Thailand: Adopted Standards on Digital Identity Proofing and Authentication

On 19 September 2022, the Electronic Transactions Commission (ETC) announced the adoption of the Electronic Transaction Standards on Digital Identity Proofing and Authentication (No. ThEC 11-2565). This comprehensive framework, comprising three volumes, seeks to standardise and enhance the processes of digital identity proofing and authentication throughout Thailand. The standard incorporates the concept of Authentication Assurance Level (AAL), which denotes the degree of confidence in the authentication process. Higher levels (AAL1, AAL2, AAL3) necessitate increasingly rigorous methodologies, such as multi-factor authentication, to guarantee the security and dependability of user identity confirmation in digital transactions. Volume 1 provides an overview of the fundamental structure, terminology, and processes involved in digital identity proofing and authentication, establishing a foundation for the development of consistent and reliable digital identity systems. Volume 2 sets out the requirements and procedures for verifying an individual's identity, ensuring that identity proofing is conducted at an appropriate assurance level in line with the risks associated with the transaction or service in question. Volume 3 specifies the authentication mechanisms and security measures that must be implemented to confirm an individual's identity, including multi-factor authentication and protection against various security threats.