Identity Management

18F offers specs on gov-wide login

The federal innovation shop 18F is getting closer to testing a system to provide citizens with a single account to access government services.

The planned Login.gov digital identifier could begin an open beta test in about a month, according to an Aug. 24 notice in the Federal Register.

Login.gov is an effort to create a single sign-on to facilitate the delivery of government services. Users will establish an account through a combination of public and private identifiers, including basic biographical information (such as name, date of birth, address, phone number and Social Security number) and information about financial accounts and history.

The account will be assigned a "meaningless but unique identifier number" that presumably is not disclosed outside the system, the notice says. The one-time data used to verify identities is not stored, but the system will maintain some personal information shared by users.

According to the notice, Login.gov does not store the commercial account and identity details used to confirm a user. The construct sounds similar to the data hub that connected the front end of the HealthCare.gov system with the various agency databases needed to determine individuals' eligibility for health insurance under the Affordable Care Act.

The development of a single, secure login for accessing services across the government has been a longtime goal of the Obama administration. Digital identity efforts have sprawled across agencies and taken different forms. The National Strategy for Trusted Identities in Cyberspace, housed at the National Institute of Standards and Technology, led an effort to develop secure online ID-proofing with grants to private-sector researchers and academics. NSTIC is still giving grants, but it is no longer the hub of the digital ID effort.

In an Aug. 25 blog post announcing $15 million in new grant funding, NSTIC Acting Director Mike Garcia wrote, "It's a tricky needle to thread for government to successfully catalyze a marketplace of solutions without government creating the solutions itself."

18F is not bound by those constraints and is working toward a shared-services solution along the lines of the United Kingdom's GOV.UK Verify system. But that's not to say that 18F is not building on the work done by NSTIC. The Login.gov effort will draw on commercial and third-party identity service providers to verify user accounts.

18F officials are hoping for a system that integrates ID services in days and offers near-real-time alerts about potential fraud and security breach attempts. Users will remain in control of their data, according to the notice, and in a future version of the application, they will have the option of deleting their own information.

Clarification: This story was updated Aug. 29 to reflect the kinds of user data maintained in the planned Login.gov system.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Featured

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.