{"formats":[{"name":"JSON","format":"json","url":"\/downloads\/2025\/code-json\/59.1-550.json"},{"name":"Plain Text","format":"text","url":"\/downloads\/2025\/code-text\/59.1-550.txt"},{"name":"XML","format":"xml","url":"\/downloads\/2025\/code-xml\/59.1-550.xml"},{"name":"HTML","format":"html","url":"\/downloads\/2025\/code-html\/59.1-550.html"}],"law_id":80291,"edition_id":1,"section_id":80291,"structure_id":15846,"section_number":"59.1-550","catch_line":"Definitions","history":"2015, cc. 482, 483; 2020, cc. 736, 738.","full_text":"As used in this chapter, unless the context requires a different meaning:\n\t\t&#8220;Attribute provider&#8221; means an entity, or a supplier, employee, or agent thereof, that acts as the authoritative record of identifying information about an identity credential holder.\n\t\t&#8220;Commonwealth identity management standards&#8221; means the minimum specifications and standards that must be included in an identity trust framework so as to define liability pursuant to this chapter that are set forth in guidance documents approved by the Secretary of Administration pursuant to Chapter 4.3 (\u00a7 2.2-436 et seq.) of Title 2.2.\n\t\t&#8220;Federated digital identity system&#8221; or &#8220;federation&#8221; means a digital identity system that (i) utilizes federated identity management to enable the portability of identity information across otherwise autonomous security domains; (ii) is compliant with the Commonwealth&#8217;s identity management standards and with the provisions of the governing identity trust framework; (iii) has established identity, security, privacy, technology, and enforcement rules and policies adhered to by certified identity providers that are members of the federated digital identity system; (iv) includes as members federation administrators, federation operators, identity trust framework operators, and identity providers; and (v) allows, but does not require, relying parties to be members of the federated digital identity system in order to accept an identity credential issued by a certified identity provider to verify an identity credential holder&#8217;s identity.\n\t\t&#8220;Federated identity management&#8221; means a process that allows the conveyance of identity credentials and authentication information across digital identity systems through the use of a common set of policies, practices, and protocols for managing the identity of users and devices across security domains.\n\t\t&#8220;Federation administrator&#8221; means a person or entity that certifies compliance with the Commonwealth&#8217;s identity management standards by either a federation operator or an identity trust framework operator at the time of issuance of identity credentials, identity and entitlement attributes, or trustmarks.\n\t\t&#8220;Federation operator&#8221; means the entity that (i) defines rule and policies for member parties to a federation; (ii) certifies identity and entitlement attribute providers to be members of and issue identity credentials pursuant to the federation; and (iii) evaluates participation in the federation to ensure compliance by members of the federation with its rules and policies, including the ability to request audits of participants for verification of compliance.\n\t\t&#8220;Identity attribute&#8221; means identifying information associated with an identity credential holder.\n\t\t&#8220;Identity credential&#8221; means the data, or the physical object upon which the data may reside, that an identity credential holder may present to verify or authenticate his identity in a digital or online transaction.\n\t\t&#8220;Identity credential holder&#8221; means a person bound to or in possession of an identity credential who has agreed to the terms and conditions of the identity provider.\n\t\t&#8220;Identity proofer&#8221; means a person or entity authorized to act as a representative of an identity provider in the confirmation of a potential identity credential holder&#8217;s identification and identity attributes prior to issuing an identity credential to a person.\n\t\t&#8220;Identity provider&#8221; means an entity, or a supplier, employee, or agent thereof, certified by an identity trust framework operator to provide identity credentials that may be used by an identity credential holder to assert his identity, or any related attributes, in a digital or online transaction. For purposes of this chapter, &#8220;identity provider&#8221; includes an attribute provider, an identity proofer, and any suppliers, employees, or agents thereof.\n\t\t&#8220;Identity trust framework&#8221; means a digital identity system with established identity, security, privacy, technology, and enforcement rules and policies adhered to by certified identity providers that are members of the identity trust framework. Members of an identity trust framework include identity trust framework operators and identity providers. Relying parties may be, but are not required to be, a member of an identity trust framework in order to accept an identity credential issued by a certified identity provider to verify an identity credential holder&#8217;s identity.