This is the first in a series of stories about NSTIC Pilots and their application of the Identity Ecosystem Framework in their projects to protect identity.
Today, many Americans expect to be able to conduct their day-to-day lives online, seamlessly and securely. This includes how we engage with the government to request and receive services – things like filing taxes and navigating state-sponsored benefits. The White House’s vision for meeting those expectations – to raise the level of trust associated with the identities of individuals, organizations, networks, services and devices involved in online transactions – established the National Strategy for Trusted Identities in Cyberspace (NIST). From NIST came not only IDESG, but also a series of pilots that are seeding the marketplace with “NSTIC-aligned” solutions, to enhance privacy, security and convenience in online transactions.
One of these projects, co-managed by Massachusetts-based identity solutions company MorphoTrust USA, is piloting the first secure electronic ID (eID). Using biometric facial recognition technology and document authentication technology, the eID establishes a person’s trusted identity by matching their state-issued driver's license or identification card to a “selfie” they’ve submitted. Together with the State of North Carolina and other partners, MorphoTrust is proving that, by strengthening the online identity verification process and minimizing in-person identity proofing requirements, the eID could streamline public services, allowing recipients to access them using only their state-issued I.D. and smartphone. The eID’s value to state efficiency is equally monumental: It could emancipate caseworkers from document collection and the identity verification process; reduce documentation and close opportunities to cheat the system; minimize in-person visits, hours missed from work and child care costs, for applicants and services recipients whom may not have access to reliable transportation; maximize the efficiency of in-person visits to state agencies; and, ultimately, save the taxpayer money.
Anticipating the eID’s value to a wider list of states and government services and building upon its original NSTIC grant, MorphoTrust also has teamed up with government agencies in Georgia and North Carolina, to test the eID’s potential to minimize income tax refund fraud – a massive and growing issue at both the state and federal level. This second pilot aims to empower taxpayers to better protect personally identifiable information and their refund dollars. By opting-in to the service, the taxpayer can require the Departments of Revenue “unlock” their identity, using their eID, before processing their tax return. This equips the taxpayer to recognize, and then authorize or decline, attempts to fraudulently file their return and relieves the state from much of the burden.
While IDESG works from the top down to standardize the way organizations manage consumers’ identities, the NSTIC pilots operate from the ground up – often, beginning at the state level - to empower both the government and the individuals to safely conduct identity transactions online. But implementing large-scale operational and behavioral change, at a bureaucratic level, isn’t exactly easy – especially without the proper foundational systems. Trust frameworks often act as this baseline support: By establishing regular expectations and behavior for online identity management, they build a safe and systematic “playground” to deploy meaningful change.
Many NSTIC Pilots, including those detailed above, are rooted in a trust framework similar to our IDEF. It can be easy to get bogged down by our own day-to-day efforts, so it is satisfying to remember that often we share avenues and tools to reach our overarching goals. We are all united by the common priority of true change, to make the online world a safer, more effective and manageable environment for everyone.