Government's password-killer launches three new pilot projects



Written by

The Commerce Department program designed to help kill off the password has awarded grants to three new pilot projects.

The National Strategy for Trusted Identities in Cyberspace, or NSTIC, already has 15 pilots u2013 each designed to offer more secure alternatives to the much derided but still ubiquitous password and login combination as a way of establishing identity on the Web. The pilots are designed to show the potential benefits of more secure online identities and stimulate a marketplace for better ways of logging on.

The three new pilots announced Monday will each focus on a different use case: state income tax returns, online health information and social networking.

MorphoTrust USA, a Massachusetts-based tech firm gets just over $1 million to demonstrate how biometrically verified online driver registration processes can be leveraged to protect state tax payers and prevent refund fraud.

HealthIDx of Alexandria, Virginia, gets more than $800,000 to show how so-called “triple-blind” technology can protect the privacy of users of an online health provider. Users choose a credentialing service that verifies their identity via a third-party ID broker, but neither the credential provider nor the broker knows which medical service users are visiting online and the medical site doesn’t know which credential provider the user has selected.

Finally, Galois Inc. of Portland, Oregon, gets more than $1.8 million to demonstrate how biometric authentication can be used to secure and securely share personal data online.

The 15 existing pilots have dealt with everything from using one-time passwords delivered via SMS to biometric verification via a mobile phone.

NSTIC has also piloted – a one-stop ID shop that enables users to logon securely to multiple government sites without having to develop a different login and password for each of them.