Members Of Congress Briefed By Smart Card Alliance, Secure ID Coalition

Original article found on Security Products's website (http://www.secprodonline.com)

The Smart Card Alliance and Secure ID Coalition briefed members of Congress and staff in July about the best practices and standards for secure and private identity credentials.

“There is a critical need to secure identity documents not only to verify people are who they claim to be, but also to ensure personal information is secure and citizen privacy is protected,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “Government officials need to be aware of how to maximize security while maintaining the principles of good privacy protection and disclosure for the citizens who often have little choice in what type of credential they are issued. Nothing is more personal or valuable than one’s identity; therefore, it is the government’s responsibility to manage it properly.”

Identity documents are utilized in many different areas including: financial services, border security, driver’s licenses, employee credentials, e-government authentication and immigration.

“As the government examines initiatives such as REAL ID, the Western Hemisphere Travel Initiative (WHTI) and immigration visa programs it is imperative that they understand the use of technology to implement these types of programs in the most secure manner,” said Kelli Emerick, executive director of the Secure ID Coalition. “There is a lot of confusion about secure smart credentials, and we are here to show Congress the best way to use this technology for identity.”

The Smart Card Alliance and Secure ID Coalition advocate best practices for use of technology to verify identity. Specifically, that an organization’s requirements for safety and security must be balanced against the genuine desire to protect the privacy of the individuals whose identities need to be verified. This requirement -- how to identify people unequivocally while also protecting their privacy -- must shape every discussion of how to design, build or implement a new, secure, identity management system.

In addition, the ID technology used must be one that can both facilitate and reinforce the system’s privacy and security design and goals. Many ID or badging systems currently rely on technologies such as magnetic stripes or bar codes. Such technologies are no longer appropriate, since it cannot meet the requirement to provide strong security while guarding privacy. IDs based on these technologies are tamper-prone, can easily be counterfeited and provide little or no protection for the information they carry. IDs that use the strong security features contained in smart card technology, like anti-tampering and protection against unauthorized access to personal information, can enhance privacy protection in a well-designed and properly implemented system.

Click here for original story.

No comments: