Identity Management

Individual Business

Login(or register a new account) with a high LOA business identity provider or get started with a social provider and ratchet up your business identity assurance level later.

Login with or Register with

* Click a logo to log in
  • Github
  • Email
* Click a logo to log in
* Click a logo to log in
  • No LOA2 providers were added yet, but we expect some major banks here.
* Click a logo to log in
  • Vanguard

Software Providers

Lorem Ipsum is simply dummy text of the printing and typesetting industry lorem Ipsum has been the industry's standard dummy text.

Register your OIDC IDP so your customer can self manage their CompanyBook Entry

Get Started

Get bulk updated keys so that you can manage company Book records on behalf of your customers

Get Started

We rely on authentication from 3rd party identity providers (IDPs) to make sure that users are who they claim to be, and that the appropriate consent to edit published business metadata has been obtaind. This page lists 3rd party identity providers that can be used to gain access.

Levels of Assurance

Not all identity providers can assure identity with the same confidence. The national e-Invoicing framework classify identity providers into 4 different "levels of assurance" (LOA), based on certification and regulatory frameworks.

Higher LOA identitiy providers can be used to overrule identity claims that have been made with lower LOA identity providers.

LOA-3: Government-provided business identity

There is currently no LOA-3 identity providers for business-to-business use (Commonwealth Government service with "root authority" due to a legislative head of power). A LOA-3 business identity service is anticiapted, perhaps within the next 12 months.

LOA-2: Regulated commercial identity services

LOA-2 identity services could be provided by any organisation that is subject to "Know Your Customer" regulations. This is the mechanism used in the banking sector for to establish ownership of financial assets and obligations. Licenced banks and financial services providers are capable of providing a LOA-2 identity service.

These LOA-2 Identity Provider services can be used to access Companybook:

  • TODO, link to TradeLedger service

LOA-1: Certified, non-regulated identity providers

The Australian Digital Business Council, an industry group consulting to Government on the national e-Invoicing framework and broader digital procure-to-pay isues, may at some stage undertake to certify and self-regulate an identity provider service that, while not subject to the same regulatory oversignt as banks, should be able to assert business identity based on "known commercial relationships" with member organisations.

If this comes to fruition, it will provide a weaker but adequate LOA for the purpose of maintaining maintain business metadata.

LOA-0: Social identity providers

There are many identity services online, for example associated with social media, email addresses and internet domain name registrations. These provide very weak identity assurance, essentially equivalent to a self-assertion of identities.

They can however constitute evidence of participation in society, so they can contribute to the mosaic of identifying information about a business. Also, a linked collection of identity aliases is at least as strong as the strongest identity in the group. This means linking LOA-0 identities to LOA-1, LOA-2 or LOA-3 identities has the potential to increase trust in businesses when they exchange email, publish online or interact with social media.

Some LOA-0 platforms also provide robust credentials (for example two factor authentication). Robust LOA-0 credentials, when linked to a stronger identifier, can provide a convenient access control mechanism.