $2 billion. | 高 | SI001, SI002 |
| CI035 | Sacra says the $340 million total combined $65 million of Series E equity with a $275 million credit facility. | 中 | SI002 |
| CI036 | Sacra says ID.me has raised roughly $500 million across equity and debt since its founding. | 中 | SI002 |
| CI037 | Because a large part of the 2025 package was a credit facility, the financing mix implies some continuing reliance on non-equity capital to fund expansion. | 中 | SI001, SI002 |
| CI038 | No retained public source in this chapter disclosed current cash on hand, monthly burn, runway months, or debt covenants. | 中 | SI001, SI002, SI003, SI004, SI005, SI006 |
| CI039 | Capital adequacy therefore has to be inferred from fresh financing, contract momentum, and continuing usage growth rather than directly measured liquidity. | 中 | SI001, SI002, SI004, SI005, SI006 |
| CI040 | MarketsandMarkets sizes the identity-verification market at $14.34 billion in 2025 growing to $29.32 billion in 2030, while Future Market Insights sizes broader digital identity services at $28.5 billion in 2025 growing to $86.5 billion in 2035. | 中 | SI021, SI022 |
| CI041 | Those market studies support real demand tailwinds but do not resolve whether ID.me captures software-like recurring margins or lower-margin service-heavy verification revenue. | 中 | SI002, SI021, SI022 |
| CI042 | GAO said IRS applications using ID.me were accessed more than 150 million times between 2021 and 2024 and that ID.me is IRS’s sole provider for IAL2 identity proofing. | 高 | SI007, SI008 |
| CI043 | GAO and Biometric Update both describe single-vendor dependence and oversight gaps at IRS, creating renewal, pricing, and reputational risk if agencies demand more competition or stricter controls. | 中 | SI007, SI008 |
| CI044 | Biometric Update reported that total IRS obligation under the Treasury BPA had reached $234.7 million by April 2025, showing only partial conversion of the large contract vehicle into spend so far. | 中 | SI008 |
| CI045 | Revenue quality looks better than a one-off pandemic vendor because ID.me now spans federal, state, healthcare, employer, and commerce use cases, but government still appears to be the anchor vertical in public evidence. | 中 | SI001, SI002, SI004, SI009 |
| CI046 | ID.me looks more like a transaction-and-reuse identity network than a pure software seat vendor, so gross margin likely depends on automation rates, fraud losses, and how often higher-cost human verification is triggered. | 中 | SI002, SI010, SI011, SI020 |
| CI047 | The absence of disclosed realized pricing, gross margin, customer concentration, and runway prevents exact underwriting even though top-line momentum and financing access look credible. | 中 | SI001, SI002, SI003, SI007, SI008 |
| CI048 | The financial verdict is that public evidence supports a growing, contract-backed identity platform with adequate recent financing, but not enough margin or balance-sheet disclosure to underwrite the private valuation with high confidence. | 中 | SI001, SI002, SI004, SI005, SI006, SI007, SI008, SI021, SI022 |
| CI049 | Future Market Insights and the Okta/Auth0 customer-identity pages show that much of the broader category is increasingly framed as API-first SaaS and recurring software delivery. | 中 | SI022, SI024, SI025 |
| CI050 | Compared with those API-first comps, ID.me’s public evidence emphasizes procurement channels, supervised verification, and wallet reuse over self-serve developer pricing, which may deepen contract defensibility but reduces price transparency. | 中 | SI012, SI013, SI024, SI025 |
| CI051 | ID.me’s developer documentation shows integration, API, identity-gateway, digital-wallet, and mobile-SDK surfaces, implying enterprise implementation work beyond a simple consumer front end. | 中 | SI026, SI027 |
| CI052 | Jumio and Socure market configurable workflows, APIs, SDKs, risk scoring, and even self-serve deployment, highlighting that some competitors emphasize more productized automation than ID.me’s public financial evidence does. | 中 | SI028, SI029 |
| CI053 | CLEAR markets identity across travel, work, and daily life, and FedScoop says CMS will also deploy CLEAR on Medicare.gov, reinforcing that federal identity budgets can split across differentiated vendors rather than consolidating entirely inside ID.me. | 中 | SI005, SI030 |
| CI054 | Juniper Research frames digital identity as a market measured through both platform revenue from digital identity apps and annual verification-check volume, underscoring that app-level recurring revenue and verification events coexist as economic units in this category. | 中 | SI031 |
| CI055 | Mitek Systems maintains a public SEC-filings archive, illustrating that public identity-verification comparables disclose financial data on a cadence that private ID.me does not. | 中 | SI032 |
| CE001 | ID.me presents its core offer as a reusable digital identity wallet that lets users verify once and sign in across participating websites without repeating the full proofing ceremony. | 高 | SE018, SE023 |
| CE002 | The public product surface extends beyond login into wallet cards, community status verification, and consented data sharing for partner sites. | 高 | SE011, SE012 |
| CE003 | Public wallet and SDK materials show attribute scopes and cards for communities such as military, nurse, student, and government-related statuses. | 中 | SE011, SE009 |
| CE004 | The core government workflow is create or reuse a wallet, complete MFA, verify identity, and then consent to share data back to the relying organization. | 高 | SE012, SE014 |
| CE005 | Short video-call verification requires a camera-equipped phone, MFA, a photo ID, an SSN, and a recorded live session with an ID.me agent. | 高 | SE014, SE015 |
| CE006 | Extended video-call verification can require two primary documents or one primary plus one secondary document, widening coverage beyond the standard self-service document set. | 高 | SE013, SE016 |
| CE007 | Public deployment materials say ID.me offers online self-service, video chat, and in-person verification pathways to serve users who cannot clear a fully automated path. | 高 | SE026, SE003 |
| CE008 | Company compliance and government pages market supervised remote, unsupervised remote, and in-person proofing as NIST 800-63-3 IAL2-aligned options. | 高 | SE002, SE003 |
| CE009 | VA says self-service verification uses a valid unexpired driver’s license, state ID, passport, or passport card, while other documents may require video call or in-person verification. | 高 | SE016, SE014 |
| CE010 | The public developer docs enumerate OIDC, SAML, OAuth 2.0, PKCE, Shared Signals Framework, Applications API, Document Passback API, Events API, Services API, Work Authentication, Identity Gateway, Digital Wallet, Attributes Exchange, and Attribute Matching. | 中 | SE004, SE005, SE006 |
| CE011 | The public Android SDK supports OAuth 2.0 plus PKCE and OIDC flows, built-in token management, encrypted storage, JWT validation, and Chrome Custom Tab auth. | 中 | SE009 |
| CE012 | The Android SDK docs recommend OAUTH_PKCE for mobile because it returns full attribute and status payloads, while OIDC only returns standard claims and is not recommended for that integration. | 中 | SE009 |
| CE013 | The SDK publicly exposes production and sandbox environments, single and grouped verification policies, token refresh, raw JWT inspection, and expiry monitoring. | 中 | SE009 |
| CE014 | The Android sample repo reveals distinct modules for auth flow, configuration, token management, JWT validation, credential storage, networking, and a demo app. | 中 | SE009 |
| CE015 | ID.me’s GitHub organization shows public Kotlin, Swift, Python, and Ruby integration repositories updated in May 2026, indicating current developer-maintenance activity. | 中 | SE008, SE009 |
| CE016 | The Android SDK is distributed via GitHub Packages and requires a GitHub personal access token, which adds integration setup friction relative to package managers that do not require authenticated package pulls. | 中 | SE009 |
| CE017 | ID.me’s public docs also merchandise Mobile SDK, Multifactor Authentication, Knowledge-Based Authentication, Fortified Identity, NIST IAL2, and TEFCA Individual Access Services as distinct product surfaces. | 高 | SE006, SE002 |
| CE018 | CMS says Medicare.gov will add ID.me in early 2026 so beneficiaries can reuse credentials already used at SSA, VA, and other participating agencies. | 高 | SE018, SE019 |
| CE019 | IRS says one ID.me account can sign in to most IRS accounts and services after a two-part setup of account creation plus one-time verification. | 中 | SE015 |
| CE020 | SSA says that from June 7, 2025 onward ID.me or Login.gov became the only sign-in options for Social Security online services and existing ID.me accounts can be reused there. | 中 | SE017 |
| CE021 | VA says identity verification is generally a one-time process that usually takes about 10 minutes unless MFA access is lost or the account must be recreated. | 中 | SE016 |
| CE022 | The CMS rollout is pitched as more than login because ID.me says it will use high-assurance credentialing, real-time data exchange, deterministic matching, and multilingual live video chat. | 高 | SE018, SE019 |
| CE023 | FedScoop reports that CLEAR was also selected for Medicare identity verification, showing that ID.me does not have an exclusive lock on future CMS identity flows. | 中 | SE019 |
| CE024 | ID.me says it deployed secure authentication on VA.gov in 2016 while letting veterans keep DS Logon and MyHealtheVet credentials during the transition. | 高 | SE024, SE025 |
| CE025 | VEC says previously verified users from agencies such as IRS or VA can log into Virginia benefits with ID.me without another identity verification event. | 中 | SE026 |
| CE026 | VEC attributes its ID.me rollout to a 173% increase in online usage, a 57% decline in call-center volume, and 9,300 staff hours saved. | 高 | SE026, SE023 |
