Publications – Identity
This brief was developed by the Smart Card Alliance Access Control Council to provide an easy-to-use comparison of Personal Identity Verification (PIV), PIV-Interoperable (PIV-I) and Commercial Identity Verification (CIV) credentials.
The Smart Card Alliance Identity Council developed this position paper to provide the Alliance interpretation and position on the OMB-defined levels of assurance.
This brief was developed by the Smart Card Alliance Healthcare Council to describe the benefits of smart cards for healthcare applications and to provide a comparison with magnetic stripe cards.
This document was developed by the Health and Human Services Council in response to the GAO report, “Potential Uses of Electronically Readable Cards for Beneficiaries and Providers.” The document discusses the benefits of implementing strong authentication for beneficiaries and providers using smart card technology.
This Secure Technology Alliance Payments Council webinar provides a primer on biometric payment cards that use fingerprints to authenticate the cardholder. New technologies that enable template matching and storage in the secure element, battery-free operation, and fast transactions are being showcased in pilots and proof-of-concept launches around the world. Webinar topics include: overview of biometric payment card technology; user experience and implementation considerations for biometric payment cards; examples of real-world implementations.
This white paper was developed by the Smart Card Alliance Physical Access Council to provide guidance on how enterprises can take advantage of FIPS 201 and the PIV credential specifications to implement a standards-based commercial identity credentialing program. The white paper defines the Commercial Identity Verification (CIV) credential as a credential that uses the same technology and data model as the PIV-I credential.
Version 1.1 of the Workgroup for Electronic Data Interchange’s (WEDI) Health Identification Card Implementation Guide includes Integrated Circuit Cards (ICC), commonly known as smart cards, as an appropriate card type. For organizations considering upgrading their member identity cards to smart cards, this document serves as a supplement to the WEDI Health Identification Card Implementation Guide. It provides WEDI-compliant smart card designs and includes a discussion of the features and benefits of smart ID cards for healthcare providers and payers.
Government policy makers are looking carefully at the best ways to improve the efficiency of information systems in the healthcare industry. Much emphasis has been placed on the need for electronic health records for every American, and at ways to exchange those records at the regional, state and national levels. This brief was developed by the Smart Card Alliance Healthcare and Identity Councils to introduce the current problems with healthcare identity management, security and privacy, and propose leveraging existing federal standards and technologies already used in other government identity programs.
The new electronic passports (ePassports) include digital and physical security technologies that are integrated together to provide significantly higher levels of security. ePassports use advanced technologies that secure identities and new processes throughout the entire chain of trust – from manufacturing to use of the ePassport. This frequently asked questions (FAQ) document was developed by the Smart Card Alliance Identity Council to answer questions about how the ePassport works and what technology is used to protect an ePassport holder’s personal information.
The Smart Card Alliance Identity Council and Physical Access Council developed the summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance to highlight key concepts and to make it more accessible to its target audiences. In developing and publishing the summary, the Smart Card Alliance hopes to expand the audience reading the document and promote its concepts broadly through the identity, credential and access management industry. The summary includes the FICAM segment architecture, as-is and target use cases, and roadmap and initiatives for Federal implementation of the FICAM architecture.
This Physical Access Council white paper provides a roadmap to the key specifications that agencies need to consider in implementing FIPS 201-compliant physical access control systems and provides an overview of the key open questions where work is still being done on standards definition and implementation guidance.
The Smart Card Alliance Physical Access Council developed this white paper to discuss factors that impact PIV II card transaction performance in PACS applications and provide recommendations on data encoding, user training and installation that can improve the user experience and reduce PIV II card PACS transaction time.
“Meaningful use” has the top priority of today’s healthcare industry. In 2010, the government, healthcare organizations, consumers and technology providers came together to move toward interoperable electronic health records that can transform the healthcare industry. This white paper outlines the ways in which smart card-based systems can better position healthcare organizations and providers for meaningful use of electronic health records, while addressing many of the security and privacy challenges that come with electronic health records and health data exchange.
