Skip To Content
logo

Portage Cybertech

Mélanie Carrière
85 Rue Victoria 2nd floor Gatineau, Québec J8X 2A3

Service Details

CitizenOne
CitizenOne provides a proven secure and privacy- aware platform for bringing citizens and service providers together. It empowers clients to deliver services to their users ranging from simple webforms to sensitive systems where great certainty in the users identity is required. CitizenOne™ provides robust CIAM capabilities that enables citizens to securely manage their identity and profile data while enabling governments to control user access to applications and services.
General Information: Website
Point of Contact: Martin Burke

Role(s)

  • Audit
  • Broker
  • Consulting
  • Service Integrator
  • Service Provider
  • Other - Specify

Capability(ies)

  • Attribute Broker
  • Attribute Provider
  • Audit IAM
  • Audit InfoSec
  • Audit QA
  • Audit Risk
  • Authentication 
  • Authorization
  • Client Identity Verification
  • Consulting IAM
  • Consulting InfoSec
  • Consulting QA
  • Consulting Risk
  • Credential Issuer or Provider
  • Federated Attributes 
  • Federation Operator
  • Identity Proofing
  • Identity Provider
  • Integration
  • Managed Hosting
  • Network Operator
  • Relying Party or Verifier
  • Validating Identity Claims
  • Wallet Provider
  • Other - specify

Client Identity Verification Methods

  • Government-issued photo identification method
  • Credit file method
  • Dual process methodology

Audiences

  • Public Sector Individuals (G2C)
  • Public Sector Organizations (G2B)
  • Public Sector Internal Services (G2)
  • Private Sector Businesses (B2B)
  • Private Sector Consumers (B2C)
  • International and NGO
  • Other - specify

Sectors and Use Cases

  • Academia and Research
  • Agriculture
  • Construction
  • Financial Services
  • Healthcare & Social Services
  • Legal / Law 
  • Manufacturing 
  • Natural Resources 
  • Property Services 
  • Public Sector 
  • Retail & Wholesale Trade
  • Technology & Innovation 
  • Tourism & Hospitality
  • Transportation & Logistics 
  • Other - specify

Adoption Communities

  • Public sector
  • Large organizations
  • Small organizations
  • Consumer direct
  • Other - specify

Jurisdiction(s)

  • Canada
  • Asia Pacific
  • Europe
  • Indo Pacific
  • North America
  • Latin America
  • Caribbean
  • Global
  • Other - specify

Operational Language(s)

  • English
  • Canadian French
  • Other - specify

Technical Support Language(s)

  • English
  • Canadian French
  • Other - specify

Platform(s) Availability

  • Apple app store
  • Google app store
  • Embedded in client app
  • Microsoft app
  • In-person scanner (hardware)
  • Other - specify
  • None
Other: Web app

Cost Model

  • Time period flat fee
  • Pay per use
  • Mixed flat and use
  • Other - specify
  • Not Applicable
Other: Per user fees along with transactional fees related to “trust events”. CitizenOne also offers flexible pricing options for local governments and regional governments as well as enterprise licenses for larger organizations.

Service Design Principles

Service Design Principles

  • Accessibility 
  • Auditability
  • Combats fraud
  • Creates efficiencies
  • Diversity, equitability, and inclusion
  • Personal data choice and control
  • Privacy protection and enhancement
  • Transparent governance and operations
  • User-friendly
  • Not applicable

Service Design Tools & Auditability

Design Tools

  • Assurance and risk management framework(s)
  • Codes of practice
  • Community practice guides 
  • Industry, National, International Standards
  • Open source code
  • Regulatory guidance
  • Third-party assessment services
  • Other - specify
  • Not applicable

Protocols Supported

  • API
  • DIDCom (decentralized identifiers)
  • FIDO
  • Hyperledger Indy Aires
  • Oauth
  • OpenID
  • SAML
  • UDAP
  • UMA
  • Other - specify
  • Not applicable
Other: CitizenOne is capable of utilizing almost any standard as part of its design. It leverages a large library of authentication protocols as part of its design.

Image Standards Supported

  • GIF
  • JPEG
  • PNG
  • TIFF
  • ISO IEC19794-5 (Passport Image Standard)
  • Proprietary Standards
  • Other - specify
  • Not applicable
Other: CitizenOne does not include a facial recognition solution but inherent in its design is its ablity to enable facial capture of any integrated 3rd party trust provide solution.

