Get Email UpdatesSign up below to receive free Trusted Identities Group blog updates.
- Mic Drop — Announcing the New Special Publication 800-63 Suite!
- REGISTER NOW – Privacy Risk Assessment: Prerequisite for Privacy Risk Management Workshop
- A minor plot twist: Comment period extended for PART of SP 800-63-3
- Closing time! You don’t have to go home … but you can still comment on draft SP 800-63-3
- Build Trust and Verify: New funding opportunity to assess our state pilots!
Author Archives: Mike Garcia
When you think about 2016, the first thing that comes to mind is innovation in the identity ecosystem. That can’t just be us, right? While there has been a host of high-profile bad things that happened in digital identity this year, we try to keep our eyes on the prize. And there’s been a lot of progress toward the long-term goal. Continue reading
As the sun was setting on the thirtieth modern Olympiad in London, NIST was preparing to announce our very first set of NSTIC pilot projects. As the flame goes out in Rio, we’re setting new records. In our largest pilot announcement to date, today NIST is proud to add six new projects to our ranks and bring the total number of projects to 24. Continue reading
It’s a little hard to believe, but today marks the 5th anniversary of the NSTIC, the strategy for achieving trusted digital identities in a private sector-led identity ecosystem. Let’s take a glimpse back in time to where we were five years ago:
It’s 2011. Most (79%) American adults use the Internet. The average user needs 10 different passwords for their daily online activity, according to a UK study, and 3 out of 4 Americans don’t use sufficiently strong passwords for their most sensitive accounts. It’s also a year of unprecedented data breaches. In fact, “2011 boasts the second-highest data loss since [Verizon] started keeping track in 2004,” with 855 incidents and 174 million compromised records. Some companies are getting more aggressive in pursuing better security; 2011 is the year Google released two-factor authentication (2FA). While companies are beginning to adopt more secure solutions, they’re still uncommon, even in services with the most sensitive data: in 2011, only 35% of non-Federal short-term care hospitals have the capability for 2FA. Continue reading
Say you’ve just had a procedure done at a hospital. This means new electronic medical records – but it likely also means a new account and yet another password to remember. When your healthcare team includes primary care physicians, dentists, allergists, and more, the number of accounts you have to remember can really add up. Continue reading
A recent McKinsey report found that the critical drivers of customer satisfaction with state government services are: fast, simple, and efficient processes; the availability of online options for completing interactions; and the transparency of information. Secure and convenient digital access to online state services can make a genuine difference to beneficiaries—that’s why these providers need to both deliver solutions and protect against fraud—while safeguarding personal information from malicious actors. Continue reading
In the NSTIC, the president called for an “overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the Identity Ecosystem.”
Today, I’m proud to announce that the privately-led Identity Ecosystem Steering Group (IDESG) has delivered. Thanks to the incredible dedication of the IDESG’s volunteer membership, version 1 of the Identity Ecosystem Framework (IDEF) is now a final public document. This framework raises the bar for online transactions and substantially advances the Identity Ecosystem. Continue reading
The NSTIC pilots family is growing today with the announcement of three new pilot projects receiving NIST grants! These projects will join the ranks of the 15 active NSTIC pilots and alumni that know all about catalyzing a marketplace of … Continue reading
Today we celebrate the most special of days for the NSTIC National Program Office. Four years ago at the U.S. Chamber of Commerce in Washington, D.C., we released the President’s strategy to enhance the choice, efficiency, security, and privacy of online transactions. As you are seeing this month in our retrospective blog series—two are posted with two more coming—this community has accomplished a great deal in the last four years. It’s clear we’ve come so far…but still have much work to do. Continue reading
The NSTIC NPO has just announced a brand new funding opportunity with a special focus on privacy enhancing technologies. NSTIC is soliciting applications from eligible applicants to pilot privacy-enhancing technologies that embrace and advance the NSTIC vision and contribute to the maturity of the Identity Ecosystem the NSTIC envisions: promote secure, privacy-enhancing, and user-friendly ways to give individuals and organizations convenience in their online interactions. Continue reading