Mnuchin: Commercial sector should solve digital ID

Even though the federal government is a big user of secure identity technology and a major target for online fraud, it shouldn't develop solutions to protect an increasingly complex worldwide financial ecosystem, said Treasury Secretary Steven Mnuchin. He wants government to continue partnering with industry to come up with answers.

"The federal government is tech neutral," Mnuchin said in remarks at the Sept. 14 AFCEA ID Forum in Washington, D.C.

Mnuchin pointed to government efforts like the National Institute of Standards and Technologies' National Strategy for Trusted Identities in Cyberspace, which funds pilot projects by commercial companies and researchers to develop secure identity solutions.

"We’ve seen great innovations through public-private partnerships like the emergence of FIDO authentication -- where major firms in IT, software, device manufacturers, banking, health care and security have partnered with government -- NIST in particular -- to deliver on this vision," Mnuchin said. He's referring here to the FIDO Alliance, a private-sector consortium of companies across tech and finance that collaborate on digital authentication standards.

Even so, Mnuchin acknowledged that federal, state and local governments have a big stake in effective ID protection. Federal IT systems have become the most lucrative targets for cybercriminals.

"Trustworthy identity products and services are essential to protect the financial system from abuse," he said.  "Fraud is the No. 1 source of illicit finance in the United States. Fraud against the U.S. government generates more proceeds than any other form of fraud. Identity theft is often the means used to defraud the government" of entitlements and payments, such as taxpayer refunds, he said.

Mnuchin later emphasized that federal agencies also rely on secure identities to deal with the public.

"Government entities themselves are consumers of identity services," he said, "emphasizing the importance of effective identity systems for our own operations. Importantly, this includes government payment and access to citizen services."

However, Mnuchin said the federal government shouldn't aim for a single national ID because a centralized approach isn't safe.

"Whatever solution we develop for identification and authentication," he said, "must reflect the strong value we place on decentralization. In this country, we do not, nor should we, have a single national identity number."

The current system, according to Mnuchin, which relies on multiple forms of ID -- from state drivers' licenses and birth certificates, to city ID, library and school ID cards -- provides a more diverse universe of sources. "It's unwieldy at times, but it avoids a single point of failure," he said.

"There is resilience built into our system."

The federal government's primary role in developing effective, efficient ID technology solutions, he said, is to provide "regulatory clarity" that defines federal expectations from entities and individuals that will speed innovation in the private sector, he said. President Donald Trump's mandate to prune regulations is providing a clearer path for innovation, he said.

Mnuchin didn't mention the Login.gov effort at the 18F technology group at the General Services Administration. That's a government-led effort to develop a digital identifier for accessing citizen services across multiple agencies.