NIST 800-63-4 Guidelines: An Identity Call To Action

The U.S. National Institute of Standards and Technology (NIST) has released its Special Publication (SP) 800-63-4, the latest revision of its Digital Identity Guidelines.

The new 2025 version represents a fundamental rethink of what “secure digital identity” means in an era of AI-generated videos, crime-as-a-service marketplaces, synthetic identities, and digitally sophisticated attacks. If you’re responsible for identity verification, authentication, or digital trust, these guidelines aren’t just a critical resource; they’re a call to action.

This article breaks down what’s changed, why it matters, and what it means to your identity strategy and solution criteria.

Why NIST Rewrote the Rules (The Threat Landscape Has Changed Completely)

This is the first update to the NIST Digital Identity Guidelines since 2017, which predates a massive transformation in the threat landscape with the explosion of generative AI and the democratization of sophisticated attack tools targeting digital identity systems.

In fact, the 2025 threat landscape is unrecognizable compared to 2017:

• Deepfake generation tools are widely available and constantly improving
• AI-generated synthetic identities can be indistinguishable from real people
• Deepfakes are being streamed into video conferencing platforms like Zoom and Teams in real-time, enabling attackers to impersonate colleagues and executives during live calls or bypass video call verification
• Virtual cameras, device manipulation, and injection attacks can bypass subpar liveness detection entirely.

NIST explicitly states that these guidelines address the “changing digital landscape” and the rise of sophisticated, AI-driven threats. And this is all occurring at a time when an increasing number of traditional in-person services have moved online.

The iProov Security Operations Centre (iSOC)  documented a 704% increase in face swap attacks from the first to the second half of 2023, with a further 300% rise in 2024.

The lesson is clear: organizations can no longer rely on security models designed before the explosion of generative AI. 

A Critical Shift: Raising The Bar on PAD, Introducing IAD

NIST SP 800-63-4 makes Presentation Attack Detection (PAD) mandatory for high-assurance use cases under IAL2 and AAL2.

Digital identity standards and guidelines have historically focused on PAD, which does not detect if someone is physically present; it detects presentation artifacts – photos, video replays, or masks – to determine: Is this a real face or a fake one?

Here’s what’s changed: NIST’s definition of adequate PAD now encompasses far more than basic liveness checks. NIST now requires both PAD and protections against injection attacks – cyberattacks that bypass the camera on a device, or are injected into a data stream – as separate, complementary requirements. The guidelines require verifiers to “make a determination of sensor and endpoint performance, integrity, and authenticity. The bar has fundamentally changed because organizations must now address both PAD and IAD.

The bar has fundamentally changed because organizations must now address both PAD and IAD.

Most biometric solutions can handle basic presentation attacks – it’s a minimum requirement. Very few can detect when the entire data stream has been compromised at the digital level or replaced within native video streams, which is exactly what NIST now requires and what sophisticated attackers are doing.

The conversation has evolved from “do you have liveness detection?” to “can you prove the appropriate person is genuinely present at the point of capture AND defeat sophisticated injection attacks?”

What Does NIST Recommend In Their Updated Guidelines?

NIST SP 800-63-4 introduces specific controls that change the game:

• For Identity Assurance Level 2 (IAL2): Organizations using asynchronous remote identity proofing must implement presentation attack detection and analyze media for signatures of AI-generated content and deepfakes.
• For Authentication Assurance Level 2 (AAL2): Authentication systems using facial verification shall implement PAD. Critically, verifiers need to determine the performance and integrity of the sensor and its associated endpoint to detect injection attacks.
• For Federation Assurance Level 2 (FAL2): Systems must protect against forged assertions and injection attacks – specifically “an attacker supplying untrusted media, such as a forged video of a user.”

NIST has drawn a clear line between basic liveness checks and genuine presence assurance that includes protection against injection attacks and forged media.

So, how do you ascertain whether your solution conforms with the updates to the NIST Digital Identity guidelines?

Independent Validation: CEN Standard for IAD

While NIST establishes requirements, industry-standard testing is needed to validate vendor claims beyond self-attestation. That standard now exists: CEN TS 18099 for injection attack detection, the only testing standard specifically designed to test biometric systems’ ability to detect and defeat injection-based threats.

Earlier this year, iProov achieved CEN TS 18099 Level 2 (High) evaluation, awarded by Ingenium Biometric Laboratories, an independent ISO/IEC 17025-accredited lab. We were the first to pass with Ingenium because our architecture was purpose-built to address forged media and injection attacks.

The alignment between NIST guidelines and CEN isn’t coincidental. When two independent authorities converge on the same threat model, one setting new requirements and one providing testing standards, it confirms that injection-based threats are real, sophisticated, and require independently tested defenses. CEN TS 18099 provides objective, third-party support of NIST demands: protection against injection attacks and forged media.

Ask This One Question…

Here’s how to identify AI-threat resilient identity vendors:

“Can you prove a living subject is genuinely present at the point of capture AND protect against a range of sophisticated injection attack methods/instruments?”

Basic liveness detection and physical spoof prevention alone are insufficient to meet NIST guidelines. Proof should come from certification, validated by accredited testing labs. Ensure the vendor can demonstrate:

• How they protect the integrity of the entire data stream and verify sensor/endpoint integrity to detect injection attacks, as NIST recommends
• What standardized testing did they pass for injection attack detection, not just what is claimed 
• Their Impostor Attack Presentation Accept Rate (IAPAR) and how it compares to NIST thresholds.

How iProov’s Architecture Aligns

iProov’s approach combines three layers that directly map to NIST explicit standards:

• Dynamic Liveness® with Flashmark™  technology provides the advanced PAD and IAD that NIST mandates – confirming a real person’s genuine presence in real-time at the point of capture. Flashmark creates unique biometric data for each verification that cannot be replicated, stolen, or reused. We’ve achieved iBeta PAD conformance with ISO/IEC 30107-3 Levels 1 & 2 (0% attack success rate) and FIDO Face Verification Certification, achieving 0% Impostor Attack Presentation Acceptance Rate (IAPAR). 
• iProov’s science-based biometric platform analyzes the entire data stream for signs of injection, replay, and AI-generated media, directly addressing NIST’s requirement to protect against “forged video” and injection attacks. Passing CEN TS 18099, the world’s only standard for Injection Attack Detection. 
• iSOC provides 24/7 threat intelligence and monitoring – the ongoing vigilance that NIST recommends for detecting evolving AI-based threats.

The table below matches evidence of alignment to the specific guidelines: 

This architecture demonstrates how iProov is the first and only vendor to meet the biometric verification requirements included in the new NIST guidelines.

What Happens Next?

The release of NIST SP 800-63-4  is already directly influencing procurement processes.

Security architects need to audit current workflows against these guidelines. Procurement teams and decision-makers need to understand the technological requirements for both PAD and IAD. The blueprint has changed, and organizations are now empowered to ask informed questions of their biometric vendors. 

In our next post in this series, we’ll provide you with a practical framework for auditing your current or prospective biometric solution against NIST SP 800-63-4.

How Does Your Current Identity Verification Measure Up? 

• Use our interactive Liveness Vendor Assessment tool
• Download our free How to Evaluate a Biometric Vendor eBook 
• Book a consultative demo with one of our experts for a specialized consultation.