| CE027 | ID.me says it added 20.4 million new wallets in 2024 and powered more than 409 million successful logins, up 44% year over year. | 中 | SE023 |
| CE028 | By December 2025 ID.me said it had more than 157 million users, 80 million users verified to federal standards, 21 federal agencies, 50 state agencies, and more than 600 private-sector entities in its network. | 中 | SE018 |
| CE029 | The wallet’s strongest product differentiation is credential reuse across a large trusted network because every additional relying party increases the future value of a prior verification. | 中 | SE003, SE018, SE027 |
| CE030 | ID.me says relying parties may request only the minimum necessary personal data and users must review and authorize release before information is shared. | 高 | SE001, SE012 |
| CE031 | ID.me says PII is encrypted using FIPS 140-2 approved AES with 256-bit keys and dynamic key rotation. | 中 | SE001 |
| CE032 | ID.me says its platform runs inside a FedRAMP-authorized AWS isolated VPC and applies role-based access, separation of duties, and multifactor authentication to the processing environment. | 高 | SE001, SE022 |
| CE033 | Public trust materials market FedRAMP, ISO 27001, SOC 2, NIST 800-63-3 IAL2, DEA EPCS, TEFCA Individual Access Services, CCPA, and KYC alignment as part of the product posture. | 高 | SE002, SE022 |
| CE034 | IRS says selfie, video, and biometric data are automatically deleted for IRS verifications except when suspicious or fraudulent activity is detected. | 中 | SE015 |
| CE035 | Biometric Update says GAO found IRS contract directives requiring biometric deletions within 24 to 48 hours and video-session deletions within 30 days, while oversight still relied heavily on vendor attestation. | 中 | SE021 |
| CE036 | GAO says IRS uses ID.me as its sole IAL2 provider for many online applications and that the proofing process typically includes documentary evidence such as a driver’s license plus biometric evidence such as a selfie. | 高 | SE020, SE021 |
| CE037 | GAO concluded IRS had not documented measurable goals, routine performance evaluation, or AI-inventory oversight for the identity-proofing program. | 高 | SE020, SE021 |
| CE038 | ID.me says it was the first vendor certified against NIST 800-63-3 IAL2 by Kantara and the first identity provider to deploy FIDO U2F security keys in the government sector. | 高 | SE002, SE024 |
| CE039 | ID.me maintains a public status page, and the May 25-26, 2026 incident log shows a mobile wallet outage followed by monitoring and a deployed fix. | 中 | SE010 |
| CE040 | The mobile-wallet incident shows that operational continuity depends on live upstream services and remediation execution, not just on the static correctness of a credential once issued. | 中 | SE010, SE011 |
| CE041 | Independent coverage says ID.me’s government deployments have drawn criticism over facial recognition, civil-rights risk, wait-time complaints, and weak agency-side oversight of AI use. | 高 | SE019, SE020, SE021 |
| CE042 | Sacra argues ID.me monetizes successful identity outcomes and the reuse of verified credentials rather than only one-time licenses or seats. | 中 | SE027, SE023 |
| CE043 | Sacra argues that human fallback systems such as video referees and in-person verification help inclusion but also raise operating costs relative to fully automated competitors. | 中 | SE027, SE026 |
| CE044 | Sacra identifies Apple Wallet, Google Wallet, and other platform-native identity stacks as a long-term risk if regulators and enterprises broadly accept OS-level credentials. | 中 | SE027 |
| CE045 | Carahsoft gives agencies GSA Schedule and reseller procurement routes into ID.me, which lowers buying friction but does not remove dependence on the underlying ID.me credential network. | 中 | SE022 |
| CE046 | The publicly merchandised module map spans Digital Wallet, Identity Gateway, Work Authentication, Multifactor Authentication, Knowledge-Based Authentication, Attributes Exchange, and community verification surfaces. | 中 | SE006, SE004 |
| CE047 | ID.me’s 2025 financing release explicitly frames new capital around reusable identity expansion and AI-driven fraud defense, indicating that fraud tooling is a near-term roadmap priority. | 中 | SE023 |
| CE048 | Sample-code docs expose supported applications, QA testing, launch-in-production, monitoring-performance, and conversion-tracking pages, suggesting a structured integration lifecycle rather than a docs set limited to raw protocol references. | 中 | SE007 |
| CE049 | The refreshed guides overview page groups IAM-platform integrations for AWS, Keycloak, Microsoft, Okta, and Ping next to protocol, SDK, and API navigation, reinforcing that ID.me is documenting a partner integration layer rather than only a consumer wallet front end. | 中 | SE030 |
| CE050 | The Android SDK has its own first-class documentation endpoint separate from the GitHub repo, which suggests the mobile integration surface is actively documented for partners in addition to being open-sourced as sample code. | 中 | SE028 |
| CE051 | OAuth 2.0 has its own protocol overview page in the public docs, indicating protocol-specific documentation rather than a single generic identity overview. | 中 | SE029 |
| CE052 | ID.me maintains a public iOS auth sample-code repository, indicating the integration surface is supported beyond Android alone. | 中 | SE031 |
| CE053 | ID.me also maintains a public Python sample project demonstrating integration with its OAuth 2.0 API, reinforcing that the developer surface extends into server-side reference implementations. | 中 | SE032 |
| CU001 | ID.me’s September 2025 financing release said the company served 152 million users, 76 million users verified to federal IAL2 standards, 20 federal agencies, 45 state agencies, more than 70 healthcare organizations, more than 600 consumer brands, and more than 500 U.S. employers. | 中 | SU020 |
| CU002 | ID.me’s December 2025 CMS release said the company was trusted by more than 157 million users, including 80 million verified to federal standards, across 21 federal agencies, 45 state agencies, more than 70 healthcare organizations, and over 600 private-sector entities. | 中 | SU001 |
| CU003 | GovConWire reported in January 2026 that ID.me supported 156 million users across 21 federal agencies, 50 state agencies, and more than 70 healthcare organizations. | 中 | SU003 |
| CU004 | ID.me said it added 20.4 million new wallets in 2024 and powered more than 409 million successful logins, up 44% year over year. | 中 | SU020, SU024 |
| CU005 | Sacra wrote that ID.me customers pay when identity verification succeeds and continue paying as verified credentials are reused for logins and attribute checks. | 中 | SU024 |
| CU006 | The disclosed customer base spans government benefits, healthcare access, employer screening, and consumer-brand or community verification rather than a single buyer type. | 中 | SU001, SU011, SU013, SU015, SU017 |
| CU007 | IRS says one ID.me account lets a user sign in to most IRS accounts and services after the user verifies identity once. | 中 | SU004 |
| CU008 | SSA says an existing ID.me account can be reused to access Social Security online services, so users do not need to create a new ID.me account for SSA. | 高 | SU005, SU028 |
| CU009 | VA says identity verification with ID.me is normally a one-time process unless the user loses access to the account or needs to recreate it. | 中 | SU006 |
| CU010 | Pennsylvania tells claimants to use the same ID.me account for unemployment that they use for any other service requiring ID.me. | 高 | SU007, SU008 |
| CU011 | ID.me’s VEC case study says Virginians who already created an ID.me account for agencies such as the IRS or VA can simply log in at VEC without additional verification and that subsequent visits take about a minute. | 高 | SU009, SU010 |
| CU012 | The CMS release said Medicare beneficiaries will be able to reuse the same ID.me credential they already use at SSA, VA, 50 state agencies, and over 600 private-sector entities. | 中 | SU001, SU002 |
| CU013 | ID.me said CMS selected it to enable identity verification and sign-in on Medicare.gov beginning in early 2026. | 中 | SU001, SU002 |
| CU014 | GovConWire reported that the IRS awarded ID.me a blanket purchase agreement worth up to $1 billion with ordering through December 2030. | 中 | SU003 |
| CU015 | SSA’s transition FAQ says that, effective June 7, 2025, Login.gov and ID.me are the only sign-in options for Social Security online services. | 中 | SU005 |
| CU016 | VA’s identity-verification guidance presents ID.me as one of the credential-service-provider options for accessing VA.gov and other VA digital services. | 中 | SU006 |
| CU017 | Pennsylvania DLI and ID.me both say Pennsylvania uses ID.me to verify unemployment claimants requesting benefits and services online. | 高 | SU007, SU008 |
| CU018 | VEC’s official March 2024 announcement and ID.me’s case study both describe ID.me as the login and identity-verification tool for Virginia unemployment benefits. | 高 | SU009, SU010 |
| CU019 | ID.me and Sterling extended their exclusive partnership through July 2028 to sell identity-first pre-employment screening and hiring workflows to U.S. employers. | 中 | SU011 |
| CU020 | Sterling said its early adopters found an average of 45% more criminal results across 110,000 background checks when identity verification was completed at the start of screening. | 中 | SU011 |
| CU021 | ID.me and OtisHealth said patients can log in to the OtisHealth app with ID.me and securely request, review, and share healthcare records through TEFCA-linked workflows. | 中 | SU013 |
| CU022 | ID.me’s medical-provider workflow lets prescribers verify identity for EPCS by using a government ID, selfie, and provider identifiers such as DEA and NPI numbers. | 中 | SU017 |
| CU023 | ID.me’s government-or-hospital-employee help page says current government employees, hospital workers, and employees of specific companies such as Clarks and Volvo can verify status through ID.me to claim partner offers. | 中 | SU019 |
