All companies want better privacy, security and ease-of-use for their customers, but it’s often difficult to weed through the marketing hyperbole and get to the bottom of what makes one identity authentication method better than another. NIST, the National Institute of Standards & Technology offers a practical, third-party way to overcome the confusion with clear-cut cybersecurity and privacy standards and best practices for enterprises in the U.S. to adopt.
NIST 800-63B “Authentication & Lifecycle Management”, is a government publication based on a collaboration with industry experts which sorts authentication options into good, better, best categories, assigning “assurance levels”. The publication includes descriptions of AAL1 (the lowest authentication assurance level); AAL2, a multi-factor authenticator or a combination of single-factor authenticators; and AAL3, the highest level, which must include a hardware crypto-device. Click here for a summary of NIST’s assurance levels in plain language and learn how you can get a complimentary consultation to definitively see what level of assurance your current or prospective identity authentication methods meet.