Skip to content
Subject identification verification

Subject Identity Verification

When you receive a privacy request, you are responsible for confirming the identity of the subject to ensure that you do not incorrectly disclose data. To verify an identity, you may only request additional information you already retain about the subject. For example, you can't request a copy of a subject's drivers license if you don't already have this information.

Ethyca recommends using multi-factor authentication (MFA) for identify verification and Fides offers built-in subject identity verifiation via MFA.

Configuring Subject Identity Verification

To enable Subject Identity Verification, you need to:

  1. Configure a messaging service
  2. Configure Fides to use this service for Subject Identity Verification

You may also customize the content of the email that is sent for this purpose. See our guide for configuring email templates to learn more.

Configure a messaging service

The available messaging services for Subject Identity Verification are:

Click on the service you want to configure above to view the setup guide.

Configure Fides

Fides needs to be configured to enable Subject Identity Verification and to use the correct messaging service for this purpose. This can be configured using environment variables or the Fides configuration file.

If you are using property-specific messaging mode, the subject_identity_verification_required ENV var is not needed, and instead you will enable/disable the subject identity template directly in the Admin-UI. See our configuring email templates guide to learn more.

Using the Fides configuration file

To set this in the Fides Configuration file, please locate the variable within the appropriate fides.toml file. To learn more about where to find this file, please see the Fides Configuration guide.

The two variables that must be set are:

[execution]
subject_identity_verification_required = true
 
[notifications]
notification_service_type = "mailgun"

Using environment variables

To configure Subject Identity Verification using Environment variables, please run the following commands from your Fides environment replacing service with the correct setting for your environment. The options are: mailgun, twilio_text, or twilio_email

EXPORT FIDES__EXECUTION__SUBJECT_IDENTITY_VERIFICATION_REQUIRED = true
EXPORT FIDES__NOTIFICATIONS__NOTIFICATION_SERVICE_TYPE = "mailgun"