| CU024 | ID.me’s medical-status help page says medical providers and healthcare workers can verify status with ID.me to unlock discounts on participating brands. | 中 | SU018 |
| CU025 | ID.me’s medical-provider page says hundreds of private-sector companies such as LinkedIn, Ford, Apple, and USAA use ID.me to help protect customer information. | 中 | SU017 |
| CU026 | ID.me Shop says government employees can access discounts and cash-back offers from thousands of partner brands. | 中 | SU015 |
| CU027 | ID.me’s industries page says the company provides access to government and commercial benefits and services and discounts from thousands of partners. | 中 | SU014 |
| CU028 | ID.me’s September 2025 financing release said more than 500 U.S. employers use the platform. | 中 | SU020 |
| CU029 | VEC’s official March 2024 announcement said more than 80% of customers were successfully accessing the benefits system when using ID.me. | 中 | SU009 |
| CU030 | ID.me’s VEC case study says online usage at VEC rose 173% within about eight months of introducing ID.me. | 中 | SU010, SU020 |
| CU031 | ID.me’s VEC case study says call volume fell 57% and 9,300 staff hours were saved after the VEC rollout. | 中 | SU010, SU020 |
| CU032 | The same VEC case study says more than 80% of customers were filing claims seamlessly online after the rollout. | 中 | SU010 |
| CU033 | ID.me’s public-sector solution page says the company maintains 87% to 93% citizen pass rates while meeting supervised-remote verification requirements. | 中 | SU023 |
| CU034 | FedScoop reported that access to IRS applications in Puerto Rico more than tripled after ID.me deployment and reached a 78.6% ultimate pass rate, citing a Treasury letter shared with the outlet. | 中 | SU002 |
| CU035 | Biometric Update reported that ID.me said IRS pass rates rose from 40% to over 70% compared with IRS’s prior algorithm-only solution and that access rates for underserved populations increased threefold. | 中 | SU027 |
| CU036 | Pennsylvania’s DLI page and ID.me’s Pennsylvania help article say self-service verification usually takes only minutes and that video-call and in-person fallbacks are available. | 高 | SU007, SU008 |
| CU037 | VEC’s official page says claimants can choose self-service camera verification, a video call with an ID.me agent, or in-person verification at select retail locations. | 中 | SU009 |
| CU038 | Sterling said more than one in three job candidates have already confirmed identity with ID.me, which lowers onboarding friction for employer screening. | 中 | SU011 |
| CU039 | The OtisHealth release said more than 50 million American adults had already verified identity with ID.me at federal and state agencies, creating a reusable installed base for healthcare access. | 中 | SU013 |
| CU040 | Sterling In-Person says the ID.me-Sterling workflow uses more than 500 retail locations and can support unemployment-benefit and federal-contractor-employment use cases. | 中 | SU012 |
| CU041 | ID.me’s medical-provider page says its technology already services more than 500 organizations including healthcare systems, government agencies, financial institutions, and nonprofits. | 中 | SU017 |
| CU042 | Public durability evidence is strongest on repeat logins, wallet reuse, and program outcomes; public NRR, GRR, logo churn, contract length, and renewal-rate metrics were not found in the reviewed sources. | 中 | SU001, SU020, SU024 |
| CU043 | Public named proof is concentrated in government and regulated workflows, while private-sector proof is broader in discount and verification surfaces than in quantified production outcomes. | 中 | SU011, SU013, SU015, SU017, SU019 |
| CU044 | Revenue concentration, top-account mix, and segment-level ARR are not publicly disclosed in the reviewed materials. | 中 | SU014, SU020, SU024 |
| CU045 | Carahsoft expands procurement channels through reseller partners, GSA Schedule, and ITES-SW2, which can help public-sector adoption but also shows that government expansion still depends on contract vehicles. | 中 | SU022 |
| CU046 | GAO said IRS relied on ID.me as its sole provider for IAL2 identity proofing and that users accessed IAL2 applications more than 150 million times between 2021 and 2024. | 高 | SU026, SU027 |
| CU047 | GAO said IRS lacked measurable goals, regular evaluations, documented communication procedures, and AI-inventory compliance for the ID.me-powered identity-proofing program. | 高 | SU026, SU027 |
| CU048 | Biometric Update said watchdog and stakeholder concerns remain around privacy, fairness, and single-vendor dependence in the IRS program. | 中 | SU027 |
| CU049 | ID.me says its public-sector solution is 10 to 16 times less expensive than competitors. | 低 | SU023 |
| CU050 | ID.me’s employee-verification help flow allows users to request that a missing employer be added to the database, showing long-tail expansion potential but also some operational friction. | 中 | SU019 |
| CR001 | ID.me’s privacy policy was version 7.1.8 and last updated on 2026-05-07. | 中 | SR001 |
| CR002 | ID.me’s privacy policy says it will not sell, rent, or trade personal information. | 中 | SR001 |
| CR003 | ID.me’s privacy policy says verification can involve names, dates of birth, Social Security numbers, government-ID copies, photographic images, and biometric data. | 中 | SR001 |
| CR004 | ID.me’s privacy policy says users may destroy their credential and disallow further external use of associated personal information. | 中 | SR001 |
| CR005 | ID.me’s privacy policy says using the service for legal identity verification with a state or federal agency constitutes consent to reporting between ID.me and the originating agency. | 中 | SR001 |
| CR006 | ID.me’s biometric consent statement was version 3.3.0 and last updated on 2026-04-10. | 中 | SR002 |
| CR007 | ID.me’s biometric consent says biometric information will not be sold, rented, or traded and is used for identity proofing and fraud prevention in accordance with NIST guidelines. | 中 | SR002 |
| CR008 | ID.me’s biometric consent says it derives facial geometry or faceprints from uploaded identity documents and selfies to prevent multiple wallets and detect fraud. | 中 | SR002 |
| CR009 | ID.me’s biometric consent says biometric data may be retained for up to one year after wallet closure. | 中 | SR002 |
| CR010 | The IRS says an ID.me account is required to sign in and access tax information and services on IRS.gov. | 中 | SR006 |
| CR011 | The IRS says selfie, video, and biometric data are automatically deleted for IRS users except in cases of suspicious or fraudulent activity. | 中 | SR006 |
| CR012 | GAO said ID.me is the IRS’s sole provider of IAL2 identity-proofing products and supporting activities. | 高 | SR007, SR008 |
| CR013 | GAO said IRS users accessed IAL2 applications more than 150 million times between 2021 and 2024. | 高 | SR007, SR008 |
| CR014 | GAO said the IRS issued 12 privacy directives to ID.me and held biweekly meetings with vendor representatives. | 中 | SR007 |
| CR015 | GAO said the IRS could not show measurable goals and objectives for its digital identity-proofing program. | 高 | SR007, SR008 |
| CR016 | GAO said the IRS had not shown documented procedures to routinely evaluate credential-service-provider performance. | 高 | SR007, SR008 |
| CR017 | GAO said the IRS had not documented ID.me’s AI uses in its AI inventory or subjected them to its own AI oversight process. | 高 | SR007, SR008 |
| CR018 | GAO said it made four recommendations to the IRS and the IRS agreed with all of them. | 中 | SR007 |
| CR019 | As of 2026-06-03, the GAO page still listed recommendation 1 on goals and objectives as Open. | 中 | SR007 |
| CR020 | As of 2026-06-03, the GAO page still listed recommendation 4 on AI inventory and oversight as Open. | 中 | SR007 |
| CR021 | Biometric Update said the IRS obligation under the BPA had reached $234.7 million by April. | 中 | SR008 |
| CR022 | Biometric Update said IRS contract terms required biometric deletion within 24 to 48 hours and video-session deletion within 30 days. | 中 | SR008 |
| CR023 | Biometric Update said Congress, the public, and taxpayer advocates had raised privacy, exclusion, and single-provider concerns about the IRS program. | 中 | SR008 |
| CR024 | FedScoop said lawmakers, civil-rights groups, and watchdogs had pushed back on ID.me’s use at government agencies. | 中 | SR009 |
| CR025 | FedScoop said 2022 critics argued that ID.me’s facial-recognition flows could disproportionately impact people of color and marginalized communities. | 中 | SR009 |
| CR026 | FedScoop said Medicare.gov would add ID.me in early 2026 and that CMS would also deploy CLEAR for identity verification workflows. | 中 | SR009 |
| CR027 | The Social Security Administration says Login.gov and ID.me are the only sign-in options for its online services. | 中 | SR010 |
| CR028 | The Social Security Administration says users without a mobile phone can rely on security keys, landlines, backup codes, and video-call verification. | 中 | SR010 |
| CR029 | The Department of Veterans Affairs says both ID.me and Login.gov are account providers for VA identity verification. | 中 | SR011 |
| CR030 | The Department of Veterans Affairs says ID.me self-service requires an unexpired driver’s license, state ID, passport, or passport card, while other documents may work in video call or in person. | 中 | SR011 |
| CR031 | NIST 800-63A says IAL2 requires additional evidence and more rigorous validation and verification to limit scaled and targeted attacks. | 中 | SR013 |
| CR032 | NIST 800-63A says CSPs should offer multiple evidence combinations, verification methods, proofing types, and exception handling such as trusted referees. | 中 | SR013 |
| CR033 | NIST 800-63B says AAL2 account recovery must use recovery codes plus a bound authenticator or repeated identity proofing. | 中 | SR014 |
| CR034 | ID.me’s security page says its program uses defense-in-depth and aligns controls with the NIST Risk Management Framework, Kantara, GSA FICAM, and related NIST standards. | 中 | SR003 |
