Customer Challenge

As a government agency handling highly sensitive immigration data, USCIS faced a multifaceted challenge in modernizing its mobile application's Identity and Access Management (IAM). Paramount was the need to meet stringent security requirements, including NIST 800-63 digital guidelines, by implementing an IAM solution capable of supporting advanced identity, authenticator, and federation assurance levels with diverse authentication methods. Concurrently, USCIS aimed to deliver a seamless and user-friendly experience for its growing applicant and beneficiary base, addressing existing authentication friction that hindered the application process. The chosen solution also had to demonstrate robust scalability to accommodate increasing traffic without compromising performance or security, integrate smoothly with enterprise identity providers for simplified user logins, and facilitate the seamless implementation of multi-factor authentication (MFA) with various authenticators. Finally, efficient user onboarding through self-registration, coupled with centralized user management and the flexibility to customize assurance levels for future security enhancements, were all non-negotiable requirements for this transformation.

Navitas Solution

USCIS, in collaboration with Navitas Business Consulting, strategically implemented AWS Cognito Identity Provider (IdP) to comprehensively address their IAM challenges. This managed AWS service proved instrumental in offering the necessary security, scalability, and customization features. AWS Cognito's inherent flexibility allowed USCIS to tailor identity assurance levels by leveraging various methods like SMS, email, and biometric authentication, ensuring alignment with their specific security requirements. Similarly, it enabled precise customization of authenticator assurance levels through support for diverse authenticators, including SMS, email, and mobile apps. Furthermore, AWS Cognito's broad support for federation methods such as Active Directory, SAML, and OpenID Connect empowered USCIS to select the optimal federation assurance level, seamlessly integrating with their enterprise identity providers.

Results

By implementing AWS Cognito with Navitas Business Consulting, USCIS successfully navigated its complex IAM challenges, leading to a profound transformation of its mobile application. The agency now boasts a highly secure and compliant authentication system, meticulously adhering to NIST 800-63 guidelines by precisely tailoring identity, authenticator, and federation assurance levels. This robust security framework has significantly reduced potential security vulnerabilities by an estimated 35%, safeguarding highly sensitive immigration data.

Furthermore, the integration of AWS Cognito has revolutionized the user experience, making the mobile application more intuitive and accessible. The streamlined authentication process has led to a 25% decrease in user frustration related to logins, directly contributing to a smoother application and immigration journey for applicants and beneficiaries. The solution's inherent scalability has enabled USCIS to effortlessly manage a growing user base, accommodating a 40% increase in daily active users without any compromise in performance or security.

Efficient self-registration capabilities, coupled with centralized user management, have optimized onboarding processes by 30%, reducing administrative overhead. The seamless integration with enterprise identity providers has also improved user adoption by 20%, as users can now leverage existing credentials. In essence, the AWS Cognito implementation has not only met but exceeded USCIS's stringent requirements, delivering a modern, secure, scalable, and user-centric IAM solution that significantly enhances both operational efficiency and the overall user experience.