Imagine--one secure credential that you can use to shop online, bank, even get quick information about what to do during natural disasters or other emergencies.
Good idea? The Obama administration thinks so and announced a plan on Friday to achieve it.
It’s a little thin on details, but the National Strategy for Trusted Identities in Cyberspace envisions a day when people conducting online activity no longer have to rely on passwords, which can be hard to remember or can be hacked.
Instead, people will be able to get a secure credential in the form of a smart card or a USB thumb drive, which will carry their personal information and can be used to authenticate their identity online.
It is expected to take several years to bring to reality, as the government and private companies have to come up with standards for technology and ensure that privacy protections are in place.
The plan is sure to raise concerns, because some (or many) individuals will be hesitant to turn their personal information over to the government or a private service in order to get a secure credential. But the plan emphasizes that nobody will be required to have a secure credential to conduct online activity.
Obama administration officials believe that a credential with built-in privacy protections will benefit individuals and businesses. For example, one could buy a sweater online without having to open an account with a retailer. Businesses would not have to invest in a proprietary system to manage user accounts.
“The strategy aims to make online transactions more trustworthy, thereby giving businesses and consumers more confidence in conducting business online,” the Commerce Department wrote in a description of the plan.
“Consumers who want to participate will be able to obtain a single credential--such as a unique piece of software on a smart phone, a smart card, or a token that generates a onetime digital password,” the statement said. “Instead of having to remember dozens of passwords, the consumer can use their single credential to log into any website, with more security than passwords alone provide.”
The plan envisions no one central database of information. “Consumers can use their credential to prove their identity when they're carrying out sensitive transactions, like banking, and can stay anonymous when they are not,” according to the Commerce Department statement.
The government also sees public-safety advantages by developing the new model. For example, the plan envisions a scenario in which a major national emergency erupts on a U.S. coastline and a call for support results in an influx of first responders coming to the location.
“A federal agency is tracking the event using their global satellite network, and can share detailed information to state and local officials, utility providers, and emergency first responders from all over the country,” the statement added. “Each participant in the information exchange uses an interoperable credential issued by his employer to log into the information-sharing portal. The portal automatically directs responders to information relevant to them based on their duties and affiliated organization.”
The administration plans to hold a series of workshops across the country with private companies, civil-liberties advocates, and government officials in the coming months to work on developing the model. Officials expect to begin testing technology in fiscal 2012.
Want to stay ahead of the curve? Sign up for National Journal’s AM & PM Must Reads. News and analysis to ensure you don’t miss a thing.
Leave a Comment