| CR035 | ID.me’s security page says it hosts in FedRAMP-authorized AWS and encrypts personally identifiable information with AES-256 and dynamic key rotation. | 中 | SR003 |
| CR036 | ID.me’s compliance page markets FedRAMP, ISO 27001, and SOC 2 Type II as core compliance marks. | 中 | SR004 |
| CR037 | ID.me’s status page recorded a May 2026 mobile-wallet incident that produced “Couldn’t load your wallet” errors until a fix was deployed. | 中 | SR005 |
| CR038 | ID.me’s short-video-call help page says the pathway requires a camera-equipped mobile phone, MFA, a Social Security number, and a photo ID, with extended video call available if the required ID is unavailable. | 中 | SR012 |
| CR039 | ID.me’s Virginia Employment Commission case study says users could reuse existing IRS or VA credentials and new users had self-service, video-chat, and in-person pathways. | 中 | SR020 |
| CR040 | ID.me’s Virginia Employment Commission case study says online usage rose 173%, call volume fell 57%, and 9,300 staff hours were saved after launch. | 中 | SR020 |
| CR041 | ID.me’s government page says that once a user verifies with ID.me they do not have to re-verify to access other government sites and can use the same login across other sectors. | 中 | SR022 |
| CR042 | ID.me’s wallet pages describe the wallet as a reusable identity and community-attribute layer rather than a single-site login. | 中 | SR023, SR024, SR025 |
| CR043 | GovConWire said the IRS awarded ID.me a BPA valued at up to $1 billion with ordering through 2030. | 中 | SR015 |
| CR044 | Carahsoft said its partnership made ID.me available through reseller partners, the GSA Schedule, and ITES-SW2 contract vehicles. | 中 | SR019 |
| CR045 | Sacra said ID.me generated an estimated $130 million in revenue in 2023 and had not published specific annual revenue figures for 2024 or 2025. | 中 | SR016 |
| CR046 | Sacra said ID.me’s revenue scales with successful identity outcomes rather than seat licenses. | 中 | SR016 |
| CR047 | Sacra said government customers typically pay per successful verification under multi-year contracts. | 中 | SR016 |
| CR048 | ID.me’s 2025 financing combined a $65 million Series E and a $275 million credit facility at a valuation above $2 billion. | 中 | SR016, SR017 |
| CR049 | ID.me’s September 2025 release said it added 20.4 million wallets and powered 409 million successful logins in 2024, up 44% year over year. | 中 | SR017 |
| CR050 | Public statements in late 2025 and early 2026 place ID.me at roughly 139 million to 157 million users, 19 to 21 federal agencies, 44 to 50 states, and 66 to 70-plus healthcare organizations. | 中 | SR018, SR026, SR027 |
| CR051 | CLEAR markets CLEAR1 as enterprise identity that maximizes security and minimizes friction, and FedScoop said CMS also selected CLEAR for Medicare workflows. | 中 | SR028, SR009 |
| CR052 | Socure says it serves 3,000-plus customers with a vertically integrated identity and risk platform. | 中 | SR029 |
| CR053 | Persona says its modular platform helps customers verify, prevent fraud, and orchestrate identity across the entire lifecycle. | 中 | SR030 |
| CR054 | Jumio says customers can deploy risk-based verification workflows through APIs, SDKs, or a web client. | 中 | SR031 |
| CR055 | Okta/Auth0 markets customer-identity features such as Universal Login, single sign-on, multi-factor authentication, and machine-to-machine authentication. | 中 | SR032 |
| CR056 | The VA case study says the VA contracted ID.me in 2016 for authentication compliant with rigorous federal standards while allowing existing credentials to continue. | 中 | SR021 |
| CR057 | Regulatory trust is ID.me’s highest residual risk because IRS dependence is large, GAO findings remain open, and current privacy terms still cover sensitive biometric data. | 中 | SR001, SR002, SR007, SR008 |
| CR058 | Service reliability is a revenue risk because ID.me monetizes successful verifications and reused logins, so outage or recovery friction can suppress both acquisition and reuse. | 中 | SR005, SR016, SR017 |
| CR059 | Federal portability is valuable but non-exclusive because SSA and VA support Login.gov and Medicare is adding CLEAR alongside ID.me. | 中 | SR009, SR010, SR011 |
| CR060 | Inclusion pathways are both mitigation and execution burden because NIST expects multiple comparable-assurance options and ID.me operates self-service, short-video, extended-video, and in-person flows. | 中 | SR012, SR013, SR020 |
| CR061 | Procurement channel dependence remains material because federal volume runs through BPA and schedule vehicles plus reseller and aggregator channels. | 中 | SR015, SR019 |
| CR062 | Financial disclosure lags usage claims because ID.me discloses financing size and wallet-login growth publicly but not current annual revenue run rate, federal revenue share, or major-contract margins. | 中 | SR016, SR017 |
| CR063 | Competitive pressure is credible because CLEAR, Socure, Persona, Jumio, and Okta/Auth0 each market identity or fraud workflows that buyers can compare on speed, flexibility, or distribution. | 中 | SR028, SR029, SR030, SR031, SR032 |
| CR064 | Login.gov’s identity-verification overview says users can verify online with document photos and selfies or verify in person at a participating United States Post Office. | 中 | SR033 |
| CR065 | NIST 800-63-4 says digital identity programs should be risk-based, privacy-protective, flexible, and designed to meet users where they are rather than being purely compliance-oriented. | 中 | SR034 |
| CV001 | ID.me and Sacra both say the company announced $340 million of 2025 financing at a valuation exceeding $2 billion. | 高 | SV001, SV002 |
| CV002 | The disclosed 2025 investor set includes Ribbit Capital, Ares, Moonshots Capital, and Positive Sum, with Sacra also naming Viking Global among participants. | 中 | SV001, SV002 |
| CV003 | Sacra reports that the $340 million package combined a $65 million Series E equity round with a $275 million credit facility. | 中 | SV002 |
| CV004 | ID.me said it added 20.4 million new wallets in 2024 and supported more than 409 million successful logins, up 44% year over year. | 高 | SV001, SV002 |
| CV005 | Official and independent sources place ID.me's disclosed network at roughly 152 million to 157 million users, 76 million to 80 million federal-IAL2 users, 20 federal agencies, 45 states, and more than 70 healthcare organizations. | 高 | SV001, SV002 |
| CV006 | Sacra estimates that ID.me generated $130 million of revenue in 2023. | 中 | SV002 |
| CV007 | MicroVentures reported that ID.me generated $150 million of revenue in 2024 and that revenue had grown more than 450% from 2020 through 2024. | 中 | SV003 |
| CV008 | Across the retained public record, none of the financing, market, or customer sources disclose audited 2025 or 2026 revenue, gross margin, NRR, free cash flow, or debt covenant detail. | 中 | SV001, SV002, SV003 |
| CV009 | A valuation above $2 billion implies a trailing revenue multiple above roughly 13.3x on the $150 million 2024 revenue anchor and above roughly 15.4x on the $130 million 2023 anchor. | 中 | SV001, SV002, SV003 |
| CV010 | MarketsandMarkets sizes the identity verification market at $14.34 billion in 2025 and $29.32 billion in 2030. | 中 | SV004 |
| CV011 | Future Market Insights sizes the broader digital identity services market at $28.5 billion in 2025 and $86.54 billion in 2035. | 中 | SV005 |
| CV012 | Grand View Research estimates the identity verification market at $9.87 billion in 2022 and $33.93 billion by 2030. | 中 | SV006 |
| CV013 | GovConWire reported that the IRS blanket purchase agreement for ID.me identity-proofing services carries a ceiling of up to $1 billion through 2030. | 中 | SV007 |
| CV014 | CMS's March 2026 fact sheet says Medicare.gov users can choose ID.me, CLEAR, or Login.gov for enhanced logins at no cost. | 中 | SV013 |
| CV015 | Pennsylvania tells unemployment claimants to use the same existing ID.me account across services and not create duplicate accounts. | 中 | SV014 |
| CV016 | VA says veterans can verify identity on VA.gov through self-service, video, or in-person pathways using ID.me. | 中 | SV016 |
| CV017 | SSA's current account-transition FAQ tells users they can sign in with either Login.gov or ID.me. | 中 | SV017 |
| CV018 | Across IRS, CMS, Pennsylvania, VA, and SSA, the public workflow evidence shows ID.me being reused as a cross-agency credential with fallback support rather than as a one-off KYC step. | 高 | SV012, SV013, SV014, SV016, SV017 |
| CV019 | GAO said IRS used ID.me as its sole provider of IAL2 identity-proofing products and supporting activities and that users accessed IAL2 applications more than 150 million times between 2021 and 2024. | 高 | SV009, SV010 |
| CV020 | GAO found that IRS had not set its own performance goals for the identity-proofing vendor and had not listed the vendor's AI technology in the agency inventory of AI uses. | 中 | SV009 |
| CV021 | Biometric Update, citing GAO, reported that IRS contract directives required biometric deletion within 24 to 48 hours and video-session deletion within 30 days while oversight still leaned heavily on vendor attestation. | 高 | SV010, SV009 |
| CV022 | Politico reported in May 2026 that IRS was considering a proposal that could let ID.me preserve biometric data for as long as an IRS account remains active plus 36 months after deletion. | 中 | SV011 |
| CV023 | ID.me's privacy policy says account history and verification history may be retained for up to three years after account closure. | 中 | SV015 |
| CV024 | The same policy says selfie and biometric retention depends on partner requirements, can in some cases be purged within 24 hours, and will not exceed twelve months after account closure absent legal compulsion. | 中 | SV015 |
| CV025 | CLEAR markets itself as an identity company with enterprise use cases, Medicare access, verified badges, and airport-adjacent consumer distribution. | 中 | SV021, SV013 |
