Regional sites:
Specialized sites:
Overuse of this strong identity credential when it is not needed is one
problem to anticipate and avoid. In other words, policy makers should consider
how the current Social Security number became overused, and therefore
overexposed to identity thieves. In short, it was available, convenient and
there were no alternatives.
A better approach is to anticipate the need for multiple "persona" identities and define mechanisms to create them using the federal digital identity credential as an anchor. For example, there are levels of services that do not require the full government digital ID or a high authentication level of an identity. Some can even be relatively anonymous.
An important advantage of a digital identity credential as defined herein is that it can be used to spawn “persona” identities. These are other identity credentials tied to the same individual for specific uses, or even groups of uses. At one end of the spectrum are identities that need high assurance, such as setting up an online banking login or personal electronic health record access.
At the other end of the spectrum are quasi-anonymous, temporary identities that are more about continuity of a persona and less about knowing who that person really is with a high degree of confidence. An example would be establishing a persona for blogging or posting comments.
In the latter case, there continuity in the interaction, hence the need for an online identity; however, since the information value and privacy requirements are low, a low level of trust in the identity is all that is required.
One way to achieve this is to use "identity brokers" in order to make a range of identities available. The identity broker - a bank, health insurance provider, government agency - performs a one-time strong authentication of the identity using the government issued ID credential, and then creates its own identity credential for subsequent use.
This approach leverages the high level of security and authentication of the federally issued digital identity credential, but bakes in a mechanism to avoid overusing it as the Social Security number is today. In cases where a strong identity authentication is needed directly, the government credential can still be used.
|
<< Back to: Proven Security Technology |
Next: Privacy Considerations >> | |
|
<< Back to: Overview |
||
Integrated smart card and fingerprint biometric authentication
AXA Technology Services: Deployment for Microsoft Windows Platform
USB Strong Authentication Tokens and Network Security at Baker Tilly
U.S. accounting and consulting leader’s smart card-based information security program
