Now, it’s time to welcome a new leader to help shape IDPro’s future. With the board size set at nine members, we have one open seat for an engaged and enthusiastic professional to join us in July 2025.

What It Means to Be on the IDPro Board

This isn’t a ceremonial role: It’s hands-on! IDPro’s board is operational, which means rolling up your sleeves to keep things moving. Board members typically contribute 10–15 hours per month, participating in monthly meetings, managing projects, and engaging with existing and potential members.

If you’re passionate about the practice and the profession of digital identity and want to actively contribute to the success of IDPro, we’d love to see you throw your hat in the ring. As a board member, you’ll:

Help steer IDPro’s strategic direction
Support financial health and organizational growth
Strengthen the IAM community and professional network
Work alongside industry leaders and practitioners
Gain leadership experience and visibility in the field

We value collaboration, inclusivity, and diversity; we encourage identity professionals from all backgrounds to apply.

Ready to Nominate?

If you or someone you know would be a great fit, now’s the time to act! Self-nominations are welcome—after all, who knows your passion and skills better than you?

To apply, email director@idpro.org for the nomination packet.
Deadline for completed nominations: April 30, 2025.

This is your chance to make a real impact in the world of digital identity. We can’t wait to see who steps forward!

The post Join the IDPro Board – Nominations Now Open for 2025-2028! appeared first on IDPro.

While this idea may still be in the realm of innovation rather than standard practice, it introduces a pattern worth exploring for organizations looking to strengthen their account recovery processes.

Why Explore NFC Chips?

Modern passports and ID cards often include NFC chips containing cryptographically verifiable data. These chips offer significant security benefits, such as:

• Resistance to attacks: NFC chips in government-issued identity artifacts use cryptographic protections that are not vulnerable to phishing, deepfakes, or social engineering.
• Privacy-first design: Businesses can rely on secure data matching without needing to store sensitive personal information.
• Global availability: With billions of chipped IDs in circulation, the infrastructure for this approach already exists.

Using NFC-enabled phones, individuals can verify their identities securely, replacing traditional recovery methods like knowledge-based authentication or telephone-based verification, both of which have become increasingly vulnerable.

A Potential New Path for Account Recovery

For organizations grappling with the growing complexity of identity verification, this model introduces a forward-thinking possibility:

1. Improved Security Posture: By leveraging cryptographically verifiable identity documents, recovery processes can be made stronger than the authentication methods they support—a critical principle in identity management.
2. Cost Reduction: Eliminating labor-intensive telephone-based identity verification could yield significant savings, especially for larger organizations. 
3. Value Protection: Customer Lifetime Value is at risk if organizations lack account takeover prevention measures—would account takeover victims remain loyal? 
4. Enhanced User Experience: Self-service recovery options leveraging widely available technology could reduce frustration for legitimate users while thwarting fraud attempts.

Recognizing the Challenges

This is not a one-size-fits-all solution. Organizations must weigh several factors, such as:

• The availability of NFC-enabled identity documents among their user base.
• Educating users on how to utilize chipped IDs effectively.
• Addressing edge cases where users lack compatible IDs or devices.

Additionally, as the article acknowledges, this approach requires collaboration across industries and careful consideration of privacy and compliance requirements.

An Idea to Explore

As an IDPro member, I appreciate the value of discussing emerging ideas like this with the community—not as definitive solutions but as possibilities to explore as the identity landscape evolves. For some organizations, NFC-based account recovery may represent a promising opportunity to address vulnerabilities in their processes. For others, it may serve as inspiration for thinking creatively about strengthening identity recovery.

Learn More

To explore the technical and operational considerations of using NFC-enabled passport chips in account recovery, check out the full article on LinkedIn: Using a Passport Chip for Account Recovery.

Disclaimer: The views expressed in the content are solely those of the author and do not necessarily reflect the views of the IDPro organization.