| CV026 | Jumio markets configurable risk-based workflows, decisioning, analytics, and an identity graph with tens of millions of known identities. | 中 | SV026 |
| CV027 | Mitek markets identity verification, reusable identity, KYC, in-person verification, liveness, and says more than 7,000 organizations rely on it. | 中 | SV023 |
| CV028 | Okta positions customer identity through Auth0 as infrastructure for external users, applications, and AI agents. | 中 | SV018 |
| CV029 | Mitek is a public company that maintains a current SEC filings portal for investors. | 中 | SV024 |
| CV030 | Okta's investor relations site lists a 2026 annual report and archived annual reports, underscoring the disclosure standard public comps provide. | 中 | SV019 |
| CV031 | CompaniesMarketCap lists Okta at an 8.13x price-to-sales ratio as of June 2026. | 中 | SV020 |
| CV032 | CompaniesMarketCap lists CLEAR Secure at an 8.43x price-to-sales ratio as of June 2026. | 中 | SV022 |
| CV033 | CompaniesMarketCap lists Mitek Systems at a 4.25x price-to-sales ratio as of June 2026. | 中 | SV025 |
| CV034 | On the public 2023 and 2024 revenue anchors, ID.me's implied trailing-sales multiple still sits materially above the June 2026 public-comp snapshots for Okta, CLEAR, and Mitek. | 中 | SV001, SV002, SV003, SV020, SV022, SV025 |
| CV035 | At the current public price anchor, the evidence-supported recommendation is research-more rather than buy. | 中 | SV001, SV002, SV003, SV020, SV022, SV025 |
| CV036 | Confidence should remain medium because ID.me's scale, financing, and agency footprint are well evidenced but its current economics and downside protections are not. | 中 | SV001, SV002, SV009, SV015 |
| CV037 | Risk should be rated high because public-sector concentration, privacy oversight, and opaque capital-structure terms can all compress value even if adoption remains strong. | 中 | SV002, SV009, SV010, SV011, SV015 |
| CV038 | The valuation stance is stretched rather than impossible because category tailwinds and network proof are real, but the headline mark still runs ahead of what public financial evidence can underwrite. | 中 | SV001, SV002, SV004, SV005, SV006, SV020, SV022, SV025 |
| CV039 | A reasonable bull case requires current revenue above roughly $200 million, durable reuse-led growth, and Medicare or adjacent agency expansion without a worsening privacy narrative. | 低 | SV001, SV002, SV013, SV014, SV015 |
| CV040 | A reasonable base case places fair value around $1.4 billion to $1.8 billion if investors price ID.me closer to a comp-adjusted public band and do not get audited proof of much stronger economics. | 低 | SV001, SV003, SV020, SV022, SV025 |
| CV041 | A reasonable bear case falls to roughly $0.8 billion to $1.2 billion if procurement momentum slows, privacy scrutiny deepens, or hidden financing terms absorb more enterprise value than the headline mark suggests. | 低 | SV009, SV010, SV011, SV015, SV025 |
| CV042 | Unlike Okta and Mitek, ID.me does not currently give public investors annual-report or filing-level disclosure for revenue quality, margins, governance, or risk factors. | 中 | SV019, SV024, SV001, SV002, SV003 |
| CV043 | That disclosure gap makes ID.me look more like a strategic-sale candidate than an IPO-ready issuer on the current public evidence set. | 中 | SV018, SV019, SV021, SV023, SV024, SV026 |
| CV044 | The mandatory diligence list is a revenue bridge, gross margin and NRR pack, customer concentration, debt and preference terms, and partner-specific biometric retention schedules. | 中 | SV001, SV002, SV009, SV015 |
| CV045 | Thesis-break triggers include failure to evidence materially stronger 2025 and 2026 revenue, expansion of retention or privacy obligations, or loss of reuse momentum across major public programs. | 中 | SV009, SV011, SV013, SV014, SV015 |
| CV046 | Entry only becomes attractive if price moves closer to the base-case band or diligence proves that current revenue and unit economics are materially better than the public anchors imply. | 中 | SV001, SV002, SV003, SV020, SV022, SV025 |
| CV047 | The 2025 financing proves capital availability and investor interest, but it does not by itself prove that public-market-style valuation support is already in place. | 中 | SV001, SV002, SV019, SV024 |
| CV048 | The Medicare expansion is strategically useful but not exclusive because FedScoop reported it sits inside a broader HHS contract context and that CLEAR was also selected for Medicare.gov identity workflows. | 中 | SV008, SV013 |
| 编号 | 出版方 | 标题 | 引文 |
|---|---|---|---|
| SO001 | ID.me | Celebrating 15 Years of ID.me: Building the Identity Layer of the Internet | I founded ID.me on February 2, 2010 to help individuals verify their identity securely while controlling their own data. |
| SO002 | ID.me | ID.me Raises $340 Million to Combat AI-Driven Fraud and Expand Secure Digital Identity | ID.me ... has raised $340 million across a Series E financing announced today and its recent credit facility, at a valuation exceeding $2 billion. |
| SO003 | ID.me | ID.me Announces Contract with CMS to Advance Access, Security and User Experience on Medicare.gov | Over 157 million users experience streamlined sign-in and identity verification with ID.me at 21 federal agencies, 45 state government agencies, and more than 70 healthcare organizations. |
| SO004 | ID.me | Federal, State and Local Government Pilot Overview | Only certified vendor with a Supervised Remote capability that enables all legitimate users to verify online and keeps citizen pass rates at 87-93%, while blocking bad actor fraud attempts. |
| SO005 | ID.me | Security | Relying Parties may only request the minimum set of personal data that is reasonably required to deliver a defined benefit or service. |
| SO006 | ID.me | Regulatory Compliance | ID.me was the first identity proofing vendor certified against NIST 800-63-3 IAL2 by the Kantara Initiative. |
| SO007 | Carahsoft Technology Corp. | ID.me and Carahsoft Partner to Provide Trusted Identity Solutions to Government Agencies | Under the agreement, Carahsoft will serve as ID.me’s Master Government Aggregator®, making its identity solutions ... available to the Government through Carahsoft’s reseller partners, GSA Schedule, and the ITES-SW2 contracts. |
| SO008 | Sacra | ID.me | ID.me uses a B2B2C model in which government agencies, healthcare organizations, and commercial brands pay for identity verification services for end consumers. |
| SO009 | MicroVentures | MicroVentures Portfolio Company: ID.me’s History and Milestones | What started as a platform for military members to verify their military status has now evolved into a popular identification tool for all Americans. |
| SO010 | World Economic Forum | ID.me organization profile | |
| SO011 | GovConWire | ID.me Secures $1B IRS Agreement for Digital Identity Services | The agreement is valued at up to $1 billion with an ordering completion date of Dec. 29, 2030. |
| SO012 | FedScoop | Medicare.gov to deploy ID.me for beneficiary verification | Its use at other government agencies has received pushback from lawmakers and civil rights groups, as well as watchdog scrutiny. |
| SO013 | U.S. Government Accountability Office | GAO-25-107273: IRS Digital Identity-Proofing Program Oversight | IRS was unable to show it had measurable goals and objectives for the program. |
| SO014 | Biometric Update | GAO finds major gaps in IRS biometric ID verification program oversight | Since 2021, ID.me has served as the IRS’s sole provider for IAL2 identity proofing, which uses facial recognition and other AI-enabled tools to verify identities. |
| SO015 | Internal Revenue Service | Secure Access: How to Register for Certain Online Self-Help Tools | All selfie, video, and biometric data are automatically deleted for users who verify for the IRS, except for suspicious or fraudulent activity. |
| SO016 | Social Security Administration | my Social Security account transition FAQs | Effective June 7, 2025, Login.gov and ID.me are now the only sign in options to access Social Security online services. |
| SO017 | U.S. Department of Veterans Affairs | Verifying your identity on VA.gov | You can also now verify your identity in person for your ID.me account. |
| SO018 | ID.me | The Virginia Employment Commission’s E-Z with ID.me Success Story | About eight months following ID.me’s introduction, the rate at which Virginians accessed benefits online with the VEC was more than double the rate one year prior. |
| SO019 | ID.me | Case Studies | Featured Case Studies ... Frictionless Identity Proofing Helps MDLand ... and How a Public-Private Partnership Provided Benefits to Eligible Individuals and Saved Billions for One State. |
| SO020 | GitHub | IDme organization | IDme/android-auth-sample-code’s past year of commit activity ... Updated May 11, 2026. |
| SO021 | GitHub | IDme/android-auth-sample-code | Android SDK for integrating ID.me community verification into your app via Chrome Custom Tab. Supports OAuth 2.0 + PKCE and OpenID Connect (OIDC) flows. |
| SO022 | ID.me | Wallet overview | Use ID.me Wallet cards to get discounts at hundreds of stores, access government services, and more. |
| SO023 | ID.me | Government services for individuals | After verifying your identity once with ID.me, you won’t have to re-verify to access other government sites. |
| SO024 | ID.me | Enabling Secure Access for Veterans at VA.gov | The VA.gov team contracted ID.me to deliver an authentication process that was compliant with the federal government’s most rigorous security standards. |
| SO025 | ID.me Status | Status page incident log | We're investigating an issue causing some users to see a "Couldn't load your wallet" error in the IDme mobile app. |
| SM001 | MarketsandMarkets | Identity Verification Market by Application, Type, and Vertical - Global Forecast to 2030 | |
| SM002 | Grand View Research | Identity Verification Market Size, Share & Trends Report 2030 | |
