spaces.internet2.edu has been upgraded to Confluence 5.10.6. Please check it out. Send questions to confluencesupport@internet2.edu
Skip to end of metadata
Go to start of metadata

Establishing Remote-Student Identity - A Survey

Background

Your students are admitted, registered, receive financial assistance, take examinations, receive grades, graduate, receive a diploma, order transcripts and have a viable academic life and history.  However, these educational experiences and and institutional services are delivered remotely - these students have never been to campus and proximity to brick and mortar is not an expectation nor a program requirement. But, who are these people and how do you know they are who they say they are?

The institutional response to this question of assuring student identity is not new.  However, the ubiquity of network(s), easy access to computers and smart appliances and compliance with privacy statues has heightned our sensitivity to the issue.  For example, section 495 of the HEOA (2008) states that institutions offering distance or correspondence education must have processes that establish that the student who registers for a course or program is the same student that participates and completes it!  What processes and practices are used and/or should be used to establish our student's identity remotely? 

The need to identify remote identity practices has been raised in several venues.  Recently, AACRAO sponsored a webinar entitled "Recruiting, Admitting and Providing Services Remotely: Establishing Identity, Distributing Credentials and Identity Management" in response to a question regarding remote identity practices and whether they were deemed secure, reasonable and compliant.  The feedback from the webinar led to the belief that the need for a published set of remote identity practices was not available, but  truly needed.

What is the Goal of This Survey

This survey focuses on the process used to verify identity and to communicate login credentials to prospective, admitted, and registered students by institutions offering degree programs at a distance. The goal is to 1) publish a set of remote identity practices that 2) have been reviewed by key privacy and regulatory experts.

Who Should Complete the Survey

The survey is intended to be filled out by the individual or individuals most familiar with the application and registration process of your institution's distance education program(s). (The distance education programs considered by this survey should culminate in academic credentials such as a degree or certification.)

How Long will the Survey be Open?

The survey will be available from September 15 to October 6.

Who is Sponsoring This Survey

It was developed by the InCommon Student Services Group- a collaboration of IT Staff and Registrar campus teams,  EDUCAUSE and Internet2 along with AACRAO.

Where Can I Find the Survey Results

Responses received from this survey will be analyzed and the results will be presented at the 2010 EDUCAUSE Annual Conference (October 12-15) and made available online afterward on the AACRAO, InCommon, and InCommon Student sites. Specific responses will remain anonymous, with "Institution Name" only being used for correlation between different departments of the same institution and cited in the list of participating schools.

Where Can I Get More Information?

You can find out more about the InC Student group by visiting their wiki. If you have a question about this survey, please send email to incommon-info-request@incommon.org.

Terms

The following technology-related terms are used in this survey:

UserId (or userid) is an account a user name or login ID (NetID).  Can be name-based or not and may or may not be permanent/persistent. For some systems, the userid may also be an email address.

Credential is an identifier (such as a Userid/NetID) or identifying token (such as digital certificate) coupled with a "shared secret". usually a password or pass phrase issued by a system to a person., that has been mapped authoritatively to an individual. The identity of the person may or may not be known to the system  when the identifier and the shared secret are issued.

Identity Proofing is the process used to verify the physical identity of an individual by having them present identifying documents such as a passport or drivers license in person, or remotely through challenge-response questions that contain information about the individual being "proofed" that would not be available to the general public. Identity proofing establishes the identity of the person to whom a credential (identifier and shared secret) has been issued.

Demographic Information and Environment

  1. Department of the person(s)  completing the survey. (If you have a team working on filling out the survey, please check all the departments that apply):
    1. Admissions
    2. Registrar
    3. Distance Education
    4. Information Technology
    5. Other ______________________
  2. Institution information
    1. Name of Institution (This will not be published in the survey results but will be used to correlate answers from the same school.)
    2. What is the size of the distance education student population?
    3. How many students go through the prospect process at one time?
    4. If your institution offers both traditional and distance education degrees, are your student credentials (username/password) maintained and administered:
      1. Together
      2. Separately
      3. Other____________________________
    5. If your institution offers both traditional and distance degrees, are the admissions and registration functions:
      1. Combined/consolidated into one unit
      2. Separate
      3. Other___________________________
    6. Please provide your email address if you agree to be contacted regarding questions about your survey (if any):
      ____________________________

First Contact with Prospect

  1. How do you begin your recruiting process (Check all that apply)?
    1. Internal aggregation of "Suspects" (Inquiries, camp attendees, etc)
    2. Obtain potential "suspects" from third Party
  2. When do you first learn about prospective students? (Check all that apply.)
    1. Test score referrals
    2. High School meetings
    3. Alumni/other "gatherings"
    4. Phone inquiries
    5. Other ______________________
  3. How do prospective remote students make initial contact? (Check all that apply.)
    1. Submit an application
    2. Email inquiry
    3. Inquiry through campus recruiting portal
    4. Phone inquiries
    5. Request for site visit
    6. Response to CRM campaign
    7. Other ______________________
  4. How do you establish an initial communications channel with the prospect? (Check all that apply.)
    1. Use the user-supplied email address
    2. Establish/use institutional email address.
    3. Use the parent/guardian email address
    4. Send by US Postal Mail
    5. Contact by voice (phone)
    6. Contact through personal appearance
    7. Other ______________

