FB pixel

Oversight body lists risks for the US’ mired Login.gov project

| Jim Nash
Categories Access Control  |  Biometrics News  |  Government Services
Oversight body lists risks for the US’ mired Login.gov project
 

The U.S. government’s Login.gov program continues to provide lessons to review for future public administration, public policy and digital identity students.

Officials from a Department Treasury’s inspector general’s office, a watchdog agency, last month published a significantly redacted 20-page memo (largely a timeline) recounting the Internal Revenue Service sign-on travails.

The memo is one of the more unflattering portraits of government, generally, and digital ID and access management by government, specifically. It very much is worth the time to read. Trade publication Nextgov/FCW has a good summary of the timeline and results.

The single sign-on program Login.gov has proved problematic in Washington. At the same time, the program is entangled with the federal government’s unpopular, tentative and sometimes chaotic efforts to add facial recognition as an anti-fraud tool.

Inspector general staff reviewed events and communications occurring between June 2019 and last July and circled three unresolved security risk, only two of which have been made public.

Login.gov is not yet in compliance with Identity Assurance Level 2, devised by the National Institute of Standards and Technology.

IAL2 is met when a process can use evidence to support someone’s claimed identity and verifies an applicant remotely (with biometrics) or physically. And attributes can be asserted by a credential service provider to relying parties.

Another risk hangs on Login.gov’s not fully implanting specific controls. These controls would improve the program’s anti-fraud functions, which are mandated by the Office of Management and Budget.

The third risk is largely redacted, but still bodes no good. There are potentially fraudulent activities by an unknown actor that should be investigated.

The response by the Treasury Department, a brief memo from the deputy commissioner for operations support says nothing more than officials appreciate the inspector general’s efforts and that protecting taxpayer data is a top priority.

Related Posts

Article Topics

 |   |   |   |   |   |   | 

Latest Biometrics News

 

Ring and Flock call off integration as scrutiny of camera-to-police partnership intensifies

Amazon-owned Ring and Flock Safety have canceled their planned partnership, stepping back from an integration that would have linked one…

 

MOSIP pursues democratization of digital identity with unconference conversations

A democratic vision of digital identity is central to the non-profit, open-source mandate of MOSIP. As the organization and the…

 

Liveness is king: FaceTec’s Jay Meier in conversation with Chris Burt 

It’s best, says Jay Meier, to think about identity management as a system of symbiotic systems. Which is to say,…

 

Ofcom fines Kick, threatens 4chan as OSA enforcement steadily dials up

UK regulator Ofcom has faced criticism for being too slow and lenient with its power to enforce the Online Safety…

 

Innovatrics, ROC improve rankings in NIST ELFT, rising to 2 and 3 respectively

Innovatrics is celebrating success in the latest National Institute of Standards and Technology (NIST) Evaluation of Latent Fingerprint Technologies (ELFT)…

 

Meta plans launch of facial recognition to smart glasses in ‘dynamic political environment’

Meta is reportedly planning to roll out facial recognition capabilities for its smart glasses as early as this year, taking…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Continue Reading

Biometric Market Analysis and Buyer's Guides

Most Viewed This Week

Featured Company

Learn More

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events