NIST Revises Guidelines for Digital Identification in Federal Systems

Security of ID from NIST

 NIST Revises Guidelines for Digital Identification in Federal Systems

U.S. National Institute of Standards and Technology

December 16, 2022

The U.S. National Institute of Standards and Technology (NIST) has drafted revised federal guidelines that support risk-informed management of Americans' digital identities. The draft publication encompasses technical requirements for establishing and authenticating digital identities of individuals, including employees of government contractors or members of the general public. They cover privacy requirements, factors for cultivating equity and usability of digital identity solutions, and supporting technologies and protocols, with risks faced by individuals accessing services and by service-providing organizations considered in parallel. Updates include a section on biometric information usage for identity proofing; more phishing-resistant authentication methods; and recommendations for sharing/exchanging user identity information between different systems. NIST's Laurie E. Locascio said the guidelines are designed to "get the right services to the right people while preventing fraud, preserving privacy, fostering equity, and delivering high-quality, usable services to all."