NIST Updates Digital ID Guidelines for 'Changing Digital Landscape'
Identity risk management is a “team sport,” blogged the National Institute of Standards and Technology as it published a fourth revision of NIST digital identity guidelines on Friday. The 2025 revision is meant to “respond to the changing digital landscape that has emerged since the last major revision … in 2017,” NIST wrote.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
The fresh guidelines “explain the process and technical requirements for meeting digital identity assurance levels for identity proofing, authentication, and federation -- including requirements for security and privacy, as well as considerations for improved customer experience of digital identity solutions and technology,” said NIST: And they “establish identity management as a cross-functional process involving professionals representing cybersecurity, privacy, usability, program integrity, mission and business units, and other disciplines.”
In support of the release, NIST said it’s developing “implementation resources” and is “exploring concepts such as machine-readable conformance criteria and a Digital Identity Risk Management tool.”