| SM003 | Future Market Insights | Digital Identity Services Market Size and Share Forecast Outlook 2025 to 2035 | |
| SM004 | Sacra | ID.me | |
| SM005 | ID.me | ID.me raises $340 million to combat AI-driven fraud and expand secure digital identity | |
| SM006 | ID.me | ID.me announces contract with CMS to advance access security and user experience on Medicare.gov | |
| SM007 | ID.me | A solution trusted across the public sector | |
| SM008 | ID.me | Regulatory compliance | |
| SM009 | Carahsoft | ID.me and Carahsoft partner to provide trusted identity solutions to government agencies | |
| SM010 | U.S. Government Accountability Office | IRS identity-proofing program oversight review | |
| SM011 | Biometric Update | GAO finds major gaps in IRS biometric ID verification program oversight | |
| SM012 | Politico | IRS biometric data tax investigation | |
| SM013 | Internal Revenue Service | Creating an account for IRS.gov | |
| SM014 | Social Security Administration | Personal my Social Security account transition FAQs | |
| SM015 | U.S. Department of Veterans Affairs | Verifying your identity on VA.gov | |
| SM016 | ID.me | Why ID.me for government | |
| SM017 | ID.me | How your ID.me Wallet works | |
| SM018 | ID.me Developer | Overview | ID.me Developer - Identity Gateway | |
| SM019 | ID.me | Security | |
| SM020 | ID.me | Celebrating 15 years of ID.me: Building the identity layer of the internet | |
| SM021 | FedScoop | Medicare.gov to deploy ID.me for beneficiary verification | |
| SM022 | GovConWire | ID.me secures $1B IRS agreement for digital identity services | |
| SM023 | ID.me | The Virginia Employment Commission’s E-Z with ID.me success story | |
| SM024 | ID.me | Enabling secure access for Veterans at VA.gov | |
| SM025 | ID.me Help | How do I verify my identity for government services? | |
| SM026 | ID.me Developer | Overview | ID.me Developer - Digital Wallet | |
| SM027 | Juniper Research | Digital Identity Market Report 2025-30: Size, Share, Trends | |
| SP001 | ID.me | Wallet overview | Use ID.me Wallet cards to get discounts at hundreds of stores, access government services, and more. |
| SP002 | ID.me | Government services for individuals | ID.me simplifies how individuals prove and share their identity online. |
| SP003 | ID.me | ID.me Announces Contract with CMS to Advance Access, Security and User Experience on Medicare.gov | Starting in early 2026, ID.me will be available as an identity verification and sign-in option on Medicare.gov. |
| SP004 | Sacra | ID.me | These API providers compete with ID.me primarily when customers view identity verification as a cost center rather than a shared credential layer. |
| SP005 | FedScoop | Medicare.gov to deploy ID.me for beneficiary verification | ID.me isn't the only company to have recently been tapped for Medicare verification services. CLEAR, another biometric-based identity verification provider, said earlier this month it was similarly selected to support identity verification on Medicare.gov. |
| SP006 | Internal Revenue Service | Secure Access: How to Register for Certain Online Self-Help Tools | ID.me is subject to strict privacy and security regulations and meets National Institute of Standards and Technology (NIST) Special Publication 800-63-3 Digital Identity Guidelines. |
| SP007 | Social Security Administration | my Social Security account transition FAQs | Effective June 7, 2025, Login.gov and ID.me are now the only sign in options to access Social Security online services. |
| SP008 | U.S. Department of Veterans Affairs | Verifying your identity on VA.gov | We now require all Veterans, service members, family members, and caregivers who use VA online services to verify their identity through Login.gov or ID.me. |
| SP009 | MarketsandMarkets | Identity Verification Market by Application, Type, and Vertical - Global Forecast to 2030 | |
| SP010 | Grand View Research | Identity Verification Market Size, Share & Trends Report 2030 | |
| SP011 | Future Market Insights | Digital Identity Services Market Size and Share Forecast Outlook 2025 to 2035 | |
| SP012 | Persona | Secure Identity Verification Solutions | Persona | Persona is the most flexible and secure way to verify real people and real businesses online. |
| SP013 | Persona | Pricing Structure and Plan Breakdowns | Persona | Starting at $250/month (minimum contract term of 12 months) |
| SP014 | Socure | Precise, accurate and inclusive identity verification | Socure Verify | Socure’s AI-native decisioning and orchestration platform for identity, fraud, risk, and compliance. |
| SP015 | Socure | FedRAMP-Authorized Government AI Solutions | Socure | Socure is now FedRAMP authorized. |
| SP016 | Socure | Socure Pricing | AI-Powered Identity & Fraud Prevention Platform | $0.80 per evaluation |
| SP017 | Jumio | Identity Verification, eKYC & AML Solutions | Jumio Platform | 5K+ Supported Global ID Types |
| SP018 | Auth0 | CIAM Solutions for Consumer-Facing (B2C) Brands | Auth0 | Deliver more secure, seamless, and fully customizable sign-up and login experiences for your consumer app—at any scale. |
| SP019 | Auth0 | Pricing - Auth0 | Flexible pricing for all your apps and AI agents from user 1 to 1,000,000+ |
| SP020 | Trulioo | Identity Verification - KYC | Trulioo | Person Verification Blend verification capabilities for the highest onboarding assurance. |
| SP021 | Trulioo | Global Identity Platform | Trulioo | Global Identity Platform Customize workflows anywhere in the world with a global identity platform. |
| SP022 | CLEAR | CLEAR1 | Identity for Business - Healthcare, Workforce, & More | CLEAR1 selected to power secure, seamless digital identity for Medicare.gov. |
| SP023 | Login.gov | Simple, secure online access for the public | Login.gov | Your application(s) can integrate with the SAML or OpenID Connect (OIDC) web-based identity protocols. |
| SP024 | SheerID | Identity Marketing Platform - SheerID | Instantly verify consumers’ identities worldwide with 200K+ authoritative data sources so you can collect data your customers willingly share and use it to provide them with personalized experiences and protected offers. |
| SP025 | SheerID | Frequently Asked Questions - SheerID | SheerID provides brands instant, consumer verification experiences to securely streamline commerce transactions. |
| SI001 | ID.me | ID.me Raises $340 Million to Combat AI-Driven Fraud and Expand Secure Digital Identity | ID.me ... has raised $340 million across a Series E financing announced today and its recent credit facility, at a valuation exceeding $2 billion. |
| SI002 | Sacra | ID.me company profile and financial estimate | ID.me's revenue scales with successful identity outcomes rather than seats or licenses. |
| SI003 | MicroVentures | MicroVentures portfolio company: ID.me's history and milestones | Reportedly generated revenues of $150 million in 2024. |
| SI004 | ID.me | ID.me announces contract with CMS to advance access, security, and user experience on Medicare.gov | ID.me now supports 70+ private-sector healthcare organizations. |
| SI005 | FedScoop | Medicare.gov to deploy ID.me beneficiary verification in 2026 | That contract is worth roughly $5 million, according to information on USASpending. |
| SI006 | GovConWire | ID.me secures $1B IRS agreement for digital identity services | The agreement is valued at up to $1 billion with an ordering completion date of Dec. 29, 2030. |
| SI007 | U.S. Government Accountability Office | GAO-25-107273 digital identity-proofing oversight report | A private credential service provider, ID.me, is IRS's sole provider of level 2 identity-proofing products and supporting activities. |
| SI008 | Biometric Update | GAO finds major gaps in IRS biometric ID verification program oversight | The total IRS obligation under this agreement reached $234.7 million by April. |
| SI009 | ID.me | Celebrating 15 years of ID.me: building the identity layer of the internet | Today, ID.me has grown into a trusted solution for 20 federal agencies, 44 state agencies, 66 healthcare organizations, and 600+ consumer brands. |
| SI010 | ID.me | Why organizations trust ID.me | Over 500 brands and agencies use ID.me to issue users the same portable login for use across ID.me's network. |
| SI011 | ID.me | Regulatory compliance | Streamline product development timelines, improve customer experience, and save money by leveraging ID.me's cybersecurity and regulatory compliance trust marks. |
| SI012 | Carahsoft | ID.me and Carahsoft partner to provide trusted identity solutions to government agencies | Carahsoft will serve as ID.me's Master Government Aggregator®, making its identity solutions ... available ... through reseller partners, GSA Schedule, and the ITES-SW2 contracts. |
| SI013 | ID.me | ID.me government solutions / fed pilot | Offers a solution that is 10-16 times less expensive than the competition. |
| SI014 | ID.me | The Virginia Employment Commission’s e-z with ID.me success story | After the Virginia Employment Commission introduced ID.me in 2024, digital claims rose by 173% while call center volume fell by 57%. |
| SI015 | ID.me | Enabling secure access for veterans at VA.gov | The VA.gov team contracted ID.me to deliver an authentication process that was compliant with the federal government’s most rigorous security standards. |
| SI016 | ID.me | How your ID.me Wallet works | Use ID.me Wallet cards to get discounts at hundreds of stores, access government services, and more. |
| SI017 | Internal Revenue Service | Secure Access: How to register for certain online self-help tools | All selfie, video, and biometric data are automatically deleted for users who verify for the IRS, except for suspicious or fraudulent activity. |
| SI018 | Social Security Administration | my Social Security account transition FAQs | Login.gov and ID.me are now the only sign in options to access Social Security online services. |
