Get Email UpdatesSign up below to receive free Trusted Identities Group blog updates.
- A minor plot twist: Comment period extended for PART of SP 800-63-3
- Closing time! You don’t have to go home … but you can still comment on draft SP 800-63-3
- Build Trust and Verify: New funding opportunity to assess our state pilots!
- From public preview to public draft: SP 800-63 is open for comment!
- Making Privacy Concrete (Three Words Not Usually Found Together)
April 2017 M T W T F S S « Mar 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Tag Archives: Identity Ecosystem Framework
Last week in New Orleans, the Identity Ecosystem Steering Group (IDESG) launched the Identity Ecosystem Framework (IDEF) Registry and publicly listed the first four organizations to self-attest. At the 17th IDESG plenary meeting, these organizations presented their experiences – emphasizing the business benefit of publicly showcasing their dedication to trusted digital identity solutions. They also shared the ease of self-attestation, thanks to the IDESG’s concierge that assists Registry applicants. Continue reading
This morning at the Cloud Identity Summit in New Orleans, the IDESG announced the implementation of the IDEF Registry, an online listing service where ecosystem participants can report their self-assessed status against the IDEF baseline requirements. By attesting to these requirements on the Registry, organizations can showcase their commitment to providing trusted digital identity services. It’s a great way for organizations to demonstrate that they have crossed a threshold in the marketplace, addressing mature protections for consumers beyond those minimally required by law. Continue reading
Today, we’re releasing the public preview of draft Special Publication 800-63-3, Digital Authentication Guideline. We’re excited to share the updates we’ve made—along with the new process that enables our stakeholders to more contribute to the document in a more dynamic way. Continue reading
It’s a little hard to believe, but today marks the 5th anniversary of the NSTIC, the strategy for achieving trusted digital identities in a private sector-led identity ecosystem. Let’s take a glimpse back in time to where we were five years ago:
It’s 2011. Most (79%) American adults use the Internet. The average user needs 10 different passwords for their daily online activity, according to a UK study, and 3 out of 4 Americans don’t use sufficiently strong passwords for their most sensitive accounts. It’s also a year of unprecedented data breaches. In fact, “2011 boasts the second-highest data loss since [Verizon] started keeping track in 2004,” with 855 incidents and 174 million compromised records. Some companies are getting more aggressive in pursuing better security; 2011 is the year Google released two-factor authentication (2FA). While companies are beginning to adopt more secure solutions, they’re still uncommon, even in services with the most sensitive data: in 2011, only 35% of non-Federal short-term care hospitals have the capability for 2FA. Continue reading
Happy Data Privacy Day! According to a recent survey of young Americans by Harvard’s Institute of Politics, 65% of respondents said they were “very concerned” about technology companies collecting digital information from their phone or computer. While it’s only January, that level of concern suggests privacy will continue to have a place in the national conversation throughout 2016. Continue reading
A recent McKinsey report found that the critical drivers of customer satisfaction with state government services are: fast, simple, and efficient processes; the availability of online options for completing interactions; and the transparency of information. Secure and convenient digital access to online state services can make a genuine difference to beneficiaries—that’s why these providers need to both deliver solutions and protect against fraud—while safeguarding personal information from malicious actors. Continue reading
In the NSTIC, the president called for an “overarching set of interoperability standards, risk models, privacy and liability policies, requirements, and accountability mechanisms that structure the Identity Ecosystem.”
Today, I’m proud to announce that the privately-led Identity Ecosystem Steering Group (IDESG) has delivered. Thanks to the incredible dedication of the IDESG’s volunteer membership, version 1 of the Identity Ecosystem Framework (IDEF) is now a final public document. This framework raises the bar for online transactions and substantially advances the Identity Ecosystem. Continue reading
When the Identity Ecosystem Steering Group (IDESG) plenary convened last week in Tampa, Florida, attendees meant business. By Friday afternoon, committees had finalized the baseline requirements and supplemental guidance for v1 of the Identity Ecosystem Framework (IDEF). Now the plenary stands in recess with the IDESG on track for a major milestone: completion of the IDEFv1, set for public release on October 20th! Continue reading
It’s certainly too early to spike the ball, but yesterday the Identity Ecosystem Steering Group (IDESG) met another milestone by approving the initial set of baseline requirements for the Identity Ecosystem Framework (IDEF). These requirements are a critical element to building the IDEF—which the IDESG has been chartered to establish and govern. As identified in the NSTIC, successful establishment of the IDEF is a must-have in the ongoing successful development of online commerce, government efficiency, and effective and efficient communication among and between individuals, the private sector, and the public sector. The baseline requirements were developed by IDESG work committees to address minimum requirements for Identity Ecosystem participants in four key areas: privacy, security and resiliency, interoperability, and user experience. These areas align directly with the committee structure of the IDESG and with the Guiding Principles of the NSTIC. Continue reading