GSA published this guide with contributions from Secure Technology Alliance Access Control Council resources and members. The guide presents the concepts related to Federal Identity, Credential, and Access Management-compliant PACS.
This FAQ answers questions about privacy, security and smart card benefits for identity management systems.
This position paper describes key elements in the design of an identity management system that affect privacy and security and the benefits that smart cards bring to identity management systems.
This Identity Council recorded webinar recording provides the groundwork for understanding how to establish and use a mobile identity through real-world use cases that are relevant to multiple industry sectors.
The Smart Card Alliance Health and Human Services Council developed this infographic to depict the impact of smart card technology on the future of healthcare identity authentication and suggest how current challenges can be solved through interoperability, increased security, and multi-factor authentication.
This white paper was developed for healthcare CFOs by the Smart Card Alliance Healthcare Council to outline the key benefits and business case for using smart cards for healthcare applications. The white paper outlines some of the major challenges faced by healthcare CFOs and discusses how smart card technology can provide innovative, practical and cost-effective solutions.
The Smart Card Alliance Health and Human Services Council developed this white paper to outline a vision for healthcare identity authentication and payments convergence and to provide insight into the opportunities and challenges afforded to the healthcare community as the U.S. migrates to EMV.
Policy makers are looking carefully at the best ways to improve our healthcare system with much emphasis being placed on the need for electronic health records for every American. This effort also includes creating an infrastructure to allow the exchange of these records at the regional, state and national levels. This paper introduces the current challenges and explains why identity management in healthcare is an essential and foundational element that must be made a priority by policy makers in order to achieve the goals of widespread use of electronic health records to support the secure and seamless exchange of healthcare information. The paper also recommends best practices for introducing a healthcare identity management infrastructure–one that provides the needed security and privacy controls that should be specified by policy makers.
This report discusses how smart cards can help health care providers and insurance companies meet the requirements of HIPAA Privacy and Security Rules. Designed as an educational overview for decision makers, it summarizes the HIPAA privacy and security requirements, provides an overview on how smart cards work, describes how smart cards can be used to support HIPAA compliance and implement other health care applications, and outlines key implementation success factors. The report includes profiles of several U.S. and international smart health card implementations.
The Smart Card Alliance developed this position paper to describe the issues with unique identifiers and discuss how smart cards can be used as authenticators when using unique identifiers.
The Smart Card Alliance Identity Council developed this glossary to define commonly used terms related to identity and smart card technology and applications.
The Identity Council webinar series recordings provide the groundwork for understanding how to establish and use a mobile identity credential through real-world use cases that are relevant to multiple industry sectors.
This guide was developed by the Secure Technology Alliance Access Control Council to identify the essentials for a successful deployment of a physical access control system (PACS) that complies with Federal Information Processing Standard (FIPS) 201 and provide a streamlined, practical, layman’s version of the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-116 R1.
This Secure Technology Alliance information portal provides the resources and materials necessary for relying parties to understand what mDL technology is, where it can be used, and what the considerations are for implementation.
Healthcare data breaches and medical identity theft are growing problems as the healthcare industry moves to electronic health records and health information exchanges. This brief describes the security and privacy issues that the healthcare industry is facing and advocates that the industry move to strong identity management practices and technology solutions to improve the privacy and security of health information systems and electronic health records.
This brief was developed by the Smart Card Alliance Identity Council to present the vision of the secure use of mobile devices for identity applications and to describe different use cases for current and NFC-enabled mobile devices.
This Secure Technology Alliance Identity Council webinar series discusses mobile driver’s licenses (mDLs) and the impact they will have on identity verification as state issuing agencies and relying parties adopt the technology.
This white paper was developed by the Secure Technology Alliance Mobile Council to provide an overview of mobile ID authentication, to highlight use cases that rely on secure user credentials stored on a mobile device, and to provide some perspectives on how emerging technologies and standards are addressing the growing need for mobile ID authentication. Use cases highlighted include access control, payments, government-to-consumer services, and corporate applications.
