Tag Archives: identity

Return of the Great Zoltan! Our 800-63 FAQs answer life’s most perplexing questions (about digital identity, anyway).

It’s been more than a month since we released Special Publication 800-63: Digital Identity Guidelines, and we have been thrilled by all the positive feedback – we are glad you like it as much as we do! But we’re also fielding a number of questions. The document included a lot of updates, so it’s only natural that we’ve heard some reoccurring questions from the community. Realizing many have the same questions, we kept track of these and compiled them in a frequently asked questions (FAQs) page. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , | Leave a comment

Looking back on happenings at the IDESG plenary

Last week in New Orleans, the Identity Ecosystem Steering Group (IDESG) launched the Identity Ecosystem Framework (IDEF) Registry and publicly listed the first four organizations to self-attest. At the 17th IDESG plenary meeting, these organizations presented their experiences – emphasizing the business benefit of publicly showcasing their dedication to trusted digital identity solutions. They also shared the ease of self-attestation, thanks to the IDESG’s concierge that assists Registry applicants. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , , | Leave a comment


It’s a little hard to believe, but today marks the 5th anniversary of the NSTIC, the strategy for achieving trusted digital identities in a private sector-led identity ecosystem. Let’s take a glimpse back in time to where we were five years ago:

It’s 2011. Most (79%) American adults use the Internet. The average user needs 10 different passwords for their daily online activity, according to a UK study, and 3 out of 4 Americans don’t use sufficiently strong passwords for their most sensitive accounts. It’s also a year of unprecedented data breaches. In fact, “2011 boasts the second-highest data loss since [Verizon] started keeping track in 2004,” with 855 incidents and 174 million compromised records. Some companies are getting more aggressive in pursuing better security; 2011 is the year Google released two-factor authentication (2FA). While companies are beginning to adopt more secure solutions, they’re still uncommon, even in services with the most sensitive data: in 2011, only 35% of non-Federal short-term care hospitals have the capability for 2FA. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , , , , , , , | 1 Comment

New pilot opportunity: health records + federated identity = a better online experience

Say you’ve just had a procedure done at a hospital. This means new electronic medical records – but it likely also means a new account and yet another password to remember. When your healthcare team includes primary care physicians, dentists, allergists, and more, the number of accounts you have to remember can really add up. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

Save the Date: NSTIC identity proofing, authentication, and attributes workshop – January 2016

We’re thrilled to announce that on January 12-13, 2016, the NSTIC National Program Office, with our colleagues here in NIST’s Information Technology Lab, will hold a technical workshop called ‘Applying Measurement Science in the Identity Ecosystem.’ Participants will collaborate about ways to measure and compare the performance of key solutions in the Identity Ecosystem, specifically:
◾Strength of identity proofing, both remote and in-person;
◾Strength of authentication with a focus on biometrics; and
◾Attribute confidence to assist in effective authorization decision making. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , , , , , , , , , , , , , , | 2 Comments

Come Hang Out With Us to Talk Identity and Innovation in Health Care

Identity is critical to Health Information Technology (HIT), particularly when it comes to sharing health information online. Patients and health providers aren’t going to share personal information if they can’t solve the “identity conundrum” – how to validate that information is going to the right person. Continue reading

Posted in Uncategorized | Tagged , , , , , , , , , | 1 Comment