Kantara Initiative announced today that the United States General Services Administration (GSA) is joining Kantara and plans to put its Login.gov service through the Kantara assurance and approval program based on third-party assessment against the requirements detailed in the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-63-3 Digital Identity Guidelines.
“NIST SP 800-63-3 is focused on modernizing the policy in keeping with rising threat levels for identity proofing, verification and authentication whilst also improving privacy in the overall digital user experience,” said Colin Wallis, Executive Director, Kantara Initiative. “Kantara has developed assessment criteria against each of 63-3’s normative requirements to drive consistency in assessments of applicable credential service providers (CSPs) done by Kantara 3rd party accredited assessors. Consistency in assessments drives long term integrity in Kantara’s Trust Framework and Trust Marks internationally, thereby building trust and confidence for all stakeholders in the wider digital economy.”
With the GSA’s oversight, Login.gov provides simple, secure, private access to participating US government digital services online. A single privacy-aware login.gov account can sign-in to multiple government agencies making managing federal benefits, services and applications easier and more secure for the public. Login.gov is used by over 60 applications at 17 agencies including the Department of Defense, Department of Homeland Security, Department of Energy and the Executive Office of the President. To date, over 25 million people have signed up to use login.gov.
Kantara is one of the leading global consortiums improving trustworthy use of identity and personal data through innovation, standardization and good practice. It provides third party assessment against the NIST SP 800-63-3 for identity proofing and authentication. US Government agencies are required to follow NIST guidelines and independent, external assessment is acknowledged as best practice to demonstrate NIST standards compliance.
Kantara was authorized as a US Government Trust Framework provider to the GSA’s then FICAM Trust Framework Solutions (TFS) program in 2011 and works with governments and standards-bodies internationally to align its Trust Mark program for multi-jurisdictional adoption. Kantara is one of the premier Trust Framework Providers aligned with the US National Strategy for Trusted Identities in Cyberspace (NSTIC) program as well as similar initiatives outside the US.
NIST SP 800-63-3
NIST SP 800-63-3 is the set of prevailing digital identity guidelines to which US Federal agencies implementing identity verification and authentication must comply. It also serves as a widely-recognized benchmark for any organization or business wishing to implement identity verification and authentication services, both internationally as well as within the US.
About Kantara Initiative Trust Framework
Kantara Initiative’s Trust Framework Operations and Identity Assurance program is the industry leading program that accredits Assessors and approves Credential Service Providers (CSPs). The program offers three Classes of Approval that enable CSPs to seek approval of their Identity and Credential Management Services as meeting NIST 800-63 rev.3 requirements. By design, Kantara’s IAF can be applied to a range of standards-derived schemes and classes of approval to verify an organization’s conformance, including NIST SP 800-63-3.
About Kantara Initiative
The Kantara Initiative is one of the leading global consortiums improving trustworthy use of digital identity and personal data through innovation, standardization and good practice. Kantara provides real-world innovation through its development of specifications, applied R&D and conformity assessment programs for the digital identity and personal data ecosystems. More information is available at https://kantarainitiative.org/
Follow Kantara Initiative on Twitter — @KantaraNews