Government’s password-killer launches three new pilot projects

The National Strategy for Trusted Identity in Cyberspace, or NSTIC, the Commerce Department program designed to help kill off the password, has awarded grants to three new pilot projects.

The Commerce Department program designed to help kill off the password has awarded grants to three new pilot projects.

The National Strategy for Trusted Identities in Cyberspace, or NSTIC, already has 15 pilots – each designed to offer more secure alternatives to the much derided but still ubiquitous password and login combination as a way of establishing identity on the Web. The pilots are designed to show the potential benefits of more secure online identities and stimulate a marketplace for better ways of logging on.

The three new pilots announced Monday will each focus on a different use case: state income tax returns, online health information and social networking.

MorphoTrust USA, a Massachusetts-based tech firm gets just over $1 million to demonstrate how biometrically verified online driver registration processes can be leveraged to protect state tax payers and prevent refund fraud.


HealthIDx of Alexandria, Virginia, gets more than $800,000 to show how so-called “triple-blind” technology can protect the privacy of users of an online health provider. Users choose a credentialing service that verifies their identity via a third-party ID broker, but neither the credential provider nor the broker knows which medical service users are visiting online and the medical site doesn’t know which credential provider the user has selected.

Finally, Galois Inc. of Portland, Oregon, gets more than $1.8 million to demonstrate how biometric authentication can be used to secure and securely share personal data online.

The 15 existing pilots have dealt with everything from using one-time passwords delivered via SMS to biometric verification via a mobile phone.

NSTIC has also piloted — a one-stop ID shop that enables users to logon securely to multiple government sites without having to develop a different login and password for each of them.

Shaun Waterman

Written by Shaun Waterman

Contact the reporter on this story via email, or follow him on Twitter @WatermanReports. Subscribe to CyberScoop to get all the cybersecurity news you need in your inbox every day at

Latest Podcasts