Get Email UpdatesSign up below to receive free Trusted Identities Group blog updates.
- Return of the Great Zoltan! Our 800-63 FAQs answer life’s most perplexing questions (about digital identity, anyway).
- Mic Drop — Announcing the New Special Publication 800-63 Suite!
- REGISTER NOW – Privacy Risk Assessment: Prerequisite for Privacy Risk Management Workshop
- A minor plot twist: Comment period extended for PART of SP 800-63-3
- Closing time! You don’t have to go home … but you can still comment on draft SP 800-63-3
August 2017 M T W T F S S « Jul 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Tag Archives: standards
Just 15 days remain in the comment period for draft Special Publication (SP) 800-63-3: Digital Identity Guidelines! The document opened for public comment on January 30th and will close on March 31st. Based on the comments we’ve received so far, we don’t expect to extend the deadline, so get to work and submit your comments before closing time! Continue reading
It’s a little hard to believe, but today marks the 5th anniversary of the NSTIC, the strategy for achieving trusted digital identities in a private sector-led identity ecosystem. Let’s take a glimpse back in time to where we were five years ago:
It’s 2011. Most (79%) American adults use the Internet. The average user needs 10 different passwords for their daily online activity, according to a UK study, and 3 out of 4 Americans don’t use sufficiently strong passwords for their most sensitive accounts. It’s also a year of unprecedented data breaches. In fact, “2011 boasts the second-highest data loss since [Verizon] started keeping track in 2004,” with 855 incidents and 174 million compromised records. Some companies are getting more aggressive in pursuing better security; 2011 is the year Google released two-factor authentication (2FA). While companies are beginning to adopt more secure solutions, they’re still uncommon, even in services with the most sensitive data: in 2011, only 35% of non-Federal short-term care hospitals have the capability for 2FA. Continue reading
We’re thrilled to announce that on January 12-13, 2016, the NSTIC National Program Office, with our colleagues here in NIST’s Information Technology Lab, will hold a technical workshop called ‘Applying Measurement Science in the Identity Ecosystem.’ Participants will collaborate about ways to measure and compare the performance of key solutions in the Identity Ecosystem, specifically:
◾Strength of identity proofing, both remote and in-person;
◾Strength of authentication with a focus on biometrics; and
◾Attribute confidence to assist in effective authorization decision making. Continue reading
The Identity Ecosystem Steering Group (IDESG) has been hard at work delivering on version 1 of the Identity Ecosystem Framework (IDEF). This week, the steering group hit a major milestone: meeting a March 16th deadline for developing baseline requirements for the IDEF. While this is a big milestone for the IDESG, it also marks an important moment for private sector stakeholders interested in participating in the Identity Ecosystem (IE), since the upcoming IDEF – due out this summer – will enable individuals and organizations to start using a new generation of more secure, convenient, privacy-enhancing credentials that are interoperable across the internet. Continue reading