Assigning/Choosing Prospect Credentials

  1. At what point is the first login credentials chosen or assigned (e.g. email address, userid/password pair, etc.)?
    1. First contact from prospect and request for information
    2. Initial application
    3. Completed application portfolio
    4. Admitted 
    5. Received deposit/earnest money
    6. Registration completed
    7. We don't assign initial login credentials. We accept existing credentials from services like Google, Facebook, Twitter, CollegeNet, etc.
    8. Other ______________________
  2. For what purposes is this initial login credential used? (Check all that apply.)
    1. Admissions
    2. Financial aid
    3. Housing
    4. Course enrollment
    5. Learning management system access
    6. Distance education services
    7. Testing/assessment
    8. Campus services (portal, calendar, email, etc.)
    9. Other ________________________
  3. Is your initial login credential assigned by a system or chosen by the user?
    1. Assigned by the system (Go to 4)
    2. Chosen by the user (Got to 5)
    3. Other ___________________________
  4. If the initial login credential is assigned by a system, how is the credential communicated to the remote person? (Check all that apply.)
    1. Send via US Postal Mail
    2. Send to a prospect-provided mobile number
    3. Send via email to a prospect-provided address
    4. Send a one-time link to a password selection page (via US Mail or email or mobile)
    5. Ask a prospect to access a webpage and choose/obtain login credentials (userid/password)
    6. Other ______________________
  5. Is the initial login credential used throughout the student's tenure replaced by a new permanent login credential at some point?
    1. No. (Go to Physical Identity Verification section.)
    2. Yes (Go to question 6.)
  6. If permanent login credentials are chosen or assigned, please indicate at what point the permanent login credentials are established?
    1. Initial application
    2. Completed application portfolio
    3. Admitted 
    4. Received deposit/earnest money
    5. Registration completed
    6. Other ______________________
  7. How is this permanent login credential communicated to the remote individual? (Check all that apply.)
    1. Send via US Postal Mail
    2. Send to a prospect-provided mobile number
    3. Send via email to a prospect-provided address
    4. Send via email to an institutionally-provided address
    5. Send a one-time link to a password selection page (via US Mail or email or mobile)
    6. Ask a prospect to access a webpage and choose/obtain login credentials (userid/password)
    7. Other ______________________
    8. None of the above. The user chooses his or her login credential.
  8. Upon first login with permanent credentials, is the person required to change the password?
    1. Yes
    2. No

Physical Identity Verification

  1. At what point is supporting documentation about an individual received from external third parties (e.g., testing service, etc)? (Check all that apply.)
    1. Prior to first contact from person
    2. First contact from person and request for information
    3. Initial application
    4. Completed application portfolio
    5. Admitted 
    6. Received deposit/earnest money
    7. Registration completed
    8. Never
  2. If supporting documentation is received, does the new information result in increased confidence about the identity of the person?
    1. Yes (If yes go to 3)
    2. No (Go to 4)
  3. Do you provide access to more sensitive information and services based on the increased confidence resulting from the documentation received from external third parties?
    1. Yes
    2. No
  4. At what point do you perform primary identity proofing of the individual? (Identity Proofing is the process used to verify the physical identity of an individual by having them present identifying documents such as a passport or drivers license or through challenge-response questions that contain information about the individual being "proofed" that would not be available to the general public.)
    1. First contact from prospect and request for information
    2. Initial application
    3. Completed application portfolio
    4. Admitted 
    5. Received deposit/earnest money
    6. Registration completed
    7. None of the above. We don't do identity proofing.
    8. Other ______________________
  5. What business office is involved in doing the identity proofing of remote individuals? (Check all that apply.)
    1. Admissions
    2. Registrar
    3. Bursar
    4. Identity/Campus Card
    5. Orientation
    6. Academic Unit
    7. Distance Education
    8. Other ______________________
  6. Does the identity proofing process result in any of the following:
    1. Password reset requirement
    2. Issuance of an identity card 
    3. Issuance of a new/permanent login credential
    4. Other ________________________
  7. Why did you choose the stage you chose for primary identity proofing? ______________________
  8. What information do you have about the remote person at this stage? (Check all that apply.)
    1. Name
    2. Address
    3. Birthdate
    4. Email address
    5. High school transcript
    6. Test scores
    7. Parent/guardian name
    8. Parent/guardian address and contact information
    9. Academic interest
    10. Academic term of interest
    11. Financial aid information
    12. Credit card number or bank account number
    13. Post-secondary institution (if transfer student)
    14. Other notable ______________________
  9. What evidence do you require from the person to prove their physical identity?
    1. Government picture id
    2. Credit card
    3. Physically notarized documents
    4. Electronically notarized documents/forms
    5. In person appearance at notary office
    6. In person appearance on campus
    7. Use a third-party vendor to validate identity. Please specify: __________________
    8. Other
  10. How are these identity documents sent sent to you?
    1. Email
    2. Fax
    3. US Postal Mail
    4. File Upload
    5. Other ______________________

Auditing and Governance

  1. Do you record the act of providing evidence for the identity proofing?
    1. Yes
    2. No
  2. Do you capture the image of the evidence and link it to the person's record?
    1. Yes
    2. No
  3. If changes were proposed to the identity proofing process for distance education students, who would be involved in the decision? Check all that apply.
    1. Campus-wide governance board
    2. Admissions/Registrar Office
    3. Audit Office
    4. Identity/Card Office
    5. Office of General Council
    6. Security Office
    7. Privacy Office
    8. Distance Education Office
    9. IT Management Team
    10. IT Technical Staff
    11. Other____________________________
  4. Please indicate any concerns with this process (e.g. having unauthorized individual obtains financial aid or gains access to FERPA-protected data, labor intensive, inconvenient for prospects and students): ______________________
  • No labels