Process Standards Considered

  • AODA
  • ETSI EN 301 549 
  • HIPAA 
  • GSA Section 50
  • ISO/IEC 27001
  • ISO/IEC 27018
  • ISO 30107-3
  • ISO 90001
  • NIST 800-63
  • SOC 2 Type 1
  • SOC 2 Type 2
  • WCAG
  • WCAG 2.0 (ISO/IEC40500)
  • WCAG 2.1
  • Other - specify
  • not applicable
Other: Portage is continuously assessing certification requirements for CitizenOne in line with industry requirements and best practices.

Accreditations and Certifications

  • AODA tested
  • FIDO® Certified
  • ETSI EN 301 549 
  • GIAC GSNA
  • GSA Section 508
  • HIPAA self-attest
  • Institute of Internal Auditors, Certified Internal Auditor
  • ISACA CISA
  • ISO/IEC 27001 ISMS
  • ISO/IEC 27001 ISMS Lead Auditor
  • ISO/IEC 27018
  • ISO 30107-3
  • ISO 90001
  • IRCA ISMS Auditor
  • NIST 800-63
  • OpentID Certified
  • SOC 2 Type 1
  • SOC 2 Type 2
  • WCAG
  • WCAG 2.0 (ISO/IEC40500)
  • WCAG 2.1
  • Other - specify
  • Not applicable
Other: Portage is continuously assessing certification requirements for CitizenOne in line with industry requirements and best practices.

Pan-Canadian Trust Framework (PCTF)

Jurisdictional Privacy Law Compliance

  • Canada
  • Asia Pacific
  • Indo Pacific
  • Europe
  • North America
  • South America

Client Identity Verification Methods

Government-Issued Photo Identification Method

Validation Letter

No file uploaded

Our service captures and returns to the relying party the following data points from the government-issued photo identification: person's name, the date on which the person's identity was verified, type of document used (e.g., driver's licence, passport), unique identifying number of the document used, address (if available), jurisdiction (province or state) and country of issue of the document, expiry date of the document, if available (if this information appears on the document or card, it must be recorded).)

  • Yes
  • No

In addition to Canadian passports and driver’s licenses issued by provinces, territories and the Canadian Department of Defence, our service supports the following documents. (Note: Canadian citizenship card and the laminated certificate Indian Status card not listed due to limited applicability and security features.)

  • Ontario Health card (only to be used for health purposes)
  • Quebec Health card
  • Provincial Photo ID cards (Alberta, Manitoba, New Brunswick, Newfoundland, Labrador, Nova Scotia, Ontario, Prince Edward Island, British Columbia, and Saskatchewan)
  • Canada/US Nexus (Trusted Traveller)
  • Canadian Permanent Resident card
  • Secure Indian Status card
  • In process

Our service verifies documents that are authentic, valid, and current.

  • Yes
  • No

Globally, our service can assess Passports from the following number of countries or regions.

Globally, our service can assess National Identity cards from the following number of countries or regions.

Globally, our service can assess Driver's Licenses in the following number of countries or regions. If a jurisdiction has more than 1 version of the same Driver's License, that jurisdiction is counted only once.

Globally, our service can assess the following number of identification records.

Our service compares the following known characteristics of the government-issued photo identification document against the following to satisfy that it is an authentic document issued by the competent authority (federal, provincial, or territorial government).

  • Character spacing
  • Document size
  • Document modification (e.g., cut corner)
  • Document shape
  • Font position
  • Font size
  • Other - specify
  • Not applicable

Our service compares the following security features of the government-issued photo identification document against the following to satisfy that it is an authentic document issued by the competent authority (federal, provincial, or territorial government).

  • Holograms
  • Image frequency
  • Image positioning
  • Image size
  • Position and size of magnetic stripe
  • Ultraviolet images
  • Other - specify
  • Not applicable

Our service compares the following maker features of the government-issued photo identification document against the following markers to satisfy that it is an authentic document issued by the competent authority (federal, provincial, or territorial government).

  • Markers (logos, symbols or watermarks) positioning
  • Markers (logos, symbols or watermarks) size
  • Raised lettering
  • Other - specify
  • Not applicable

Our service compares the machine-readable contents of the MRZ/barcode with the font of the OCR-extracted data and highlights mismatches.

