Identity Applications

• Smart Card Alliance Identity Resources
• Smart Cards and Identity Applications
• Other Identity Resources

Smart Card Alliance Identity Resources

• Assurance Levels Overview and Recommendations

• Benefits of Smart Cards versus Magnetic Stripe Cards for Healthcare Applications

• Best Practices for the Use of RF-Enabled Technology in Identity Management

• The Commercial Identity Verification (CIV) Credential–Leveraging FIPS 201 and the PIV Specifications

• Effective Healthcare Identity Management: A Necessary First Step for Improving U.S. Healthcare Information Systems – A Smart Card Alliance Brief for Government Policy Makers and Other Stakeholders.

• ePassport Frequently Asked Questions

• EPC Gen 2 RFID Tags vs. Contactless Smart Cards: Frequently Asked Questions

• Expert Series Videos: Biometrics, CIV Credential, FICAM, First Responder Authentication Credentials, Healthcare Information Exchange, NSTIC, PIV-I Credentials

• FICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance

• FIPS 201 and Physical Access Control: An Overview of the Impact of FIPS 201 on Federal Physical Access Control Systems

• Healthcare Identity Management: The Foundation for a Secure and Trusted National Health Information Network

• Identifiers and Authentication – Smart Credential Choices to Protect Digital Identity

• Identity Management in Healthcare webinar

• Identity Management Systems, Smart Cards and Privacy

• Medical Identity Theft in Healthcare

• NSTIC Frequently Asked Questions

• Personal Identity Verification Interoperability (PIV-I) for Non-Federal Issuers: Trusted Identities for Citizens across States, Counties, Cities and Businesses

• PIV-I for Non-Federal Issuers Webinar

• Privacy and Secure Identification Systems: The Role of Smart Cards as a Privacy-Enabling Technology

• Privacy, Identity, and the Use of RFID and RF-Enabled Smart Card Technology – A Smart Card Alliance Brief for State and Local Governments

• The REAL ID Act: Why Real ID Cards Should Be Based on Smart Card Technology

• RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

• Smart Card Alliance Comments on NIST Notice of Inquiry (NOI), “Models for a Governance Structure for the National Strategy for Trusted Identities in Cyberspace (NSTIC)

• Smart Card Alliance Identity Council

• Smart Card Alliance Response to WHTI Passport Card Federal Register Notice

• Smart Cards and Biometrics

• Smart Card Technology in Healthcare: Frequently Asked Questions

• Secure Identification Systems: Building a Chain of Trust

• Securing Identity and Enabling Employment Verification: How Do Immigration Reform and Citizen Identification Align?

• The Top 10 Hot Identity Topics

• Western Hemisphere Travel Initiative PASS Card: Recommendations for Using Secure Contactless Technology vs. RFID

Smart Cards and Identity Applications

Smart card technology is currently recognized as the most appropriate technology for identity applications that must meet critical security requirements, including:

• Authenticating the bearer of an identity credential when used in conjunction with personal identification numbers (PINs) or biometric technologies
• Protecting privacy
• Increasing the security of an identity credential
• Implementing identity management controls

Countries around the world use smart cards for secure identity applications. In addition, both government organizations and public corporations (including Microsoft, Sun Microsystems, Chevron, and Boeing) use smart employee ID cards to secure access to physical facilities and computer systems and networks.

Additional information on the use of smart cards for identity applications can be found on the enterprise ID and government application pages and from the Smart Card Alliance Identity Council.

Identity in Cyberspace

U.S. citizens are increasingly using the Internet for sensitive transactions, like banking, mortgage applications, buying and trading stocks, and reviewing healthcare information. Given this, there are very real problems of identity management, privacy and security in cyberspace. Smart card technology (in various form factors including cards, USB tokens and mobile phones) enables strong multi-factor authentication on the Internet.

The Obama administration has recognized the need for stronger online identity authentication and established the National Strategy for Trusted Identities in Cyberspace (NSTIC) initiative. NSTIC broadly defines an Identity Ecosystem that would re-establish trust and better protect online identities. According to the Howard A. Schmidt on the White House blog, “Through the strategy we seek to enable a future where individuals can voluntarily choose to obtain a secure, interoperable, and privacy-enhancing credential (e.g., a smart identity card, a digital certificate on their cell phone, etc.) from a variety of service providers–both public and private–to authenticate themselves online for different types of transactions (e.g., online banking, accessing electronic health records, sending email, etc.).”

Additional information on the use of smart cards for identity applications in cyberspace can be found on the Smart Card Alliance Identity Council page.

Other Identity Resources

• Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance, November 10, 2009. This document provides Federal agencies with architecture and implementation guidance that addresses existing ICAM concerns and issues.
• Federal Information Processing Standard 201 (FIPS 201) Personal Identity Verification (PIV) of Federal Employees and Contractors
• Government Smart Card Handbook
• IDManagement.gov, providing information on Federal identity management activities
• Initiative for Open Authentication (OATH)
• Kantara Initiative
• National Strategy for Trusted Identities in Cyberspace
• Open Identity Exchange (OIX)
• Smart Card Alliance Identity Council
• Smart Card Alliance Physical Access Council