The National Institute of Standards and Technology (NIST) has put out a call for industry expertise and technology products that will help support the agency’s Accelerate Adoption of Digital Identities on Mobile Devices project – which has the ultimate aim of creating a digital identification equivalent for use on mobile devices than can replace physical ID cards.
The notice released on August 29 looks to address some of the “challenges identified” in the initial steps of the project which NIST launched in March.
The current solicitation does not carry a formal reply deadline, but NIST said that “collaborative activities will commence as soon as enough completed and signed letters of interest have been returned to address all the necessary components and capabilities.”
“The goal of this project is to define and facilitate a reference architecture(s) for digital identities that protects privacy, is implemented in a secure way, enables equity, is widely adoptable, interoperable, and easy to use,” NIST said.
“NIST is soliciting responses from all sources of relevant security capabilities to enter into [a] National Cybersecurity Center of Excellence (NCCoE) Cooperative Research and Development Agreement (CRADA) to provide technical expertise and products” for the project, states the agency’s notice.
Some of the challenges that the project is focusing on include addressing a lack of guidance and governance for identities on devices, limited capability to evaluate and validate complaints, standards-based deployments, and limited understanding of the privacy and usability considerations, NIST said.
NIST is seeking to achieve three outcomes through its current solicitation:
- “Open-Source Reader Reference Implementation, this will be a freely available tool for testing and evaluating compliance of mobile driver’s license (mDL) implementations with international standards and will be used as part of the demonstration efforts to confirm interoperability of mDL and mdoc applications for use in the lab”;
- “Demonstrations of mDL Use Cases, these will demonstrate end-to-end uses of mDL in attended and over-the-internet use cases”; and
- “Practice Guide, this will capture the lessons of the demonstrations to provide a usable guide for implementing mDLs in attended and over-the- internet scenarios,”
“Digital identities are supplementing and supplanting traditional physical identity cards,” NIST said, citing demand from customers, consumers of services, law enforcement, vendors, suppliers, businesses, and health care entities. “If these digital identities on mobile devices are to meet the demands of varying use cases, there must be technological interoperability, security, and cross- domain trust,” the agency said.
