NIST Special Publication 800-63-4, Digital Identity Guidelines, provides comprehensive process and technical requirements for managing digital identity assurance levels in identity proofing, authentication, and federation. These guidelines address modern digital challenges by emphasizing reliability, security, privacy, equity, and usability in digital identity solutions. The publication updates previous versions by incorporating more inclusive verification methods, expanding identity proofing options to include emerging technologies like mobile driver’s licenses and verifiable credentials, and raising security expectations with mandatory phishing-resistant multi-factor authentication. It also redefines federation assurance requirements to ensure stronger user authentication through cryptographic means. Additionally, the guidelines highlight the importance of integrating risk management with customer experience, privacy protections, and accessibility to support diverse user needs in the evolving digital landscape. These updates reflect the latest threat environment while promoting secure, user-friendly, and equitable digital identity management.
Home / Function (NIST CSF 2.0) / PR - Protect / AC - Access Control