Change Log

This appendix is informative.

This appendix provides a high-level overview of the changes to SP 800-63A since its initial release.

• Adds requirements for a new IAL1 for lower-risk applications
• Swaps the content in sections 4 and 5 to facilitate the introduction of identity proofing concepts before providing related requirements
• Provides guidance and requirements for characteristics of acceptable identity evidence, including physical documents and digital evidence
• Decouples the collection of identity attributes from the collection of identity evidence
• Introduces the concept of core attributes
• Expands acceptable evidence and attribute validation sources to include credible sources
• Adds requirements for CSP-specific privacy risk assessments and considerations for integrating the results into agency PIAs
• Adds new guidance and requirements for the consideration of equity risks associated with identity proofing processes
• Provides guidance and requirements for the use of Trusted Referees and Applicant References