U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Insights

a NIST blog

BREAKING NEWS: NSTIC NPO Announces 2015 Pilot Project Funding

By: Jeremy Grant

Share

The NSTIC NPO has just announced a 4th round of pilot program funding in 2015 for fresh and innovative identity solutions! The Strategy calls for the private sector to lead the development of an identity ecosystem where individuals can choose from a variety of credentials to use in lieu of passwords for interactions online. These pilots will ultimately address barriers to the identity ecosystem and seed the marketplace with “NSTIC-aligned” solutions to enhance privacy, security, and convenience in online transactions. We are excited to share this news with innovators of all kinds so they will apply for funding in order to address the toughest challenges in identity management. Pilots should create and demonstrate solutions that can help jumpstart the adoption of trusted strong authentication technologies in lieu of passwords, in alignment with the NSTIC.

Specifically, we are seeking to fund pilots that address challenges such as:

  • Concerns about the impact on privacy and civil liberties arising from the crossing of contextual boundaries and the capacity for more tracking and profiling inherent in federated identity solutions
  • The usability of strong authentication technologies
  • Balancing transparency to individual users and ease-of-use
  • Building security, privacy, and usability into commonly used architectures (e.g., RESTful API architectures) to manage access to personal data
  • Limited deployment of successful trust frameworks—especially addressing multiple sectors
  • Lack of commonly accepted technical standards for interoperability among solutions
  • Lack of strong authentication solutions that can be used across multiple sectors and relying parties (RPs)
  • Lack of clarity on liability and other complex economic issues (e.g., “who is liable if something goes wrong in a transaction?”  “How – if at all – should transactions be monetized?”)

The NSTIC pilot program was first launched in 2012, and to date has provided approximately $30 million for innovative identity projects.

For more details about the pilot program (along with deadlines and submission information), please visit http://go.usa.gov/3qEjV. Feel free to also share this important news with anyone you think may be interested!

Helpful information:

Follow the NSTIC NPO on Twitter for the latest updates.

Partnerships

About the author

Related posts

Comments

Hitoshi Kokumai on February 18, 2015 3:24 AM

Permalink
Some people shout that the password is dead or should be killed dead. The password could be killed, however, only when there is an alternative to the password. Something belonging to the password(PIN, passphrase, etc)and something dependent on the password (ID federations, 2/multi-factor, etc) cannot be the alternative to the password. Neither can be something that has to be used together with the password (biometrics, auto-login, etc).  It is not easy to expect biometrics solutions to displace the password; Biometrics would help for better security only when it is operated together with another factor by AND/Conjunction (we need to go through both of the two), not when operated with another factor by OR/Disjunction (we need only to go through either one of the two) as in the cases of Touch ID and many other biometric products on the market which require a backup/fallback password. It is obvious, anyway, that the conventional alphanumeric password alone can no longer sustain the demand and we urgently need a successor to it, which should be found from among the broader family of the passwords and the likes. At the root of the password headache is the cognitive phenomena called “interference of memory”, by which we cannot firmly remember more than 5 text passwords on average. What worries us is not the password, but the textual password. The textual memory is only a small part of what we remember. We could think of making use of the larger part of our memory that is less subject to interference of memory. More attention could be paid to the efforts of expanding the password system to include images, particularly KNOWN images, as well as conventional texts. Should you be interested in this discussion, please have a look at "Identity Assurance & Expanded Password System" posted at https://www.linkedin.com/today/author/141508358?trk=pulse-det-athr_posts

Add new comment

CAPTCHA
Image CAPTCHA
Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.