You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 63 Next »

Introduction

The original purpose of this survey was to understand what other institutions are doing or planning to do in response to the requirement in Section 495 of the HEOA (2008). This states that accrediting agencies must require an institution that offers distance education or correspondence education to have processes through which the institution establishes that the student who registers in a distance education or correspondence education course or program is the same student who participates in and completes the program and receives the academic credit.

However, the challenge of remote credentialing does not only exist in Distance Education. Most incoming students at an institution go through an admissions process that requires their access to campus applications or services prior to their arrival on campus. In some cases, these applications deal with FERPA protected or financial data that needs to be protected from inappropriate access. The question is how comfortable are institutions that their process for granting access to these resources is secure - namely, that the campus credential they issue to the "student" is really going to the right person.

This survey will focus on the identity proofing and credentialing of students "at a distance", whether they are in a formal Distance Education or a Corespondence Program or are students pursuing a more traditional on-campus education, but prior to their arrival on campus.

Who should fill this out.

Privacy Statement and Results.

Primary Audience/Scoping: Degree seeking students in distance education programs.

Terms

Authentication - The process of identifying an individual, usually based on username and password. Authentication merely ensures that the individual is who he or she claims to be, but says nothing about the access rights of the individual.

Credential - An object that authoritatively binds an identity (and optionally, additiional attributes) to a token possessed and controlled by a person.

Credentialing - The process whereby users are given electronic credentials to ensure that they are coupled with the correct digital identity information.

Digital Identity - The representation of a human identity that is used in a distributed network interaction with other machines or people.  The purpose of the digital identity is to establish the level of comfort and confidence in a digital environment that is associated with face-to-face human interactions.

Identifier - usually a permanent, persistant number assigned to a student.  Frequently a replacement for SSN.  (StudentID number).  Usernames are also identifiers but may not be persistent.

Identity Proofing - The process of verifying the identity of an individual either "in person" by presenting a government issued photo ID or through challenge-response questions that contain information about the individual being "proofed" that would not be available to the general public. Usually performed in conjunction with the credentialing process. Proponderance of evidence.

Identity Vetting - The process of thorough examination and evaluation of an individual's identity data.

Prospective Student - a person who has expressed interest (or in whom the institution has expressed interest) in submitting an admission application.   

UserID - account/login ID (NetID).  Can be name-based or not.  May or may not be permanent, persistent.

Demographic Information and Environment

  1. Department of the person completing the survey:
    1. Admissions
    2. Registrar
    3. Distance Education / Correspondence Education
    4. Information Technology
    5. Other ______________________
  2. Institution information
    1. Name of Institution (This will not be published in the survey results but will be used for correlating answers)
    2. What is the size of the distance education student population?
    3. If your institution offer both traditional and distance education degrees, are your student credentials (username/password) maintained and administered:
      1. Together
      2. Separately
      3. Other____________________________
    4. If your institution offers both traditional and distance degrees, are the admissions and registration functions:
      1. Combined/consolidated into one unit
      2. Separate
      3. Other____________________________

Remote Identity Proofing and Credentialing of Students

  1. How do you begin your recruiting process (Check all that apply)?
    1. Internal aggregation of "Suspects" (Inquiries, camp attendees, etc)
    2. Obtain potential "suspects" from third Party
  2. When do you first learn about prospective students? (Check all that apply.)
    1. Test score Referrals
    2. High School Meetings
    3. Alumni/other "gatherings"
    4. Phone Inquiries
    5. Other ______________________
  3. How do prospective remote students make initial contact? (Check all that apply.)
    1. Submit an application
    2. Email Inquiry
    3. Inquiry through Campus Portal
    4. Phone Inquiries
    5. Request for Site Visit
    6. Response to CRM Campaign
    7. Other ______________________
  4. How do you establish an initial communications channel? (Check all that apply.)
    1. Use the user supplied email address
    2. Establish/use institutional email address.
    3. Parent/guardian email address
    4. US Postal Mail
    5. Voice contact
    6. Personal appearance
    7. Other ______________
  5. What business office is involved in doing the identity proofing of remote students? (Check all that apply.)
    1. Admissions
    2. Registrar
    3. Bursar
    4. Identity/Campus Card
    5. Orientation
    6. Academic Unit
    7. Distance Education
    8. Other ______________________
  6. At what point is the first login credential assigned (e.g. email address, userid/password pair, etc.)?
    1. First contact from prospect and request for information
    2. Initial application
    3. Completed application portfolio
    4. Admitted 
    5. Received deposit/earnest money
    6. Registration completed
    7. We don't assign initial login credentials. We accept existing credentials from services like Google, Facebook, Twitter, 

