The National Institute of Standards and Technology is putting up $10 million to get rid of usernames and passwords.
NIST yesterday released a federal funding opportunity asking for private sector proposals to test the concepts of the National Strategy for Trusted Identities in Cyberspace (NSTIC). The White House introduced the NSTIC in April in an effort to improve online transactions for citizens by, in part, developing alternative online credentials.
NIST is playing the role of convener to develop standards and test concepts. The funding opportunity is the first major step of that process and comes after the agency received $10 million in the fiscal 2012 spending bill for the NSTIC pilot programs.
“We’re looking for innovative approaches that can advance the NSTIC vision and provide a foundation upon which a trusted, user-centric identity ecosystem can be constructed,” said Jeremy Grant, NIST’s senior executive advisor for identity management in a release. “We can help to grow the online economy by enabling the advancement of promising new privacy-enhancing identity solutions – and ways to use them – that do not exist in the marketplace today.”
NIST will fund five-to-eight projects between $1.25 million and $2 million for up to two years. The pilot programs will cover the four principles of NSTIC to make identity management secure, interoperable, privacy-enhancing and cost-effective.
NIST wants proposals to address several areas including:
How to create identity hubs to quickly validate credentials with strong authentication methods meeting agreed upon standards;
How to provide incentives for consumers to use trusted authentication methods in lieu of user IDs and passwords;
How to improve ways to enhance consumer privacy, while simultaneously meeting business and security needs;
How to demonstrate interoperability across various technologies such as smart cards, one-time passwords, or digital certificates.
Proposals are due March 7. NIST will host an industry day Feb. 15 in Washington, D.C.