Mobile, Online and Healthcare Identity Security Challenges Can be Solved With Smart Card Technology, Speakers Agree at Smart Card Alliance Government Conference

Mobile, Online and Healthcare Identity Security Challenges Can be Solved With Smart Card Technology, Speakers Agree at Smart Card Alliance Government Conference

11th Annual Smart Card Alliance Government Conference, Washington, D.C., November 29, 2012–Advances in technology mean more digital and mobile lifestyles that bring identity and security challenges to government, enterprise and healthcare markets–challenges that can be solved with smart card technology, speakers said yesterday at the 11th Annual Smart Card Alliance Government Conference. The conference, known as the leading event for ID security, is being held through today at the Walter E. Washington Convention Center in Washington, DC.

National Identity Management
National identity ecosystems were the topic as Jeremy Grant, senior executive advisor for Identity Management for NIST and Pierre Boucher, deputy chief information officer for the Government of Canada, took the stage for their keynote presentations.

Grant updated the audience on the progress of the proposed U.S. identity ecosystem, the National Strategy for Trusted Identities in Cyberspace (NSTIC), for which he heads the program office. The need for better online identity security is clear, Grant said, citing an annual 2011 Verizon/Secret Service data breach study that said 6 out of the 7 top methods for cyberattacks involved targeting weak passwords, while the number of Americans affected by data breaches rose by 67 percent, and the total cost of data breaches was 37 billion dollars.

Grant said implementation of NSTIC is progressing at “a tremendous pace,” with 5 pilot projects awarded in 2012, and two more rounds of pilot awards, including one with the public sector focused on solutions for benefits delivery, are planned for 2013. With regard to smart cards, Grant said that they have a very important role in the identity ecosystem, and “when it comes to impact on security, smart card technology has very few peers.” As far as what solutions would “stick” within the NSTIC, Grant said those that would compel consumer use the most are the most likely candidates.

Boucher talked of another national identity ecosystem–in Canada–that focuses on enabling trust and confidence in interactions between the public and government. Boucher’s project will span over several phases, with the first being complete: the federation of online identity services. Federation, according to Boucher, “is a stepping stone toward achieving a citizen-centric model.”

Canadian citizens now have two options available if they wish to create a trusted online identity. The first is through their financial institution who acts as a credential broker. Using the banking authentication service and an NFC-enabled credit/identity card as a credential, Canadians can gain secure and authenticated access to government services. With three banks on board, this option can already serve 10 million consumers. The second option is to use a government-branded credential service called GCKey. Through either method, Canadian citizens can use the same authentication methods for access to federal, municipal, and provincial government services and, in the future, for ecommerce. Boucher said the next phase for the project is to add identity components, which will take 12 to 24 months.

Dr. James J. James, director of the AMA Center for Public Health Preparedness and Disaster Response, presented an update on a recently completed AMA pilot program intended to provide smart healthcare cards to those displaced by a disaster. The need for the program was made evident in the wake of Hurricane Katrina, when evacuees were left with no medication and incomplete/unavailable medical information. The pilot included two groups of patients with the same clinical presentations, 20 of which were supplied with a preprogrammed smart card, and 20 of which that “came as they were,” equipped only with a driver’s license or whatever form of identification they would normally carry. Through the use of the smart health card, the pilot found that almost 20 seconds were saved in evaluation per patient–which adds up to a lot of time when dealing with millions of displaced citizens–and many less were sent to the emergency room. Those with smart cards were also more satisfied with their care they received, and the timeliness in which they received it. Overall, Dr. James said smart cards provided the ideal platform that would “do I.N. A. MOMENT” (meaning “Identify. Notify. Access. Moment”) because “people are most concerned with receiving the help they need when they need it.”

Kelli Emerick, the executive director of the Secure ID Coalition, talked about how smart cards can address the oft talked about “fiscal cliff,” and the $661 billion worth of cuts necessary to keep the U.S. from dropping off of it. Specifically, smart cards can help Medicare, which has an annual deficit of $1.8 billion and $60 billion dollars a year worth of fraud. Replacing the paper Medicare card with a secure smart card, Emerick said, would substantially reduce this fraud and result in an ROI of $296 billion over 10 years. Emerick urged the audience to support the Medicare Common Access Card Act (H.R.2925/S.1551) which would allow pilots to show the “virtues and benefits” of a Medicare smart card.

Mobile Credentials
George Schu, senior vice president, Booz Allen Hamilton, spoke on the big initiatives going on in the world of cybersecurity in government and the enterprise, particularly in the realm of mobile identity credentials. While the use of mobile devices within the workplace boosts productivity and is overall good for business, he said, the devices “become attractive target because they are always on and loaded with sensitive information.” To combat this, the industry needs to define a new role for smart cards to secure credentials in the mobile phone. Schu said, “Nothing is more fundamental to the security of an enterprise than strong credentials, and the fusion of logical and physical access control,” noting the importance of smart card-based identity credentials and the work of the Smart Card Alliance.

For more news from the 11th Annual Smart Card Alliance Government Conference, follow the Smart Card Alliance on Twitter @SmartCardOrgUSA, hashtag #GovSmartID, and Facebook at Smart Card Alliance.

About the Smart Card Alliance

The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.

Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought. The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America. For more information please visit