  • Yes
  • No

Our service performs issuer database lookups for international (non-Canadian) verification purposes.

  • Yes
  • No

Our service can be configured to allow the following regarding capturing government-issued photo identification document(s).

  • Real-time government-issued photo identification document(s)
  • Uploading an existing image file
  • Both real-time and uploading existing image
  • No

Our service reads the machine-readable portion of the photo identification documents as applicable.

  • Yes
  • No

Our service confirms the document's expiry date is not before the date of the validation session (as required in Canadian Anti-Money Laundering regulations).

  • Yes
  • No

Our service tests the algorithm (if applicable) for the unique identifiers against the ones used by the identification document provider (e.g., the last six number of a driver's license matches the DOB of the individual being verified.)

  • Yes
  • No

Our service's ability to read machine-readable passports' facial biometric (ICAO 9303) NFC chip is as follows.

  • Android ready now
  • Android ready in 3 months
  • Apple ready now
  • Apple ready in 3 months
  • Not at this time
  • Not applicable

Our service verifies that a chipped identity document has been authenticated (e.g., Country signer, Active Authentication).

  • Yes
  • No

For international verification, our service supports or is investigating mobile driver's license connectivity.

  • Investigating
  • Android ready now
  • Android ready in 3 months
  • Apple ready now
  • Apple ready in 3 months
  • Not at this time

An independent 3rd-party evaluated the performance of our service's face recognition algorithm in a one-to-one matching scenario using NIST (National Institute of Standards and Technology) FRVT 1:1 (Face Recognition Vendor Test) or the most recent NIST Face Technology Evaluations - FRTE/FATE.

  • Yes
  • No

Our service performs a 'selfie' liveness check.

  • Yes
  • No

Our service’s liveness check is:

  • Certified by a NIST (National Institute of Standards and Technology) certified testing company to NIST Level 2 ISO 30107-3 for Presentation Attack Detection
  • Certified to detect and reject presentation attacks
  • Certified to detect and reject digital injection attacks
  • Not certified

Our service’s liveness check captures the person's image via:

  • Computer webcam picture
  • Computer webcam video
  • Computer webcam interactive video
  • Mobile device picture
  • Mobile device video
  • Mobile device interactive video

Our service’s liveness detection or genuine presence is verified by:

  • Active check (person performs actions)
  • Passive check (live video capture and/or motion detection)
  • Computer webcam interactive video
  • Session may be reviewed by human checker
  • Other - specify
  • Not at this time

The identification information our service verifies is ultimately stored:

  • By the person being identified (e.g., stored digital identity on their device)
  • By the vendor on behalf of the subject (e.g., Identity network stores the encrypted access of the digital identity for the person being identified)
  • By the vendor as directed by the entity receiving the identification information (e.g., financial institution)
  • By the entity receiving the identification information (e.g., financial institution)
  • Other - specify
  • Not sure
  • Not applicable

Information stays within Canada for the entire session for Canadian government-issued photo identification (i.e., in transit not related to storage).

  • Yes
  • No

Our service uses an identity verification network that encrypts all information in a mobile application in transit.

  • Yes
  • No

Our service uses an identity verification network that stores information with the following selections.

  • Major cloud providers with Canadian server locations
  • Major cloud providers with International server locations
  • Private clouds
  • Other - specify
  • Not sure
  • Not applicable

Our service uses an identity verification network that delivers services via the following.

  • Major cloud providers (SaaS) with Canadian server locations
  • Major cloud providers with International server locations
  • Private clouds
  • On premise with customer’s data center
  • Mobile Integrations (Customer within their own app via SDK)
  • Mobile Integrations (Vendor application)
  • Web Integrations (Customer within their own app via SDK)
  • Web Integrations (Vendor application)
  • Other - specify
  • Not sure
  • Not applicable

Credit File Method

Validation Letter

No file uploaded

Our service receives data from a Canadian Credit Bureau when an individual's identity is verified.

  • Yes
  • No

Our service confirms the data extracted from the credit file contains information derived from more than one tradeline (i.e., two financial institutions which do not include your customer as one of the tradelines.)

  • Yes
  • No

Our service receives credit file information directly from a Canadian Credit Bureau (or through a third-party vendor authorized by a Canadian Credit Bureau).

  • Yes
  • No

Our service confirms the data extracted from the credit file has existed for at least 3 (three) years.

