# Identity Verification Identity Verification lets you confirm that users are who they claim to be before granting access to sensitive resources or completing high-risk actions. ## Verification Methods | Method | Description | Use case | | --------------------- | ------------------------------------------------------------------ | ------------------------------------------ | | Email verification | User confirms ownership of their email address by clicking a link | Account registration, email changes | | Phone verification | User enters a code sent via SMS | Account recovery, sensitive actions | | Document verification | User uploads a government-issued ID for manual or automated review | Regulatory compliance, high-value accounts | | Knowledge-based | User answers security questions based on personal information | Account recovery fallback | ## Configuring Verification Requirements 1. Go to **Compliance > Identity Verification**. 2. Set which events trigger verification: | Trigger | Description | Default | | ------------------------ | ------------------------------------------------ | -------- | | Account registration | Verify email when a new account is created | Enabled | | Email change | Re-verify when a user updates their email | Enabled | | Password reset | Verify identity before allowing a password reset | Enabled | | Sensitive action | Require re-verification for specified actions | Disabled | | Periodic re-verification | Prompt users to re-verify at a set interval | Disabled | 3. Click **Save**. ## Verification Status Each user's verification status is visible on their profile: | Status | Meaning | | ---------- | --------------------------------------------------------- | | Verified | User has completed the required verification | | Pending | Verification was requested but not yet completed | | Expired | Previous verification has expired; re-verification needed | | Unverified | No verification has been performed | ## Document Verification For organizations that require document-based identity verification: 1. Enable **Document Verification** under verification settings. 2. Choose accepted document types (passport, driver's license, national ID). 3. Configure the review process: * **Automatic**: Uses an automated service to validate the document. * **Manual**: An admin reviews the submitted document. 4. Set the verification validity period (e.g., 1 year). ## Best Practices * Require email verification at registration to ensure valid contact information. * Use step-up verification (re-verification before sensitive actions) for high-security use cases. * Keep verification validity periods appropriate to your risk level. * Review pending verifications regularly to avoid blocking users. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://accessiq.gitbook.io/accessiq-docs/audit-and-compliance/identity-verification.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.