Smart Card Alliance Identity Council Urges Use Of Smart Cards For Security, Privacy In NSTIC Identity EcosystemSmart Card Alliance Identity Council Urges Use Of Smart Cards For Security, Privacy In NSTIC Identity Ecosystem
White paper reviews NSTIC initiatives and discusses how smart card technology can provide the credentialing capabilities
July 18, 2013
PRINCETON JUNCTION, N.J., July 15, 2013 – Smart card credentials are the best choice for online transactions that require higher levels of security and trust within the National Strategy for Trusted Identities in Cyberspace (NSTIC) identity ecosystem, the Smart Card Alliance Identity Council reports in a new white paper released today.
The "Smart Card Technology and NSTIC Brief" is available at http://www.smartcardalliance.org/pages/publications-smart-card-technology-and-nstic. It reviews the NSTIC initiatives and discusses how smart card technology can provide the advanced credentialing capabilities needed to enable high assurance in the NSTIC identity ecosystem.
"We fully support the NSTIC vision of an environment where people use a secure, interoperable, privacy-enhancing credential to authenticate themselves online for different types of transactions," said Randy Vanderhoof, executive director of the Smart Card Alliance. "As the details of the NSTIC identity ecosystem are still being defined, now is the time to make sure that the fundamental design supports high assurance authentication and leverages smart card technology, the global standard for strong authentication."
The Smart Card Alliance has publicly endorsed the White House's NSTIC initiative, which aims to improve on the credentials currently used to access the Internet and authenticate identity online, and to create and secure a trusted identity ecosystem. By enabling the principles of NSTIC, individuals will no longer have to remember an ever-growing (and potentially insecure) list of user names and passwords to access various online services.
"As our use of the Internet has increased, so has cybercrime, especially identity theft. The NSTIC recognizes that traditional forms of online identity verification are no longer sufficient, and takes on the critical task of better securing our online lives," said Bryan Ichikawa, senior manager, Deloitte & Touche LLP, and chair of the Identity Council. "The goal of this paper is to educate stakeholders on how smart card technology fits many of the guiding principles of the NSTIC, and can meet the challenges presented by a heterogeneous identity framework while providing assurance that transactions are secure."
The white paper details how the use of smart card technology within the NSTIC identity ecosystem offers several advantages:
· The technology is designed to reduce the risk of fraud by minimizing the risk that credentials or tokens are fraudulent.
· Smart cards are deployed around the world for financial services, mobile communications, healthcare, and e-government.
· Smart card technology enables secure identity verification while helping to protect personal privacy.
· Only the cardholder is able to initiate or verify a transaction using a PIN, biometric data, or both.
· Smart card technology-based tokens can store electronic credentials and reduce the risk of the credentials being copied, altered, or hacked.
· Smart card technology-based tokens can hold many different identity credentials and support multiple authentication mechanisms.
Participants involved in the development of the "Smart Card Technology and NSTIC Brief" included: Booz Allen Hamilton; CH2M Hill; Deloitte & Touche LLP; Gemalto; IDmachines; IQ Devices; NXP Semiconductors; Oberthur Technologies; and SecureKey Technologies.
More resources from the Smart Card Alliance Identity Council can be found at http://www.smartcardalliance.org/pages/activities-councils-identity.
About the Identity Council
The Identity Council is focused on promoting best policies and practices concerning person and machine identity, including strong authentication and appropriate authorization across different use cases. Through its activities, the Council encourages the use of digital identities that provide strong authentication across assurance environments through smart credentials--e.g., smart ID cards, mobile devices, enhanced driver's licenses, and other tokens. The Council furthermore encourages the use of smart credentials, secure network protocols, and cryptographic standards in support of digital identities and strong authentication on the Internet.
The Council addresses the challenges of securing identity and develops guidance for organizations so that they can realize the benefits that secure identity delivers. The Council engages a broad set of participants and takes an industry perspective, bringing careful thought, joint planning, and multiple organizational resources to bear on addressing the challenges of securing identity information for proper use.
Additional information on the use of smart card technology for identity applications can be found on the Smart Card Alliance Web site at http://www.smartcardalliance.org.
About the Smart Card Alliance
The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.
Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought. The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America. For more information please visit http://www.smartcard
You May Also Like
Hacking Your Digital Identity: How Cybercriminals Can and Will Get Around Your Authentication MethodsOct 26, 2023
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
Passwords Are Passe: Next Gen Authentication Addresses Today's Threats
How to Deploy Zero Trust for Remote Workforce Security
What Ransomware Groups Look for in Enterprise Victims
How to Use Threat Intelligence to Mitigate Third-Party Risk
Securing the Remote Worker: How to Mitigate Off-Site Cyberattacks