  • Yes
  • No

Our service matches the name, address, and DOB of an individual whose identity is being verified with the name, address, and DOB contained in the records of a Canadian Credit Bureau.

  • Yes
  • No

Our service accepts the following match type when matching the individual's first name.

  • Allows partial matches
  • Only accepts exact matches

Our service accepts the following match type when matching the individual's last name.

  • Allows partial matches
  • Only accepts exact matches

Our service accepts the following DOB match types.

  • Year is an exact match, and the day and month are switched (e.g., 02/10/1980 vs. 10/02/1980).
  • Year is +/- 1 (one) year, day, and month are exact matches (e.g., 02/10/1980 vs. 02/10/1979).
  • Other - specify

Our service accepts the following match type when matching the address.

  • Allows partial matches
  • Only accepts exact matches

Our service implements and interprets fraud indicator signals.

  • Yes
  • No

Our service considers address change date, name change date, DOB change date related to a risk profile.

  • Yes
  • No

Dual Source Method

Validation Letter

No file uploaded

Our service is connected to the following Reliable Source(s).

  • Government-issued or crown-corporation record
  • Canadian credit bureau that is at least six (6) months old
  • Canadian financial institution
  • Canadian utility company
  • Canadian telecommunications company
  • Other - specify other connected reliable sources

Globally, our service can assess Passports from the following number of countries or regions.

Globally, our service can assess National Identity cards from the following number of countries or regions.

Globally, our service can assess Driver's Licenses in the following number of countries or regions. If a jurisdiction has more than 1 version of the same Driver's License, that jurisdiction is counted only once.

Globally, our service can assess the following number of identification records.

Globally, the following number of validated records are accessible in your library.

Our service uses the following Reliable Source(s) as evidence to verify the name and address or name and DOB of the individual whose identity is being verified.

  • Government-issued or crown-corporation record
  • Canadian credit bureau that is at least six (6) months old
  • Canadian financial institution
  • Canadian utility bill company
  • Canadian telecommunications company
  • Other - specify other connected reliable sources

Our service, your agent, nor the individual being verified is a Reliable Source from which you draw information.

  • Yes
  • No

Our service uses the following capabilities to confirm the individual has a deposit account, credit card, or other loans with a financial institution.

  • Interac Verified
  • Other - specify other connected services

The capability(ies) our service uses, referenced in the previous question, can query the following number of Canadian financial institutions.

  • 1-50
  • 10-50
  • 50-100
  • 100+

Our service uses a Canadian Credit Bureau as one of the Reliable Sources used to satisfy the Dual Process Method requirements, our service confirms the extracted data from the credit file has existed for at least six (6) months.

  • Yes
  • No

When our service uses a Canadian Credit Bureau as one of the Reliable Sources used to satisfy the Dual Process Method requirements, the Credit Bureau acts as an aggregator.

  • Yes
  • No

The Canadian Credit Bureau provides our service with two (2) independent tradelines originating from different sources that are not our own, where each tradeline confirms one of the two categories of information required to verify the individual's identity under the Dual Process Method.

  • Yes
  • No

An explanation of why each Reliable Source your service is connected with is considered well-known and reputable is provided below.

Our service receives information from two (2) different Reliable Sources and is ensured as valid and current.

  • Yes
  • No

The information our service collects from Reliable Sources is found in documents.

  • Yes
  • No

The following statements apply to the information our service collects from Reliable Sources found in documents.

  • Documents originate from or are issued by Reliable Sources
  • Documents are provided directly to your service through communications with an official c
  • You are viewing a valid, original, authentic, and current paper or electronic document, not a photocopy or electronic image
  • You are confirming the document is valid and unaltered

Our service allows partial first and last name matches.

  • Yes
  • No

Our service accepts the following match type when matching the address.

  • Only accepts exact matches
  • Accepts partial matches

Our service tests the metadata of uploaded, scanned records.

  • Yes
  • No

Our service has the ability to do “dark web” searches.

  • Yes
  • No

Our service has tools to detect potential fraudulent records (image compares, logo validation, AI).

  • Yes
  • No

Our service can test records in the following approaches.

  • Waterfall only
  • In parallel

Our service has supportive controls of device validation or telco capabilities validation.

Our service makes a dated record of the information obtained available to end users and allows end users to download and retain copies of the documents or records used.

  • Yes
  • No