| SI019 | U.S. Department of Veterans Affairs | Verifying your identity on VA.gov | The account provider (ID.me or Login.gov) will ask you to provide certain personal information and identification. |
| SI020 | ID.me Help Center | Documents accepted on a video call | To verify on a video call, you will need at a minimum ... two primary identification documents, or one primary and one secondary document. |
| SI021 | MarketsandMarkets | Identity Verification Market forecast to 2030 | The identity verification market is projected to reach USD 29.32 billion by 2030 from USD 14.34 billion in 2025. |
| SI022 | Future Market Insights | Digital Identity Services Market forecast outlook 2025 to 2035 | The API-first SaaS segment is projected to contribute 63.8% of the Global Digital Identity Services Market revenue in 2025. |
| SI023 | Securities and Exchange Commission | Okta Form 10-K for fiscal year ended January 31, 2025 | |
| SI024 | Okta | Okta Customer Identity | Built for B2C. |
| SI025 | Auth0 | Auth0 customer identity solutions for B2C | Using Auth0, developers can connect any application written in any language or stack. |
| SI026 | ID.me Developer | ID.me Developer overview | Integrations, APIs, Identity Gateway, and Digital Wallet are all part of the developer surface. |
| SI027 | ID.me Developer | ID.me Mobile SDK overview | The developer surface includes a Mobile SDK alongside Identity Gateway and Digital Wallet tools. |
| SI028 | Jumio | The Jumio Platform | Take full control with APIs and SDKs to customize and host the user journey within your existing framework. |
| SI029 | Socure | Socure identity verification | Socure Launch is for builders who want production-ready workflows on RiskOS in hours through a self-serve experience. |
| SI030 | CLEAR | CLEAR Verified | We’re an identity company that makes experiences safer and easier wherever you live, work, and travel. |
| SI031 | Juniper Research | Digital Identity Market Report 2025-30: Size, Share, Trends | The Data & Forecasting element includes access to data mapping the adoption and future growth of the digital identity market over the next five years; split by third-party and civic digital identity apps. |
| SI032 | Mitek Systems | Mitek Systems SEC filings | Mitek Systems | SEC Filings |
| SE001 | ID.me | Why Organizations Trust ID.me | Relying Parties may only request the minimum set of personal data that is reasonably required to deliver a defined benefit or service. |
| SE002 | ID.me Network | Regulatory Compliance | |
| SE003 | ID.me Network | Federal Government Identity Verification | |
| SE004 | ID.me Developer | Identity Gateway Overview | |
| SE005 | ID.me Developer | Mobile SDK Overview | |
| SE006 | ID.me Developer | Digital Wallet Overview | |
| SE007 | ID.me Developer | Sample Code Overview | |
| SE008 | GitHub | IDme organization repositories | |
| SE009 | GitHub | IDme/android-auth-sample-code | |
| SE010 | ID.me Status | status.id.me | We're investigating an issue causing some users to see a "Couldn't load your wallet" error in the IDme mobile app. |
| SE011 | ID.me | ID.me Wallet Overview | |
| SE012 | ID.me | Government identity verification for individuals | |
| SE013 | ID.me Help Center | Primary and secondary identification documents | |
| SE014 | ID.me Help Center | Verifying with a short video call | Verifying with a short video call requires you to upload your identification document, then join a brief video call with an ID.me Video Chat Agent. |
| SE015 | Internal Revenue Service | Creating an account for IRS.gov | All selfie, video, and biometric data are automatically deleted for users who verify for the IRS, except for suspicious or fraudulent activity. |
| SE016 | U.S. Department of Veterans Affairs | Verifying your identity on VA.gov | |
| SE017 | Social Security Administration | my Social Security account transition FAQs | |
| SE018 | ID.me Network | ID.me Announces Contract with CMS to Advance Access, Security and User Experience on Medicare.gov | ID.me’s high-assurance credentialing, real-time data exchange, and deterministic matching using verified attributes will allow beneficiaries to authenticate once and reuse their credential across CMS programs. |
| SE019 | FedScoop | Medicare.gov taps ID.me for beneficiary verification | The deal adds to the growing number of federal programs opting to use the digital identity service that leverages facial recognition technology and has been the subject of some controversy in the past. |
| SE020 | U.S. Government Accountability Office | GAO-25-107273: IRS Digital Identity-Proofing Program Oversight | IRS was unable to show it had measurable goals and objectives for the program. |
| SE021 | Biometric Update | GAO finds major gaps in IRS biometric ID verification program oversight | GAO’s audit also revealed that while IRS included 12 privacy directives in its contracts with ID.me mandating biometric data deletion within 24 to 48 hours and video session deletions within 30 days, it relies heavily on vendor attestation rather than its own audits or performance assessments to ensure compliance. |
| SE022 | Carahsoft | ID.me and Carahsoft partner to provide trusted identity solutions to government agencies | |
| SE023 | ID.me Network | ID.me Raises $340 Million to Combat AI-Driven Fraud and Expand Secure Digital Identity | |
| SE024 | ID.me Network | Celebrating 15 years of ID.me | |
| SE025 | ID.me Network | Enabling Secure Access for Veterans at VA.gov | |
| SE026 | ID.me Network | The Virginia Employment Commission’s E-Z with ID.me success story | |
| SE027 | Sacra | ID.me | |
| SE028 | ID.me Developer | Android SDK | |
| SE029 | ID.me Developer | OAuth 2.0 Overview | |
| SE030 | ID.me Developer | Guides Overview | |
| SE031 | GitHub | IDme/ios-auth-sample-code | |
| SE032 | GitHub | IDme/python-sample-code | |
| SU001 | ID.me Network | ID.me Announces Contract with CMS to Advance Access, Security and User Experience on Medicare.gov | |
| SU002 | FedScoop | Medicare.gov to deploy ID.me for beneficiary verification | |
| SU003 | GovConWire | ID.me Secures $1B IRS Agreement for Digital Identity Services | |
| SU004 | Internal Revenue Service | Creating an account for IRS.gov | |
| SU005 | Social Security Administration | Frequently Asked Questions for changes to your personal my Social Security account | |
| SU006 | U.S. Department of Veterans Affairs | Verifying your identity on VA.gov | |
| SU007 | Commonwealth of Pennsylvania | Identity Verification with ID.me | |
| SU008 | ID.me Help Center | Pennsylvania and ID.me | |
| SU009 | Virginia Employment Commission | It’s E-Z with ID.me! Virginia Employment Commission Offers Faster and Secure Login Option for Unemployment Insurance Benefits | |
| SU010 | ID.me Network | The Virginia Employment Commission’s E-Z with ID.me Success Story | |
| SU011 | ID.me Network | ID.me and Sterling Extend Exclusive Partnership through 2028, Continuing Their Focus on Expanding Identity Verification Solutions | |
| SU012 | ID.me Network | Sterling In-Person | |
| SU013 | ID.me Network | ID.me and OtisHealth Introduce Patient Application Revolutionizing Access to Personal Health Information | |
| SU014 | ID.me | The Industries We Serve | |
| SU015 | ID.me Shop | Top Government Employee Discounts | |
| SU016 | ID.me | Verifying for Healthcare Services | |
| SU017 | ID.me | Identity Proofing for Medical Providers | |
| SU018 | ID.me Help Center | Verify your Medical status with ID.me for discounts | |
| SU019 | ID.me Help Center | Verify your Government or Hospital Employee status with ID.me for discounts | |
| SU020 | ID.me Network | ID.me Raises $340 Million to Combat AI-Driven Fraud and Expand Secure Digital Identity | |
| SU021 | ID.me Network | Celebrating 15 Years of ID.me: Building the Identity Layer of the Internet | |
| SU022 | Carahsoft | ID.me and Carahsoft Partner to Provide Trusted Identity Solutions to Government Agencies | |
| SU023 | ID.me Network | Government Solutions | |
| SU024 | Sacra | ID.me | |
| SU025 | MicroVentures | MicroVentures’ Portfolio Company: ID.me’s History and Milestones | |
| SU026 | Government Accountability Office | IRS Identity Proofing: IRS Needs to Better Monitor and Evaluate Performance of the Digital Identity-Proofing Program | |
| SU027 | Biometric Update | GAO finds major gaps in IRS biometric ID verification program oversight | |
| SU028 | Social Security Administration | my Social Security | |
| SR001 | ID.me | Privacy Policy | ID.me | ID.me will not sell, rent, or trade your Personal Information. |
| SR002 | ID.me | Consent for ID.me to Collect Biometric Data | ID.me | Biometric Data may be retained by ID.me for up to one (1) year following Wallet closure. |
| SR003 | ID.me | Why Organizations Trust ID.me | ID.me is hosted within FedRAMP authorized AWS in an isolated Virtual Private Cloud (VPC). |
| SR004 | ID.me Network | Regulatory Compliance | From FedRAMP to ISO 27001 to SOC 2 Type II, ID.me’s authentication capabilities support your compliance with rigorous security regimes from day one. |
| SR005 | ID.me Status | status.id.me | We're investigating an issue causing some users to see a "Couldn't load your wallet" error in the IDme mobile app. |
| SR006 | Internal Revenue Service | Creating an account for IRS.gov | All selfie, video, and biometric data are automatically deleted for users who verify for the IRS, except for suspicious or fraudulent activity. |
| SR007 | U.S. Government Accountability Office | GAO-25-107273: IRS Digital Identity-Proofing Program Oversight | A private credential service provider, ID.me, is IRS's sole provider of level 2 identity-proofing products and supporting activities. |
| SR008 | Biometric Update | GAO finds major gaps in IRS biometric ID verification program oversight | The total IRS obligation under this agreement reached $234.7 million by April. |
| SR009 | FedScoop | Medicare.gov taps ID.me for beneficiary verification | Its use at other government agencies has received pushback from lawmakers and civil rights groups, as well as watchdog scrutiny. |
