Government Adoption: Federal Cloud Credential Exchange (FCCX)

The National Strategy for Trusted Identities in Cyberspace (NSTIC, or the Strategy) calls for the U.S. government to be an early adopter of the Identity Ecosystem, calling for that “all online Federal Executive Branch services (to be) aligned appropriately with the Identity Ecosystem and, where appropriate, accept identities and credentials from the trustmarked private-sector identity providers.” Key to enabling this NSTIC benchmark is the Federal Cloud Credential Exchange (FCCX).

Today, citizens logging in to federal websites for government services usually have to get a digital credential from each separate federal agency. FCCX is a shared enterprise cloud service that would provide an “easy button” for agencies to integrate with the entire range of Federal Identity, Credential, and Access Management (FICAM)-approved credentials while allowing citizens to use these private sector-issued credentials across agencies and applications. By setting up an enterprise cloud service that handles the heavy lifting, each agency would only need to connect once to FCCX to take advantage of the increasing number of FICAM-approved third party credentials in the Identity Ecosystem.

The FCCX adheres to the NSTIC Guiding Principles by demonstrating a secure, privacy-enhancing, and easy-to-use solution for streamlining digital authentication. Further, FCCX will reduce costs for government agencies, improve the customer experience, and facilitate maturation of the Identity Ecosystem.

FCCX is a White House led initiative being implemented with support from the U.S. Postal Service, the General Services Administration, and the NSTIC National Program Office.