\n\t\t&#8220;Identity trust framework operator&#8221; means the entity that (i) defines rules and policies for member parties to an identity trust framework, (ii) certifies identity providers to be members of and issue identity credentials pursuant to the identity trust framework, and (iii) evaluates participation in the identity trust framework to ensure compliance by members of the identity trust framework with its rules and policies, including the ability to request audits of participants for verification of compliance.\n\t\t&#8220;Relying party&#8221; is an individual or entity that relies on the validity of an identity credential or an associated trustmark.\n\t\t&#8220;Trustmark&#8221; means a machine-readable official seal, authentication feature, certification, license, or logo that may be provided by an identity trust framework operator to certified identity providers within its identity trust framework or federation to signify that the identity provider complies with the written rules and policies of the identity trust framework or federation.","order_by":null,"text":{"0":{"id":287437,"text":"As used in this chapter, unless the context requires a different meaning:\n\t\t&#8220;Attribute provider&#8221; means an entity, or a supplier, employee, or agent thereof, that acts as the authoritative record of identifying information about an identity credential holder.\n\t\t&#8220;Commonwealth identity management standards&#8221; means the minimum specifications and standards that must be included in an identity trust framework so as to define liability pursuant to this chapter that are set forth in guidance documents approved by the Secretary of Administration pursuant to Chapter 4.3 (\u00a7 2.2-436 et seq.) of Title 2.2.\n\t\t&#8220;Federated digital identity system&#8221; or &#8220;federation&#8221; means a digital identity system that (i) utilizes federated identity management to enable the portability of identity information across otherwise autonomous security domains; (ii) is compliant with the Commonwealth&#8217;s identity management standards and with the provisions of the governing identity trust framework; (iii) has established identity, security, privacy, technology, and enforcement rules and policies adhered to by certified identity providers that are members of the federated digital identity system; (iv) includes as members federation administrators, federation operators, identity trust framework operators, and identity providers; and (v) allows, but does not require, relying parties to be members of the federated digital identity system in order to accept an identity credential issued by a certified identity provider to verify an identity credential holder&#8217;s identity.\n\t\t&#8220;Federated identity management&#8221; means a process that allows the conveyance of identity credentials and authentication information across digital identity systems through the use of a common set of policies, practices, and protocols for managing the identity of users and devices across security domains.\n\t\t&#8220;Federation administrator&#8221; means a person or entity that certifies compliance with the Commonwealth&#8217;s identity management standards by either a federation operator or an identity trust framework operator at the time of issuance of identity credentials, identity and entitlement attributes, or trustmarks.\n\t\t&#8220;Federation operator&#8221; means the entity that (i) defines rule and policies for member parties to a federation; (ii) certifies identity and entitlement attribute providers to be members of and issue identity credentials pursuant to the federation; and (iii) evaluates participation in the federation to ensure compliance by members of the federation with its rules and policies, including the ability to request audits of participants for verification of compliance.\n\t\t&#8220;Identity attribute&#8221; means identifying information associated with an identity credential holder.\n\t\t&#8220;Identity credential&#8221; means the data, or the physical object upon which the data may reside, that an identity credential holder may present to verify or authenticate his identity in a digital or online transaction.\n\t\t&#8220;Identity credential holder&#8221; means a person bound to or in possession of an identity credential who has agreed to the terms and conditions of the identity provider.\n\t\t&#8220;Identity proofer&#8221; means a person or entity authorized to act as a representative of an identity provider in the confirmation of a potential identity credential holder&#8217;s identification and identity attributes prior to issuing an identity credential to a person.\n\t\t&#8220;Identity provider&#8221; means an entity, or a supplier, employee, or agent thereof, certified by an identity trust framework operator to provide identity credentials that may be used by an identity credential holder to assert his identity, or any related attributes, in a digital or online transaction. For purposes of this chapter, &#8220;identity provider&#8221; includes an attribute provider, an identity proofer, and any suppliers, employees, or agents thereof.