The National Institute of Standards and Technology (NIST) has put out a call for comment on a revised version of digital identity guidelines which the agency said aim “to ensure security, privacy and accessibility during the identity-proofing process for people accessing government services.”
The draft Digital Identity Guidelines mark the fourth revision of NIST Special Publication (SP) 800-63 and related publications, and incorporate feedback that the agency received last year as part of a separate comment solicitation and a year-long period of stakeholder engagement.
The comment deadline for the latest draft guidelines is Oct. 7. The agency is planning a webinar about the guideline updates for Aug. 28.
NIST said the latest guidelines are “intended to make access to online services both secure and straightforward, regardless of the means by which a person chooses to prove their identity.”
“By incorporating feedback from private industry, federal agencies, privacy and civil rights advocacy groups, and members of the public, NIST has developed strong and fair draft guidelines that, when finalized, will help federal agencies better defend against evolving threats while providing critical benefits and services to the American people, particularly those that need them most,” commented Jason Miller, deputy director for management at the Office of Management and Budget.
He said NIST’s efforts reflect “the Biden-Harris administration’s commitment to strengthening anti-fraud controls while ensuring broad and equitable access to digital services.”
“Everyone should be able to lawfully access government services, regardless of their chosen methods of identification,” said NIST Director Laurie Locascio. “These improved guidelines are intended to help organizations of all kinds manage risk and prevent fraud while ensuring that digital services are lawfully accessible to all.”
“We are trying to make sure we maintain as many pathways as possible to enable secure online access to services,” said Ryan Galluzzo, who is NIST’s Digital Identity Program lead. “We want to open up the use of modern digital pathways while still allowing for physical and manual methods whenever they may be necessary,” he said.
Galluzzo said the latest draft guidelines include more detail about the use of digital wallets, and also how Federal agencies can provide services to people who do not use smart phones and who may not feel comfortable using digital passkeys and wallets.
The new draft guidance also includes information on biometric methods of identity verification including facial recognition, NIST said.