Change Log
This appendix is informative.
This appendix provides a high-level overview of the changes to SP 800-63A since its initial release.
- Adds requirements for a new IAL1 for lower-risk applications
- Swaps the content in sections 4 and 5 to facilitate the introduction of identity proofing concepts before providing related requirements
- Provides guidance and requirements for characteristics of acceptable identity evidence, including physical documents and digital evidence
- Decouples the collection of identity attributes from the collection of identity evidence
- Introduces the concept of core attributes
- Expands acceptable evidence and attribute validation sources to include credible sources
- Adds requirements for CSP-specific privacy risk assessments and considerations for integrating the results into agency PIAs
- Adds new guidance and requirements for the consideration of equity risks associated with identity proofing processes
- Provides guidance and requirements for the use of Trusted Referees and Applicant References