| SR010 | Social Security Administration | my Social Security account transition FAQs | Effective June 7, 2025, Login.gov and ID.me are now the only sign in options to access Social Security online services. |
| SR011 | U.S. Department of Veterans Affairs | Verifying your identity on VA.gov | Note: You can also now verify your identity in person for your ID.me account. |
| SR012 | ID.me Help Center | Verifying with a short video call | Verifying with a short video call requires you to upload your identification document, then join a brief video call with an ID.me Video Chat Agent. |
| SR013 | National Institute of Standards and Technology | NIST Special Publication 800-63A | These options SHOULD include accepting multiple types and combinations of identity evidence, supporting multiple data validation sources, enabling multiple methods for verifying identity, providing multiple identity proofing types, and offering exception handling for applicants. |
| SR014 | National Institute of Standards and Technology | NIST Special Publication 800-63B | To recover an account that can authenticate at a maximum of AAL2, the CSP SHALL require the subscriber to complete one of the following. |
| SR015 | GovConWire | ID.me Secures $1B IRS Agreement for Digital Identity Services | The agreement is valued at up to $1 billion with an ordering completion date of Dec. 29, 2030. |
| SR016 | Sacra | ID.me | ID.me's revenue scales with successful identity outcomes rather than seats or licenses. |
| SR017 | ID.me Network | ID.me Raises $340 Million to Combat AI-Driven Fraud and Expand Secure Digital Identity | ID.me, trusted by more than 152 million users to securely prove their identity online, has raised $340 million. |
| SR018 | ID.me Network | Celebrating 15 years of ID.me | Today, ID.me has grown into a trusted solution for 20 federal agencies, 44 state agencies, 66 healthcare organizations, and 600+ consumer brands. |
| SR019 | Carahsoft | ID.me and Carahsoft partner to provide trusted identity solutions to government agencies | Carahsoft will serve as ID.me’s Master Government Aggregator®. |
| SR020 | ID.me Network | The Virginia Employment Commission’s E-Z with ID.me success story | 173% Increase in Online Usage |
| SR021 | ID.me Network | Enabling Secure Access for Veterans at VA.gov | The VA.gov team contracted ID.me to deliver an authentication process that was compliant with the federal government’s most rigorous security standards. |
| SR022 | ID.me | Government identity verification for individuals | After verifying your identity once with ID.me, you won’t have to re-verify to access other government sites. |
| SR023 | ID.me | ID.me Wallet Overview | |
| SR024 | ID.me Developer | Digital Wallet Overview | |
| SR025 | ID.me Developer | Identity Gateway Overview | |
| SR026 | MicroVentures | MicroVentures Portfolio Company: ID.me’s History and Milestones | Used by 21 federal agencies, 50 state government agencies, and more than 70 healthcare organizations. |
| SR027 | World Economic Forum | ID.me | World Economic Forum | Over 157 million users experience streamlined login and identity verification with ID.me at 19 federal agencies. |
| SR028 | CLEAR | CLEAR | Secure Identity at Airports, Stadiums, & More | From airports to enterprises—maximize security and minimize friction with CLEAR1. |
| SR029 | Socure | The AI Platform for Identity & Risk Decisioning | Socure | Socure is the industry’s only vertically integrated identity and risk platform designed to make fast, precise, and real-time risk decisions across the user journey. |
| SR030 | Persona | Secure Identity Verification Solutions | Persona | Persona's modular platform helps you verify, prevent fraud, and orchestrate identity across the entire life cycle. |
| SR031 | Jumio | The Jumio Platform | Take full control with APIs and SDKs to customize and host the user journey within your existing framework. |
| SR032 | Okta / Auth0 | Customer identity platform | Universal Login |
| SR033 | Login.gov | Verify my identity | Login.gov | If you have trouble taking photos, you may also be able to verify your identity in person at a United States Post Office near you. |
| SR034 | National Institute of Standards and Technology | NIST Special Publication 800-63-4 | These guidelines promote a risk-based approach to digital identity solution implementation rather than a compliance-oriented approach. |
| SV001 | ID.me | ID.me Raises $340 Million to Combat AI-Driven Fraud and Expand Secure Digital Identity | ID.me has raised $340 million across a Series E financing announced today and its recent credit facility, at a valuation exceeding $2 billion. |
| SV002 | Sacra | ID.me revenue, valuation & funding | ID.me raised $340 million in September 2025, combining a $65 million Series E equity round and a $275 million credit facility, at a valuation exceeding $2 billion. |
| SV003 | MicroVentures | MicroVentures’ Portfolio Company: ID.me’s History and Milestones | Reportedly generated revenues of $150 million in 2024 |
| SV004 | MarketsandMarkets | Identity Verification Market by Application, Type, and Vertical - Global Forecast to 2030 | The identity verification market is projected to reach USD 29.32 billion by 2030 from USD 14.34 billion in 2025, at a CAGR of 15.4% from 2025 to 2030. |
| SV005 | Future Market Insights | Digital Identity Services Market Size and Share Forecast Outlook 2025 to 2035 | The Digital Identity Services Market is expected to record a valuation of USD 28,504.4 million in 2025 and USD 86,541.2 million in 2035. |
| SV006 | Grand View Research | Identity Verification Market Size, Share & Trends Report 2030 | The global identity verification market size was estimated at USD 9.87 billion in 2022 and is anticipated to reach USD 33.93 billion by 2030. |
| SV007 | GovConWire | ID.me Secures $1B IRS Agreement for Digital Identity Services | The agreement is valued at up to $1 billion with an ordering completion date of Dec. 29, 2030. |
| SV008 | FedScoop | Medicare.gov to deploy ID.me for beneficiary identity verification | CLEAR, another biometric-based identity verification provider, said earlier this month it was similarly selected to support identity verification on Medicare.gov. |
| SV009 | U.S. Government Accountability Office | Taxpayer Identity Verification: IRS Should Strengthen Oversight of Its Identity-Proofing Program | IRS was unable to show it had measurable goals and objectives for the program. |
| SV010 | Biometric Update | GAO finds major gaps in IRS biometric ID verification program oversight | GAO’s audit also revealed that while IRS included 12 privacy directives in its contracts with ID.me mandating biometric data deletion within 24 to 48 hours and video session deletions within 30 days, it relies heavily on vendor attestation rather than its own audits or performance assessments to ensure compliance. |
| SV011 | Politico | IRS proposal would have company preserve biometric data longer | |
| SV012 | Internal Revenue Service | Secure Access: How to Register for Certain Online Self-Help Tools | All selfie, video, and biometric data are automatically deleted for users who verify for the IRS, except for suspicious or fraudulent activity. |
| SV013 | Centers for Medicare & Medicaid Services | Medicare.gov Enhanced Log In | When someone with Medicare creates a new Medicare.gov account — or verifies their identity — they can choose to log in using one of these services with enhanced security: ID.me, CLEAR, or Login.gov. |
| SV014 | Commonwealth of Pennsylvania Department of Labor & Industry | Identity Verification with ID.me | Use the same ID.me account for PA Unemployment as any other service that requires an ID.me account. |
| SV015 | ID.me | Privacy Policy | ID.me | ID.me stores your Personal Information for as long as needed, or permitted, based on the reason why we obtained it, which means we may retain your Personal Information even after you close your account with us, for up to three years. |
| SV016 | U.S. Department of Veterans Affairs | Verifying your identity on VA.gov | You can also now verify your identity in person for your ID.me account. |
| SV017 | Social Security Administration | my Social Security account transition FAQs | Effective June 7, 2025, Login.gov and ID.me are now the only sign in options to access Social Security online services. |
| SV018 | Okta | Okta Customer Identity | Built for B2C. |
| SV019 | Okta Investor Relations | Okta Inc. - Financials - Annual Reports | 2026 Annual Report |
| SV020 | CompaniesMarketCap | Okta (OKTA) - P/S ratio | P/S ratio as of June 2026 (TTM): 8.13 |
| SV021 | CLEAR | CLEAR | Secure Identity at Airports, Stadiums, & More | With secure identity, CLEAR makes everyday experiences better—from sports games to rideshare apps. |
| SV022 | CompaniesMarketCap | CLEAR Secure (YOU) - P/S ratio | P/S ratio as of June 2026 (TTM): 8.43 |
| SV023 | Mitek Systems | Identity Verification - Mitek | More than 7,000 organizations rely on Mitek to protect their most important customer connections and stay ahead of emerging risks. |
| SV024 | Mitek Systems Investor Relations | Mitek Systems | SEC Filings | |
| SV025 | CompaniesMarketCap | Mitek Systems (MITK) - P/S ratio | P/S ratio as of June 2026 (TTM): 4.25 |
| SV026 | Jumio | The Jumio Platform | Jumio calculates a single risk score based on numerous risk signals set to your business specifications. |
| SV027 | U.S. Department of the Treasury | Privacy and Civil Liberties Impact Assessment for the ID.me | The Department of the Treasury is using ID.me to satisfy identity proofing standards in order to facilitate the secure exchange of personal and business data with members of the public in furtherance of its mission requirements. |
| SV028 | Okta Investor Relations | Okta Inc. - Investor Relations | Okta is The World’s Identity Company™. |
| SV029 | MarketBeat | Mitek Systems (MITK) 10K Form and Latest SEC Filings 2026 | MarketBeat | |
| SV030 | MarketBeat | Okta (OKTA) 10K Form and Latest SEC Filings 2026 | MarketBeat |