Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

SOFA Talk: Strength of Function for Authenticators Framework Now Open for Comment!

Back in January, NIST's Applied Cybersecurity Division hosted the “Applying Measurement Science in the Identity Ecosystem” workshop. Among the knotty issues under consideration, 220+ participants discussed the concept of measuring the strength of authentication.

Through a combination of input from that workshop and analysis performed by experts (both internal and external to NIST) we have developed a proposed framework that can be used to quantify the security of authentication solutions - and now, we want to hear from you again. I'm happy to announce that the Strength of Function for Authenticators - Biometrics (SOFA-B) Discussion Draft is now open for comment.

SOFA is a proposed framework to evaluate and compare the strength of authentication solutions. SOFA-B is the strength of function for biometric authentication. This was our initial focus due to increased availability of biometric sensors in the consumer space. The SOFA model incorporates three aspects, explained further in the draft: matching performance, presentation attack detection (aka spoof detection), and effort (to break a system).

Ready to get involved? NIST plans for the initial input period to run for 60 days, from October 17th to December 16th. Due to the great success we’ve had with GitHub in the recent past, we are excited to use it again! Direct suggestions or comments can be submitted to GitHub as issues following the directions on the SOFA page or via emails sent to sofa [at] (sofa[at]nist[dot]gov). Comments will likely be added to GitHub to maximize transparency and collaboration, so please note that emailed feedback will be made public.

We can’t wait to hear from you, and thank you for your ongoing participation and contributions in developing the framework. Happy commenting!

Twitter: @NSTICNPO

About the author

Related posts


Add new comment

Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.