Identity Council

The concept of a secure identity has become a critically important issue for citizens, governments, enterprises and any organization that determines rights and privileges for individuals. Identity is important when determining voting rights, allowing access to buildings and computer systems as well as issuing driving privileges, authorizing financial transactions, obtaining medical services, enabling travel and facilitating many other aspects of life. Identity and identification documents are factors in crimes involving identity fraud that cause sizable financial loss and can be misused as tools of terrorism. Both the ability to obtain or create credible counterfeit documents and the ability to obtain genuine ones under false pretenses are threats to identity security.

The Identity Council is focused on promoting best policies and practices concerning person and machine identity, including strong authentication and the appropriate authorization across different use cases. Through its activities the Council encourages the use of digital identities that provide strong authentication across assurance environments through smart credentials – e.g., smart ID cards, mobile devices, enhanced driver’s licenses, and other tokens. The Council furthermore encourages the use of smart credentials, secure network protocols and cryptographic standards in support of digital identities and strong authentication on the Internet.

The Council addresses the challenges of securing identity and develops guidance for organizations so that they can realize the benefits that secure identity delivers. The Council engages a broad set of participants and takes an industry perspective, bringing careful thought, joint planning, and multiple organization resources to bear on addressing the challenges of securing identity information for proper use.

The Council works on projects to raise awareness of the issues that organizations and the public face in implementing and using identity systems and to promote the use of the appropriate policies, procedures and technologies to solve these issues. Council activities include:

• Developing white papers and briefings on key identity topics to provide educational resources to public and private sectors
• Developing industry positions on key identity issues and offering perspectives on solutions.
• Providing guidance and best practices in support of the U.S. National Strategy for Trusted Identities in Cyberspace (NSTIC).
• Maintaining an active, public voice on identity topics, promoting the positive aspects of identity technology solutions and responding to reports that contain misinformation about identity technology.

Download description of Council mission, activities and membership

Identity Council Resources

• Assurance Levels Overview and Recommendations, Smart Card Alliance Identity Council position paper, March 2010

• Best Practices for the Use of RF-Enabled Technology in Identity Management, January 2007

• Comments on National Strategy for Trusted Identities in Cyberspace, Smart Card Alliance comments, submitted July 13, 2010

• Effective Healthcare Identity Management: A Necessary First Step for Improving U.S. Healthcare Information Systems – A Smart Card Alliance Brief for Government Policy Makers and Other Stakeholders, Smart Card Alliance Healthcare Council and Identity Council brief, March 2009

• Emergency Response Official Credentials: An Approach to Attain Trust in Credentials across Multiple Jurisdictions for Disaster Response and Recovery, October 2008

• ePassport Frequently Asked Questions, March 2009

• Expert Series Videos: Biometrics, Commercial Identity Verification (PIV), FICAM, First Responder Authentication Credentials, NSTIC, PIV-Interoperable Credentials

• EPC Gen 2 RFID Tags vs. Contactless Smart Cards: Frequently Asked Questions, Identity Council FAQ, June 2006

• FICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance, Smart Card Alliance Identity Council and Physical Access Council summary, May 2010

• Healthcare Identity Management: The Foundation for a Secure and Trusted National Health Information Network, Smart Card Alliance Healthcare Council and Identity Council brief, September 2009

• Identifiers and Authentication – Smart Credential Choices to Protect Digital Identity, Smart Card Alliance Identity Council position paper, September 2009

• Identity and Smart Card Technology and Application Glossary, April 2007

• Identity Management in Healthcare, Smart Card Alliance Healthcare Council webinar, September 22, 2009

• Identity Management Systems, Smart Cards and Privacy

• Interoperable Identity Credentials for the Air Transport Industry, October 2008

• Medical Identity Theft in Healthcare, Smart Card Alliance Healthcare Council brief, March 2010

• Medical Identity Theft, Smart Card Alliance Healthcare Council webinar, June 8, 2010

• Mobile Devices and Identity Applications, Smart Card Alliance Identity Council white paper, September 2012

• NSTIC Frequently Asked Questions, August 2011

• Personal Identity Verification Interoperable (PIV-I): A Secure ID Credential for Non-Federal Issuers slide show

• Personal Identity Verification Interoperability (PIV-I) for Non-Federal Issuers: Trusted Identities for Citizens across States, Counties, Cities and Businesses, Physical Access Council and Identity Council white paper, February 2011

• PIV Card/Reader Challenges with Physical Access Control Systems: A Field Troubleshooting Guide, Access Control Council and Identity Council white paper, October 2012

• PIV-I for Non-Federal Issuers Webinar, NASCIO and Smart Card Alliance webinar, March 17, 2011

• PIV-Interoperable Credential Case Studies, Smart Card Alliance Identity Council white paper, February 2012

