Identity & Access Management , Security Operations

Login.gov to Test Facial Recognition Under New Leadership

Hanna Kim to Take Over Login.gov at a Pivotal Moment for Federal Sign-On Service
Login.gov to Test Facial Recognition Under New Leadership
Login.gov will pilot facial recognition after losing a major federal customer. (Image: Shutterstock)

Login.gov will have a new director starting in May as the federal government's single sign-on service faces a pivotal moment in its growth amid fallout from the Department of Health and Human Services' decision to drop the tool from its grantee payment platform.

See Also: Insights into Enhanced Cybersecurity Insurance Requirements: Meeting the demands of cyber risk insurers

Login.gov was not compromised or connected to the 2023 incident that allowed hackers to steal funding from several grantee organizations, according to HHS and the General Services Administration. But HHS still decided to remove the service from its platform in an apparent bid to enhance security measures after the breach.

The federal entity told staffers Wednesday that Deputy Director Hanna Kim, who previously held positions at Amazon and the departments of State, Defense and Treasury, will assume the top position on May 11 after serving in her previous role since January, reported Federal News Network.

The sign-on service has been recruiting federal agencies to join a facial recognition pilot program beginning next month amid reports indicating that HHS removed the tool from its platforms after changing its rules to require identity proofing features for any payment management system logins. The move followed a March 2023 hack in which cybercriminals stole $7.5 million after gaining access to the federal government's contractor award system through a separate sign-on platform (see: Report: Hackers Scammed $7.5M From HHS Grant Payment System).

HHS, which did not respond to a request for comment, told Nextgov/FCW the decision to remove Login.gov was in part due to the fact that it does not fully comply with standards developed by the National Institute for Standards and Technology.

HHS switched login services to ID.me, which complies with NIST's identity proofing requirements.

The facial recognition project will follow standards set by NIST's 800-63-3 Identity Assurance Level 2 guidelines, according to Ann Lewis, director of the GSA's Technology Transformation Services.

Lewis reportedly said in a statement that she is "excited to see Hanna take the reins of the Login.gov program" and build on progress made "toward achieving IAL2 compliance and scaling the program to support critical benefits, services and government applications."

An inspector general report previously criticized Login.gov for misleading federal agencies about its compliance with NIST's standards for remote identity proofing.

Kim replaces Dan Lopez-Braus, who will continue to serve as a senior adviser for Technology Transformation Services.


About the Author

Chris Riotta

Chris Riotta

Managing Editor, GovInfoSecurity

Riotta is a journalist based in Washington, D.C. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president. His reporting has appeared in NBC News, Nextgov/FCW, Newsweek Magazine, The Independent and more.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.