Capabilities
Identity verification for password resets and account recovery
Verify the caller, not the answers
A reset request triggers a verification link to the worker's phone. Document capture plus liveness and face match prove the human — where employee ID, voice, and security questions only prove that someone did their homework.
mDL for the fastest path
Workers with an ISO/IEC 18013-5 mobile driver's license in Apple Wallet or Google Wallet verify in seconds by cryptographic signature. Everyone else scans a physical license and takes a liveness selfie — same signed result, same audit shape.
Built for deskless callers
The link opens in any mobile browser — no app install, no corporate device, no authenticator enrollment. A shared kiosk or supervisor tablet runs the same flow by QR code for workers without a personal smartphone.
How a reset verification flows through the ticket
Configurable per help desk. The default trigger is agent-initiated from the ticket; self-service portals can trigger the same session before showing the reset form.
- Step 01
1. Trigger
The agent (or the self-service portal) creates a verification session by API from the ticket or case. Stile sends the worker a link by SMS or email — whichever contact is on the worker record.
- Step 02
2. Capture
The worker opens the link on their own phone: an mDL from their wallet, or a photo of a government ID, plus a liveness selfie. The worker explicitly approves attribute release before any data leaves their device.
- Step 03
3. Verify
OCR + barcode cross-reference for physical documents; ISO/IEC 18013-5 signature verification for mDL. Liveness scoring and face match against the document portrait, with spoof signals weighed into the decision.
- Step 04
4. Signed assertion
A signed webhook fires with pass/fail and the audit pointer. The ticket gets the result as a work note; the agent unlocks the reset — without ever seeing the document.
Agent view
What the agent sees — and what they never do.
The verification result lands on the ticket; the worker's documents don't. The attribute table is the whole contract: a boolean, an audit pointer, and nothing else enters your ITSM.
Returned to the ticket
Everything below the line stays inside Stile's verification pipeline and is never released to the help desk.
Help-desk scenarios + Stile coverage
The recovery scenarios IT teams most commonly trigger Stile against. Each can be configured independently — different threshold, different escalation path.
| Scenario | What Stile verifies | What's released to the help desk |
|---|---|---|
| Password reset by phone or ticket | Caller against the worker of record — document + liveness + face match | Pass/fail + audit pointer on the ticket |
| MFA re-enrollment after a device change | Fresh session before the new authenticator is trusted | Pass/fail + audit pointer chained to the prior verification |
| Account lockout escalation | The worker at a kiosk or supervisor tablet via QR code | Pass/fail + audit pointer; unlock stays an IT decision |
| Departure / de-provisioning disputes | Fresh session against the claimed identity before account changes | Audit pointer IT can compare against the worker record |
Help-desk identity is the sharpest wedge in the workforce family: account recovery is where impersonation concentrates, because it is the one flow designed to bypass every credential the worker holds. Stile contributes the verification primitive; the reset, unlock, and escalation decisions stay with your IT workflow. Related coverage:
Workforce — the family hub: onboarding day one, contractor access, and kiosk flows on the same primitive.
Identity verification — the underlying capability: document capture, face match, liveness.
Liveness detection — the anti-spoof layer that defeats deepfake selfies and replay attacks.
Digital ID verification — mDL deep dive. Wallet mDL availability varies by state; the document-scan fallback keeps coverage universal.
FAQ
Help-desk identity — buyer questions
Your ServiceNow workflow (or any ITSM) calls the verification-sessions API when the agent clicks a UI action or the self-service portal starts a reset. Stile texts the worker a link and delivers a signed webhook back to your callback; the workflow writes the result to the ticket as a work note and unlocks the next step. Stile ships the API — the ticket-side wiring is a small workflow step your ServiceNow admin owns.
Get started