\n\t\t&#8220;Identity trust framework&#8221; means a digital identity system with established identity, security, privacy, technology, and enforcement rules and policies adhered to by certified identity providers that are members of the identity trust framework. Members of an identity trust framework include identity trust framework operators and identity providers. Relying parties may be, but are not required to be, a member of an identity trust framework in order to accept an identity credential issued by a certified identity provider to verify an identity credential holder&#8217;s identity.\n\t\t&#8220;Identity trust framework operator&#8221; means the entity that (i) defines rules and policies for member parties to an identity trust framework, (ii) certifies identity providers to be members of and issue identity credentials pursuant to the identity trust framework, and (iii) evaluates participation in the identity trust framework to ensure compliance by members of the identity trust framework with its rules and policies, including the ability to request audits of participants for verification of compliance.\n\t\t&#8220;Relying party&#8221; is an individual or entity that relies on the validity of an identity credential or an associated trustmark.\n\t\t&#8220;Trustmark&#8221; means a machine-readable official seal, authentication feature, certification, license, or logo that may be provided by an identity trust framework operator to certified identity providers within its identity trust framework or federation to signify that the identity provider complies with the written rules and policies of the identity trust framework or federation.","type":"section","prefixes":[""],"prefix":"","entire_prefix":"","prefix_anchor":"","level":1}},"ancestry":[{"id":15846,"edition_id":1,"name":"Electronic Identity Management Act","identifier":"50","label":"chapter","depth":2,"order_by":1,"parent_id":12809,"metadata":{},"date_created":"2026-06-26 04:00:29","date_modified":"2026-06-26 04:00:29","permalink":{"id":262637,"object_type":"structure","relational_id":15846,"identifier":"50","token":"59.1\/50","url":"\/59.1\/50\/","edition_id":1,"permalink":0,"preferred":1}},{"id":12809,"edition_id":1,"name":"Trade and Commerce","identifier":"59.1","label":"title","depth":1,"order_by":1,"parent_id":null,"metadata":{},"date_created":"2026-06-26 03:43:54","date_modified":"2026-06-26 03:43:54","permalink":{"id":259521,"object_type":"structure","relational_id":12809,"identifier":"59.1","token":"59.1","url":"\/59.1\/","edition_id":1,"permalink":0,"preferred":1}}],"structure_contents":[{"id":80291,"structure_id":15846,"section_number":"59.1-550","catch_line":"Definitions","url":"\/59.1-550\/","token":"59.1\/50\/59.1-550","metadata":false},{"id":86192,"structure_id":15846,"section_number":"59.1-551","catch_line":"Trustmark; warranty","url":"\/59.1-551\/","token":"59.1\/50\/59.1-551","metadata":false},{"id":64751,"structure_id":15846,"section_number":"59.1-552","catch_line":"Establishment of liability; limitation of liability","url":"\/59.1-552\/","token":"59.1\/50\/59.1-552","metadata":false},{"id":75096,"structure_id":15846,"section_number":"59.1-553","catch_line":"Commercially reasonable security procedures for electronic fund transfers","url":"\/59.1-553\/","token":"59.1\/50\/59.1-553","metadata":false},{"id":61185,"structure_id":15846,"section_number":"59.1-554","catch_line":"Applicability of chapter","url":"\/59.1-554\/","token":"59.1\/50\/59.1-554","metadata":false},{"id":69724,"structure_id":15846,"section_number":"59.1-555","catch_line":"Sovereign immunity","url":"\/59.1-555\/","token":"59.1\/50\/59.1-555","metadata":false}],"next_section":{"id":86192,"structure_id":15846,"section_number":"59.1-551","catch_line":"Trustmark; warranty","url":"\/59.1-551\/","token":"59.1\/50\/59.1-551","metadata":false},"metadata":false,"official_url":"https:\/\/law.lis.virginia.gov\/vacode\/59.1-550\/","history_text":"<p>This law was first created in 2015. The record of its establishment is cataloged in chapters <a href=\"https:\/\/legacylis.virginia.gov\/cgi-bin\/legp604.exe?151+ful+CHAP0482\">482<\/a> and <a href=\"https:\/\/legacylis.virginia.gov\/cgi-bin\/legp604.exe?151+ful+CHAP0483\">483<\/a> of that year\u2019s edition of \u201cActs of Assembly,\u201d the annual state publication listing all changes made to the Code of Virginia in that year. It has been modified 1 time. Those modifications are cataloged by \u201cThe Acts of Assembly,\u201d a state publication, by year and chapter. Those modifications that can be read on the General Assembly\u2019s website will be linked accordingly. That modification is as follows: in 2020, chapters <a href=\"https:\/\/legacylis.virginia.gov\/cgi-bin\/legp604.exe?201+ful+CHAP0736\">736<\/a> and <a href=\"https:\/\/legacylis.virginia.gov\/cgi-bin\/legp604.exe?201+ful+CHAP0738\">738<\/a>.