Tired of passwords? I am. Update on NSTIC.

Published on April 27, 2013 By DrJBHL In Personal Computing

Let’s face it. Despite LastPass (which has been hacked in the past) and all the other password managers, there’s just got to be a better way.

About 70% of folks would rather have a single, go to multi-purpose identity verifyer instead of having the hassle of dealing with multiple passwords. The study below is worth a glance (41 pages). It was multinational, and covered a wide range of ages (18-65+).

(http://www.ponemon.org/local/upload/file/NokNokWP_FINAL_3.pdf)

The big difference was in the U.S. the surveyed preferred using a mobile device (like a fob of some sort), the U'.K. a smart card and Germans preferred biometric devices. I’ve written about EyeVerify here. Most users feel the methods used by online banks is trustworthy. The good news is that most folks are willing to try something new, provided they are assured the method is secure. Back in 2010-2011, the administration there were plans to convene industry workshops to work on this. The initial policy statement is here. Not everyone agreed with this. For example, Mark Gibbs. COICA (The Combating Online Infringement and Counterfeits Act) never got voted on. One good summary of why it wasn’t good legislation can be found here.

Since then, NSTIC has progressed and the first of five trial runs has been run. This is a major milestone.

“In addition to piloting the use of strong authentication credentials, Daon's pilot also focuses on the movement of relying party partners to external identity providers and trust frameworks as well as cross-sector credential interoperability. Following AAAE, other partners scheduled to go live include AARP, PayPal, Purdue University and a major bank…"TrustX (and the IdentityX technology it uses) enable organizations to conduct transactions of consequence online with confidence in the identity of the person they are interacting with," said Tom Grissen, CEO of Daon. "It is a proven technology that allows individuals to easily and securely assert their identity using any device, anytime and anywhere. We are happy to facilitate AAAE's transition to strong and convenient online authentication." ” - http://www.marketwatch.com/story/first-nstic-pilot-goes-live-with-secure-online-identity-verification-via-smartphone-2013-03-08

So, a better and supposedly more secure way of doing business is coming along.

Just keeping you up to date on this very important topic.

Comments

WebGizmos

on Apr 27, 2013

Welcome Guest! Please take the time to register with us.
There are many great features available to you once you register, including:

Richer content, access to many features that are disabled for guests like commenting on the forums.
Access to a great community, with a massive database of many, many areas of interest.
Access to contests & subscription offers like exclusive emails.
It's simple, and FREE!