• Privacy and Secure Identification Systems: The Role of Smart Cards as a Privacy-Enabling Technology

• Privacy, Identity, and the Use of RFID and RF-Enabled Smart Card Technology – A Smart Card Alliance Brief for State and Local Governments, February 2009

• Questions and Answers about the Proposed Use of RFID for U.S. Border Crossing Documents, November 2007

• RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards, February 2007

• Secure Identification Systems: Building a Chain of Trust

• Securing Identity and Enabling Employment Verification: How Do Immigration Reform and Citizen Identification Align?, Smart Card Alliance Identity Council position paper, May 2010

• Smart Card Alliance Comments on NIST Notice of Inquiry (NOI), “Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace (NSTIC), Smart Card Alliance Identity Council comments submitted to NIST, July 21, 2011

• Smart Card Alliance Response to DHS REAL ID NPRM Federal Register Notice, Identity Council position paper, May 2007

• Smart Card Alliance Response to WHTI Passport Card Federal Register Notice, Identity Council position paper, November 2006

• Smart Card Alliance white papers on secure identity applications

• Smart Card Technology in Healthcare: Frequently Asked Questions, Smart Card Alliance Healthcare Council and Identity Council document, May 2009

• Smart Card Technology: The Right Choice for REAL ID, January 2008

• Smart Card Technology and the National Cybersecurity Strategy slide show

• Statement on DHS/State Pilots for Enhanced Driver’s Licenses, April 2007

• Statement on ePassport Security, August 7, 2007

• The Consequences to Citizen Privacy and National Security in Adopting RFID Technology for Border Crossing Identity Documents, October 2007

• The REAL ID Act: Why Real ID Cards Should Be Based on Smart Card Technology, Identity Council position paper, July 2006

• Top 10 Hot Identity Topics, Identity Council white paper, February, 2006

• Using FIPS 201 and the PIV Card for the Corporate Enterprise, October 2008

• Western Hemisphere Travel Initiative PASS Card: Recommendations for Using Secure Contactless Technology vs. RFID, Identity Council position paper, June 2006

Identity Council Activities

The Council is currently working on projects to raise awareness of the issues that organizations and the public face in implementing and using identity systems and to promote the use of the appropriate technologies to solve these issues. Council activities include:

• Developing white papers and briefings on key identity topics to provide educational resources to the industry.

• Developing industry positions on key identity issues and offering perspectives on solutions.

• Maintaining an active, public voice on identity topics, promoting the positive aspects of identity technology solutions and responding to reports that contain misinformation about identity technology.

Council Management

The Council is managed by a steering committee composed of a cross section of the financial payments industry and contactless smart chip technology vendors. Steering Committee officers are:

• Chair: Bryan Ichikawa, Deloitte & Touche LLP
• Vice chair: Neville Pattinson, Gemalto
• Secretary: Salvatore D’Agostino, IDmachines

Current steering committee members are:

• Salvatore D’Agostino, IDmachines
• Frazier Evans, Booz Allen Hamilton
• Chris Gardner, SecureKey Technologies
• Bryan Ichikawa, Deloitte & Touche LLP
• Don Malloy, NagraID Security
• Neville Pattinson, Gemalto
• Steve Rogers, IQ Devices
• Chris Williams, SAIC

Council Membership

The Identity Council is one of several Smart Card Alliance Technology and Industry Councils. Council participation is open to any Smart Card Alliance member who wishes to contribute to the Council projects.

The Smart Card Alliance recognizes the top three individual contributors in each of the industry councils and the council “honor roll” – the individuals who were leading contributors and participants in the council projects and activities.

• 2012 Council Honor Roll

Smart Card Alliance members who are active in the Identity Council include:

• 3M Cogent, Inc.
• ABnote Group
• Accenture
• Athena Smartcard Solutions
• Booz Allen Hamilton
• CertiPath LLC
• Consult Hyperion
• CPI Card Group
• Cryptography Research, Inc.
• CSC
• Dale Laszig
• Datacard Group
• Deloitte & Touche LLP
• Diebold Security
• Eid Passport Inc.
• ENTRUST
• Exponent
• Fiserv
• Gemalto
• General Services Administration
• Giesecke & Devrient
• HID Global
• HP Enterprise Services
• IDenticard
• Identification Technology Partners
• Identive Group
• IDmachines
• Infineon Technologies
• Infogard
• IQ Devices
• L-1 Identity Solutions
• Lenel Systems International
• MAGICARD - Ultra Electronics
• Multos International
• NagraID Security
• NIST
• NXP Semiconductors
• Oberthur Technologies
• Probaris, Inc.
• SafeNet, Inc.
• SAIC
• SecureKey Technologies
• Tyco Software House
• U.S. Department of Defense/DMDC
• XTec, Incorporated