US Cybersecurity Czar wants online "identity cards"

US Cybersecurity Czar Howard Schmidt has proposed the creation of an online “identity ecosystem” to secure financial transactions in cyberspace.

The ecosystem – which was outlined in the Obama administration’s (draft) National Strategy for Trusted Identities in Cyberspace (NSTIC) – also envisions the “voluntary” use of smart identity cards for authentication purposes. 

“[The] Identity Ecosystem [would allow] individuals and organizations to complete online transactions with confidence, trusting the identities of each other and the identities of the infrastructure that the transaction runs on,” Schmidt explained in an official blog post.

“No longer [will] individuals have to remember an ever-expanding and potentially insecure list of usernames and passwords to login into various online services.”

According to Schmidt, the identity ecosystem would “enable a future” where individuals “voluntarily” choose to obtain a secure, interoperable, and privacy-enhancing credential (e.g., a smart identity card, a digital certificate on their cell phone, etc) to authenticate themselves for various types of online transactions.

He added that such an approach would actually empower users by supposedly allowing them to exert greater control over private data.

“[The] identity ecosystem is user-centric, [which] means you, as a user, will be able to have more control of the private information you use to authenticate yourself on-line and generally will not have to reveal more than is necessary to do so.”