<\/p>","references":[{"id":80231,"section_number":"2.2-436","catch_line":"Approval of electronic identity standards","order_by":null,"url":"\/2.2-436\/"}],"refers_to":[{"id":80231,"section_number":"2.2-436","catch_line":"Approval of electronic identity standards","order_by":null,"url":"\/2.2-436\/"}],"permalink":{"id":262639,"object_type":"law","relational_id":80291,"identifier":"59.1-550","token":"59.1\/50\/59.1-550","url":"\/59.1-550\/","edition_id":1,"permalink":0,"preferred":1},"url":"\/59.1-550\/","token":"59.1\/50\/59.1-550","dublin_core":{"Title":"Definitions","Type":"Text","Format":"text\/html","Identifier":"\u00a7 59.1-550","Relation":"Code of Virginia"},"html":"\n\t\t\t\t\t\t<section><p>As used in this chapter, unless the context requires a different meaning:\n\t\t&#8220;<span class=\"dictionary\">Attribute provider<\/span>&#8221; means an entity, or a supplier, employee, or agent thereof, that acts as the authoritative record of identifying information about an <span class=\"dictionary\">identity credential holder<\/span>.\n\t\t&#8220;<span class=\"dictionary\">Commonwealth identity management standards<\/span>&#8221; means the minimum specifications and standards that must be included in an <span class=\"dictionary\">identity trust framework<\/span> so as to define liability pursuant to this chapter that are set forth in guidance documents approved by the Secretary of Administration pursuant to Chapter 4.3 (\u00a7&nbsp;<a class=\"law\" title=\"Approval of electronic identity standards\" href=\"\/2.2-436\/\">2.2-436<\/a> et seq.) of Title 2.2.\n\t\t&#8220;<span class=\"dictionary\">Federated digital identity system<\/span>&#8221; or &#8220;federation&#8221; means a digital identity system that (i) utilizes <span class=\"dictionary\">federated identity management<\/span> to enable the portability of identity information across otherwise autonomous security domains; (ii) is compliant with the Commonwealth&#8217;s identity management standards and with the provisions of the governing <span class=\"dictionary\">identity trust framework<\/span>; (iii) has established identity, security, privacy, technology, and enforcement rules and policies adhered to by certified <span class=\"dictionary\">identity providers<\/span> that are members of the <span class=\"dictionary\">federated digital identity system<\/span>; (iv) includes as members <span class=\"dictionary\">federation administrators<\/span>, <span class=\"dictionary\">federation operators<\/span>, <span class=\"dictionary\"><span class=\"dictionary\">identity trust framework<\/span> operators<\/span>, and <span class=\"dictionary\">identity providers<\/span>; and (v) allows, but does not require, relying parties to be members of the <span class=\"dictionary\">federated digital identity system<\/span> in <span class=\"dictionary\">order<\/span> to accept an identity credential issued by a certified <span class=\"dictionary\">identity provider<\/span> to verify an <span class=\"dictionary\">identity credential holder<\/span>&#8217;s identity.\n\t\t&#8220;<span class=\"dictionary\">Federated identity management<\/span>&#8221; means a process that allows the conveyance of <span class=\"dictionary\">identity credentials<\/span> and authentication information across digital identity systems through the use of a common set of policies, practices, and protocols for managing the identity of users and devices across security domains.\n\t\t&#8220;<span class=\"dictionary\">Federation administrator<\/span>&#8221; means a person or entity that certifies compliance with the Commonwealth&#8217;s identity management standards by either a <span class=\"dictionary\">federation operator<\/span> or an <span class=\"dictionary\"><span class=\"dictionary\">identity trust framework<\/span> operator<\/span> at the time of issuance of <span class=\"dictionary\">identity credentials<\/span>, identity and entitlement attributes, or <span class=\"dictionary\">trustmarks<\/span>.\n\t\t&#8220;<span class=\"dictionary\">Federation operator<\/span>&#8221; means the entity that (i) defines rule and policies for member parties to a federation; (ii) certifies identity and entitlement <span class=\"dictionary\">attribute providers<\/span> to be members of and <span class=\"dictionary\">issue<\/span> <span class=\"dictionary\">identity credentials<\/span> pursuant to the federation; and (iii) evaluates participation in the federation to ensure compliance by members of the federation with its rules and policies, including the ability to request audits of participants for verification of compliance.\n\t\t&#8220;<span class=\"dictionary\">Identity attribute<\/span>&#8221; means identifying information associated with an <span class=\"dictionary\">identity credential holder<\/span>.\n\t\t&#8220;Identity credential&#8221; means the data, or the physical <span class=\"dictionary\">object<\/span> upon which the data may reside, that an <span class=\"dictionary\">identity credential holder<\/span> may present to verify or authenticate his identity in a digital or online transaction.\n\t\t&#8220;<span class=\"dictionary\">Identity credential holder<\/span>&#8221; means a person bound to or in <span class=\"dictionary\">possession<\/span> of an identity credential who has agreed to the terms and conditions of the <span class=\"dictionary\">identity provider<\/span>.