Tweet chat on proposed changes to digital authentication guidelines

May 16, 1 pm ET use #SP80063

The National Institute of Standards and Technology has proposed significant changes to Special Publication 800-63, which will guide agencies and others in how individuals are authenticated to digital services.

Some of the changes include:

Eliminates level two

Deprecates over the air one-time passcodes

Defines acceptable use of knowledge-based verification

Specifies acceptable password policies

Ends visual-only document inspection for identity proofing at higher levels

The revision are still being digested by identity exerts but it’s time to gets some first blush reactions to the new document. SecureIDNews.com and Re:ID will host a Tweet chat on Monday, May 16 from 1 pm ET to 1:30 pm ET to discuss the revisions. Use #SP80063 to make sure the answers and discussions show up in the Tweet chat as well.

To kick off the discussion we’ll start with the following questions:

What’s the biggest revision to 800-63 and why?

What do you think about the changes in levels?

Is deprecating over the air OTPs the right thing to do?

Is there anything that stands out as significant in the vetting changes?

The draft calls for enabling server-side storage and matching of biometrics. Can this be done securely?

What will be the most hotly debated change?

We’re open to other questions too. Tweet us @Avisian with additional or changes to the questions above.