This white paper was developed by the Smart Card Alliance Physical Access Council and Identity Council to describe the benefits of FIPS 201, PIV standards and PIV-I framework for state and local governments to enable interoperability and trust across different government issuers for a wide variety of identity credentialing programs. The white paper discusses policy, process and technology considerations related to the implementation of state and local government identity credentialing initiatives. The white paper summarizes important aspects of the current state of policy, process and technology and identifies opportunities to support additional work to further improve each through the use of the PIV-I framework and the PIV standard.
This white paper was developed by the Smart Card Alliance Identity Council to document the benefits of using PIV-interoperable credentials for enterprises and to provide implementation case studies of enterprises that are issuing or planning to issue PIV-I credentials.
State policy makers are looking carefully at the use of RFID technology in identity cards and the implications that holds for protecting privacy and personal information in identity applications and systems. This brief was developed by the Smart Card Alliance Identity Council to examine best practices for privacy-secure identity systems from the point of view of card technologies.
This Smart Card Alliance white paper compares RFID technology and RF-enabled smart cards and describes key requirements in RF-enabled applications.
This white paper was developed by the Smart Card Alliance Healthcare Council to describe the value that smart cards deliver in a variety of U.S. healthcare applications. Developed as an educational overview for executives and senior managers in healthcare provider organizations, it reviews key challenges that the U.S. healthcare provider industry faces and examines the key drivers for implementing smart card-based systems to address these challenges. The white paper concludes with profiles of a number of organizations who are implementing smart cards illustrating the diversity of applications that are enabled by smart card technology and the business benefits that the technology delivers to healthcare organizations.
The Smart Card Alliance Identity Council developed this white paper to describe the role of smart card technology in implementations of the FIDO protocols.
The Smart Card Alliance Identity Council developed this white paper to describe the benefits of combining smart card technology and strong credentials within the National Strategy for Trusted Identities in Cyberspace (NSTIC).
This frequently asked questions document was developed to answer questions about how smart cards work and how the technology is used to manage patient identity and protect a healthcare consumer’s personal information.
This white paper was developed by the Smart Card Alliance Physical Access Council to describe the benefits of combining smart cards and biometrics to enable strong verification and authentication of an individual’s identity. The white paper provides an overview of biometrics technology, discusses how it’s used for identification and verification, and describes the benefits of using smart cards and biometrics to enable strong verification and authentication of the cardholder’s identity. The white paper includes eight case study examples of identity verification systems that combine smart cards and biometrics, including the Singapore Immigration Automated Clearance System, the Canadian Airport Restricted Area Identification Card, Amsterdam Schiphol Airport workforce ID card, the University of Arizona Keyless Access Security System, the FIPS 201 Personal Identity Verification (PIV) card, the U.S. Department of Defense Common Access Card (CAC), the U.S. Transportation Worker Identification Credential (TWIC), and the electronic passport.
This white paper was developed by the Smart Card Alliance Healthcare Council to provide an overview of smart card and biometric technologies, discuss the key considerations for selecting biometric and smart card technology for identity verification, and describe the benefits of combining smart cards and biometrics for identity applications.
This white paper was developed by the Smart Card Alliance Healthcare Council to describe the benefits of smart cards to healthcare industry participants. The paper describes the challenges within the healthcare industry and the clear opportunities for the use of smart card technology for security and privacy in healthcare. The paper examines smart card use in healthcare today and suggests additional applications for consideration.
This white paper was developed by the Smart Card Alliance Access Control Council to discuss the benefits of using smart card technology for strong authentication for logical access.
The Smart Card Alliance Identity Council, Mobile and NFC Council and Access Control Council developed this white paper to provide guidance to U.S. Government policy makers and technologists on the key technical, business and policy considerations for supporting the Personal Identity Verification (PIV) application and credentials on mobile devices using the UICC.