Setup Onboarding Requirements

Limited or Full Rollout

We support too modes, limited and full rollout. You can select Everyone from your Rollout Mode, or select specific groups that can onboard. We support multiple groups and only require you to be in one of the listed groups. During rollout like this if you are not in the appropriate group the mobile app will let you know you do not meet the requirements.

Verification Visibility

You can enable Verification Visibility as an organization. Everything on GetTrusted is E2EE encrypted. Key discovery for enterprise keys goes through a different discovery which allows us to include an audit agent for an enterprise that is backed by a ECDH key in KMS. When you enable this every key discovery for a challenge/response will include the audit agents key and encrypt to the audit agent. This will let you see the challenge answers and build workflows from them.

For example, if you want to route denied or distress signals to seperate work flows to gather information and collect it on the event either through slack, or other configurable workflows.

Biometrics for Enterprise Key Requirements

We allow anyone when they create their base identity to set biometrics on their key or not. This is configurable for enterprises to enforce. When you select this then biometrics on the device will be required in the properties of the key and enforced by the operating system.

Identity Verification with KYC

If you want to enable Know your Customer for onboarding enterprise employees you can do that. Today we have support for DidIT and are working on other providers. In order to enable this select your provider from the dropdown and provide the related configuration.

When you enable this every one onboarding to your instance will have to go through the KYC provider and get a pass response from both the KYC provider and that the identity information provides matches your directory information.

If your directory information matches you can automatically approve the request if it meets your requirements, else will go into a pending queue where you can review and accept or deny. The mobile app requires an approved to allow onboarding. During this time the employee will see a pending requirement of the KYC check and will not be able to continue.

Location Verification

If you want to enable specific location onboarding requirements you can add your allowed countries to the list. When an employee authenticates to start onboarding the location information is sent from their device, if they are not in a required location they will see an unmet location requirement and will not be able to continue.