Author Bio

Rob Brown has had chips with everything throughout his career:
From RFID tag start-ups to the NFC Forum, growing market demand for smart card processors, and Trusted Execution Environments for mobile payments and biometrics.
He consulted on IAM of Things, supply chain transparency, went through blockchain, and is now at @Inverid, where NFC chips, IDV, Mobiles, and biometrics converge in an app that scans your document chip to prove it is you.
As a mountain bike coach, he sees every crash teaches a lesson. A smashed phone and a world of digital pain in account recovery inspired him to look for something better for the next time.

The post Exploring New Frontiers in Account Recovery appeared first on IDPro.

Adopting identity standards is a lot like acquiring a foreign tongue. While it’s relatively easy to have a surface knowledge of the technology, most of us don’t easily understand what is occurring in these identity approaches until we can actually interact with them personally. As we explore them by hand, we see what each exchange looks like, what happens when things fall over, and what current systems do when faced with boundary cases.

In short, we need a “conversational” partner that will let us try out these interactions and learn the proper call and response.

A Demo System as a Conversational Partner

Open-source or publicly-available demo systems are crucial to the learning process. They allow for a deeper understanding of interactions and the chance to learn via experience. When it comes to emerging standards, they speed adoption tremendously, as can be seen from examples such as AuthZen and the Shared Signals Framework from the OpenID working groups.

Those of us participating in the Shared Signals Framework Interop this year in March (and coming up again in December) have benefitted from Caep.Dev – an online receiver/transmitter that can be used publicly both to understand interactions within the standard and to identify where ongoing development efforts may have failed to follow the specification. (Not that Caep.Dev was infallible by the way—it helped clarify issues on both sides of most interactions.) Without the existence of this kind of conversational partner, the standard would see much slower adoption and lower levels of successful interop participation.

Just Try It Out

But it’s not just emerging standards, either—existing standards benefit from conversational partners as well. Take SCIM, for instance; it has been around for at least nine years, but still benefits from projects such as Arie Timmerman’s Scim.Dev. Users can explore the world of SCIM, including my personal favorite emerging standard: SCIM Events.

I’ll let Arie describe what he’s created over on Scim.Dev:

“Tell me and I forget, teach me and I may remember, involve me and I learn.” This wisdom—shared by Benjamin Franklin—underpins the philosophy behind SCIM Playground. Rather than responding to questions like “How do I integrate using SCIM?” with “Read the specs”, we can now say, “Just try it out.” A demo environment is one click away, complete with optional dummy users and groups to help you get started quickly. Many IT professionals perceive SCIM as complex or challenging to understand, but this playground and testing environment can help overcome these barriers and encourage adoption of the protocol.

Sites such as Caep.Dev and Scim.Dev (no, they’re not all suffixed with .dev) give us the opportunity to practice using these standards, write prototype and production code against them, and level up quickly as we rush to enhance the utility of identity. These kinds of publicly available tools exist for most standards—easily found a few short searches away (ask on the IDPro Slack if you’re having difficulty uncovering what you need).

Accelerate Your Progress

So, if you’re looking to learn something new about identity or want to understand a new or emerging standard, accelerate your progress the same way you would if you were trying to gain fluency in a language other than your own: find a conversational partner.

Disclaimer: The views expressed in the content are solely those of the author and do not necessarily reflect the views of the IDPro organization.

Author Bio

Director of Strategy and Standards, SailPoint

Mike Kiser is insecure. He has been this way since birth, despite holding a panoply of industry positions over the past 20 years—from the Office of the CTO to Security Strategist to Security Analyst to Security Architect—that might imply otherwise. In spite of this, he has designed, directed, and advised on large-scale security deployments for a global clientele. He is currently in a long-term relationship with fine haberdashery, is a chronic chronoptimist (look it up), and delights in needlessly convoluted verbiage. Mike speaks regularly at events such as the European Identity Conference and the RSA Conference, is a member of several standards groups, and has presented identity-related research at Black Hat and Def Con. He is currently the Director of Strategy and Standards at SailPoint Technologies and an active IDPro member.

The post The Importance of Conversational Partners in Standards appeared first on IDPro.