Identity operations for people

Put secure identity control in every employee’s hand.

MYID Self Verify connects employees, identity providers, directories, security operations, training systems, and administrators through one company controlled mobile experience. Users recover access, manage approved identity details, review security events, and understand the freshness of every result. Administrators control which functions are available for each company and verify readiness before launch.

MYID mobile security and access screen
Company awareEvery experience begins with a specific tenant and its approved capabilities.
Provider controlledActions follow the connected identity system, directory, and company policy.
Truthful freshnessCached, live, pending, unavailable, and degraded states remain distinct.
Measurable operationServer and mobile instrumentation can show latency, failures, sync timing, and frame health.
One mobile workspace

Identity help, security response, and clear status in one place.

Each company enables only the functions supported by its environment. The app uses local state for fast display, then refreshes eligible information without pretending old data is new.

Company connection

Employees scan a setup code, choose a saved code, or enter a company identifier. The app verifies the company before sign in.

Secure sign in

Password sign in, tenant verification, trusted device state, biometric return, and protected session refresh work together.

Security snapshot

Users can see profile status, password health, MFA health, open incidents, device evidence, training, and freshness where configured.

Password operations

Change and recovery flows follow provider policy, password rules, step up checks, and the result returned by the connected system.

MFA management

Users can review supported factors and complete approved enrollment, disable, or removal actions when the provider allows them.

Directory unlock

A verified user can request a live directory account unlock and receive a confirmed resulting state instead of an assumed outcome.

Profile updates

Company approved identity fields can be updated with validation and OTP confirmation where required. Profile photos use a separate background path.

Recovery approvals

Authorized managers can review recovery requests assigned to them without exposing password or OTP values.

Security learning

When a training provider is connected, users can see current assignments, due dates, progress, and approved learning links.

Protect

Bring the affected person into the response loop.

MYID can translate an identity incident into a focused mobile review. The user sees relevant context, records what happened, and gives security operations a faster source of evidence.

01

Detect

A configured security source supplies an incident that can be associated with a user.

02

Notify

A push notification or in app alert routes the signed in user to protected review.

03

Respond

The user confirms familiar activity or identifies suspicious activity with clear choices.

04

Protect

MYID records the result and can run company approved actions through connected providers.

Company controlled Autopilot

Autopilot is optional. A company defines the response window, consent behavior, allowed actions, and connected systems. If the user denies an event or does not respond, MYID follows that approved policy and records provider results.

See how Autopilot works

User context without broad exposure

The mobile experience should show only incidents the server can associate with the signed in identity. Pending evidence remains pending. A missing provider result never becomes an invented healthy state.

Read the security approach

Fast and truthful sync

Show useful data now, then refresh what needs attention.

MYID can load a durable summary and device cache before slower providers finish. Background refresh updates eligible sections and keeps the original freshness of cached evidence. A successful sync, a degraded sync, and a provider failure remain different outcomes.

  • One joined refresh instead of repeated overlapping requests
  • Local profile image cache outside the main dashboard sync
  • Clear timestamps for live and cached evidence
  • Capability state retained when users move between screens
PERFORMANCE VIEW

Measure the experience from server to device.

Mobile API durationp95by operation
Request outcomeratesuccess and failure
Flutter frame healthp99build and raster
Provider timingtrendconfigured sources

Current run summaries are available through protected administration endpoints. Durable history requires an authenticated Prometheus collection path and a configured monitoring store.

Audit evidence

Seven questions for every important event.

MYID structures audit evidence around the W7 contract. Sensitive values such as passwords, OTP values, tokens, cookies, and secrets are redacted. Capture metadata states whether a request or response was complete, partial, summarized, or unavailable.

Who
What
When
Where
Why
How
Outcome
Truth matters more than a claim of perfect capture. When MYID can observe all bytes, the record can include exact length and integrity data. When a connector or payload cannot be captured safely, the record says so. Tenant scoped exports are supplied through approved access procedures.
Connected by design

Use the identity and security investments already in place.

MYID uses provider adapters and company capability controls. Availability depends on the customer environment, permissions, network path, licensed provider functions, and successful readiness testing.

Identity providers

Current connection patterns include IBM Verify, identity management services, Microsoft Entra ID, and provider specific extensions.

Directories

Active Directory and LDAP connections can support account status, unlock, profile attributes, password operations, and photo sync.

Security operations

QRadar incident workflows, endpoint health sources, security notifications, and provider response actions are configured per company.

Notifications

Firebase messaging, Apple notification delivery, app routing, widgets, and Live Activities can guide users to time sensitive actions.

Verification delivery

Email, SMS, provider native OTP, and tenant specific routes can support verification while keeping secrets off the mobile client.

Hybrid connectivity

Customer networks can use approved private or hybrid paths for directories and security systems that are not publicly reachable.

Published customer result

Identity modernization with measurable outcomes.

IBM reports that Askari Bank worked with SPS on a modern identity program using IBM Verify and MYID capabilities. Published outcomes include a 75 percent reduction in help desk time for password issues, 80 percent staff adoption, 100 percent MFA coverage for sensitive actions, and onboarding reduced from five days to one day.

Results belong to that deployment and are not a guarantee for another customer.

Read the IBM case study

Compliance support

Framework informed, deployment specific.

MYID uses recognized security and privacy frameworks as assessment references. Regulatory applicability depends on the customer, data, configuration, contracts, operating environment, and supporting policies. We do not present framework names as certifications.

  • NIST CSF and NIST SP 800 53 assessment references
  • Customer specific planning for HIPAA, SEC530, GDPR, privacy laws, FERPA, GLBA, and CJIS
  • SOC 2, ISO 27001, and FIPS validation treated as independent assurance objectives

See the complete status matrix

Start with proof

Test MYID against your systems before broad use.

We map the tenant, enable only supported functions, test each provider, validate user workflows, review audit evidence, and measure performance before production approval.