Communicating in cyberspace requires a great deal of trust. Think about it: You never really know who you are doing business with or exchanging emails with. As I've been told many times, it is very difficult to prove someone is actually who they say they are, so you just have to trust them at their word.
However, with identity theft a growing concern and cyber thieves stealing passwords and other information, something has to be done to improve online privacy and allow businesses the opportunity to positively identify customers. That's why the U.S. government has introduced the National Strategy for Trusted Identities in Cyberspace, a blueprint for a decentralized system of secure credentials. According to NSTIC's pamphlet, "Why We Need It":
Shopping, banking, social networking, accessing your employer's intranet-these activities and more are all routinely done online. The increasing availability of these services results in greater opportunities for innovation and economic growth, but the online infrastructure for supporting these services has not evolved at the same pace. The National Strategy for Trusted Identities in Cyberspace addresses two central problems impeding economic growth online:
1. Passwords are inconvenient and insecure
2. Individuals are unable to prove their true identity online for significant transactions
As an article on AuctionBytes.com explained:
Broadly, the strategy is looking to allay the security concerns that have slowed the migration of businesses and government services to the Web. For example, the report describes the scenario of a small business looking to open an online store. By tapping into the identity ecosystem, the merchant would avoid reinventing the wheel through the costly construction of its own account management system. Instead, it could receive a certification from the identity ecosystem, a "trustmark" emblem that would appear on its site to alert consumers that they can use their universal login credentials to complete a secure transaction.
Some companies are already on board with the idea of a Trusted Identity initiative, like PayPal. PayPal's CISO blogged about the initiative:
PayPal believes that genuinely trustworthy online identity is a key component of a healthy Internet ecosystem, and that we have a role to play in it. We've deployed some experimental services, and over the coming months, will be offering more services directly to our customers, merchants, and other relying parties. We intend to directly support the NSTIC, which we expect will result in many new benefits to our customers, perhaps the most immediate benefit being the use of PayPal and eBay identities within the e-Government context. We think this will help all of our customers, and we look forward to seeing the development of the NSTIC and the emerging identity ecosystem over the coming months and years.