      [Mark M. to provide credential clearinghouse examples]

    8. Other ______________________
  7. For what purposes is this initial login credential used? (Check all that apply.)
    1. Admissions
    2. Financial aid
    3. Housing
    4. Course enrollment
    5. Learning management system access
    6. Distance education services
    7. Testing/assessment
    8. Campus services (portal, calendar, mail, etc.)
    9. Other ________________________
  8. How is this initial login credential communicated to the remote person? (Check all that apply.)
    1. Send via US Postal Mail
    2. Send to a prospect-provided mobile number
    3. Send via email to a prospect-provided address
    4. Send a one-time link to a password selection page (via US Mail or email or mobile)
    5. Ask a prospect to access a webpage and choose/obtain login credentials (userid/password)
    6. Other ______________________
  9. Is this initial login credential used throughout the student's tenure?
    1. Yes. (If yes, skip the next question. )
    2. No
  10. If another login credential is assigned, please indicate at what point the permanent login credentials are established?
    1. Initial application
    2. Completed application portfolio
    3. Admitted 
    4. Received deposit/earnest money
    5. Registration completed
    6. Other ______________________
  11. How is this permanent login credential communicated to the remote individual? (Check all that apply.)
    1. Send via US Postal Mail
    2. Send to a prospect-provided mobile number
    3. Send via email to a prospect-provided address
    4. Send via email to an institutionally-provided address
    5. Send a one-time link to a password selection page (via US Mail or email or mobile)
    6. Ask a prospect to access a webpage and choose/obtain login credentials (userid/password)
    7. Other ______________________
  12. Upon first login with permanent credentials, is the person required to change the password?
    1. Yes
    2. No
  13. At what point is supporting documentation about an individual received from external third parties (e.g., testing service, etc)?(Check all that apply.)
    1. Prior to first contact from person
    2. First contact from person and request for information
    3. Initial application
    4. Completed application portfolio
    5. Admitted 
    6. Received deposit/earnest money
    7. Registration completed
    8. Never
  14. If supporting documentation is received, does the receipt result in increased confidence about the identity of the person?
    1. Yes (If yes go to 15)
    2. No (Go to 16)
    3. It makes no difference (Go to 16)
  15. Do you provide more sensitive information and services based on the increased confidence resulting from the documentation received from external third parties?
    1. Yes
    2. No
  16. At what point do you do primary identity proofing (Provide definition) of the individual?
    1. First contact from prospect and request for information
    2. Initial application
    3. Completed application portfolio
    4. Admitted 
    5. Received deposit/earnest money
    6. Registration completed
    7. None of the above. We don't do identity proofing.
    8. Other ______________________
  17. Does the identity proofing process result in any of the following:
    1. Password reset requirement
    2. Issuance of an identity card 
    3. Issuance of a new/permanent login credential
    4. Other ________________________
  18.  
  19. Why did you choose the stage you chose for primary identity proofing? ______________________
  20. What information do you have on the remote person at this stage? (Check all that apply.)
    1. Name
    2. Address
    3. Birthdate
    4. Email address
    5. High school transcript
    6. Test scores
    7. Parent/guardian name
    8. Parent/guardian address and contact information
    9. Academic interest
    10. Academic term of interest
    11. Financial aid information
    12. Credit card number or bank account number
    13. Post-secondary institution (if transfer student)
    14. Other notable ______________________
  21. What evidence do you require from the person to prove their physical identity?
    1. Faxed/scanned government picture id
    2. Faxed/scanned credit card
    3. Faxed/scanned notarized documents
    4. Electronically notarized documents/forms
    5. In person appearance at notary office
    6. In person appearance on campus
    7. Use a third-party vendor to validate identity. Please specify: __________________
    8. Other
  22. How is sent sent to you?
    1. Email
    2. Fax
    3. US Postal Mail
    4. File Upload
    5. Other ______________________
  23. Do you record the evidence and process used?
    1. Yes
    2. No
  24. Please indicate any concerns with this process (e.g. having unauthorized individual obtains financial aid or gains access to FERPA-protected data, labor intensive, inconvenient for prospects and students): ______________________
  25. If changes were proposed to the identity proofing process for distance education students, who would be involved in the decision? Check all that apply.
    1. Campus-wide governance board
    2. Admissions/Registrar Office
    3. Audit Office
    4. Identity/Card Office
    5. Office of General Council
    6. Security Office
    7. Privacy Office
    8. Distance Education Office
    9. IT Management Team
    10. IT Technical Staff
    11. Other____________________________
  • No labels