\n\t\t&#8220;<span class=\"dictionary\">Identity proofer<\/span>&#8221; means a person or entity authorized to act as a representative of an <span class=\"dictionary\">identity provider<\/span> in the confirmation of a potential <span class=\"dictionary\">identity credential holder<\/span>&#8217;s identification and <span class=\"dictionary\">identity attributes<\/span> prior to issuing an identity credential to a person.\n\t\t&#8220;<span class=\"dictionary\">Identity provider<\/span>&#8221; means an entity, or a supplier, employee, or agent thereof, certified by an <span class=\"dictionary\"><span class=\"dictionary\">identity trust framework<\/span> operator<\/span> to provide <span class=\"dictionary\">identity credentials<\/span> that may be used by an <span class=\"dictionary\">identity credential holder<\/span> to assert his identity, or any related attributes, in a digital or online transaction. For purposes of this chapter, &#8220;<span class=\"dictionary\">identity provider<\/span>&#8221; includes an <span class=\"dictionary\">attribute provider<\/span>, an <span class=\"dictionary\">identity proofer<\/span>, and any suppliers, employees, or agents thereof.\n\t\t&#8220;<span class=\"dictionary\">Identity trust framework<\/span>&#8221; means a digital identity system with established identity, security, privacy, technology, and enforcement rules and policies adhered to by certified <span class=\"dictionary\">identity providers<\/span> that are members of the <span class=\"dictionary\">identity trust framework<\/span>. Members of an <span class=\"dictionary\">identity trust framework<\/span> include <span class=\"dictionary\"><span class=\"dictionary\">identity trust framework<\/span> operators<\/span> and <span class=\"dictionary\">identity providers<\/span>. Relying parties may be, but are not required to be, a member of an <span class=\"dictionary\">identity trust framework<\/span> in <span class=\"dictionary\">order<\/span> to accept an identity credential issued by a certified <span class=\"dictionary\">identity provider<\/span> to verify an <span class=\"dictionary\">identity credential holder<\/span>&#8217;s identity.\n\t\t&#8220;<span class=\"dictionary\"><span class=\"dictionary\">Identity trust framework<\/span> operator<\/span>&#8221; means the entity that (i) defines rules and policies for member parties to an <span class=\"dictionary\">identity trust framework<\/span>, (ii) certifies <span class=\"dictionary\">identity providers<\/span> to be members of and <span class=\"dictionary\">issue<\/span> <span class=\"dictionary\">identity credentials<\/span> pursuant to the <span class=\"dictionary\">identity trust framework<\/span>, and (iii) evaluates participation in the <span class=\"dictionary\">identity trust framework<\/span> to ensure compliance by members of the <span class=\"dictionary\">identity trust framework<\/span> with its rules and policies, including the ability to request audits of participants for verification of compliance.\n\t\t&#8220;Relying <span class=\"dictionary\">party<\/span>&#8221; is an individual or entity that relies on the validity of an identity credential or an associated <span class=\"dictionary\">trustmark<\/span>.\n\t\t&#8220;<span class=\"dictionary\">Trustmark<\/span>&#8221; means a machine-readable official seal, authentication feature, certification, license, or logo that may be provided by an <span class=\"dictionary\"><span class=\"dictionary\">identity trust framework<\/span> operator<\/span> to certified <span class=\"dictionary\">identity providers<\/span> within its <span class=\"dictionary\">identity trust framework<\/span> or federation to signify that the <span class=\"dictionary\">identity provider<\/span> complies with the written rules and policies of the <span class=\"dictionary\">identity trust framework<\/span> or federation.<\/p><\/section>","plain_text":"                                 CODE OF VIRGINIA\n\nDEFINITIONS (\u00a7 59.1-550)\n\nAs used in this chapter, unless the context requires a different meaning:\n\t\t&#8220;Attribute provider&#8221; means an entity, or a supplier, employee, or\nagent thereof, that acts as the authoritative record of identifying information\nabout an identity credential holder.\n\t\t&#8220;Commonwealth identity management standards&#8221; means the minimum\nspecifications and standards that must be included in an identity trust\nframework so as to define liability pursuant to this chapter that are set forth\nin guidance documents approved by the Secretary of Administration pursuant to\nChapter 4.3 (\u00a7 2.2-436 et seq.) of Title 2.2.\n\t\t&#8220;Federated digital identity system&#8221; or &#8220;federation&#8221;\nmeans a digital identity system that (i) utilizes federated identity management\nto enable the portability of identity information across otherwise autonomous\nsecurity domains; (ii) is compliant with the Commonwealth&#8217;s identity\nmanagement standards and with the provisions of the governing identity trust\nframework; (iii) has established identity, security, privacy, technology, and\nenforcement rules and policies adhered to by certified identity providers that\nare members of the federated digital identity system; (iv) includes as members\nfederation administrators, federation operators, identity trust framework\noperators, and identity providers; and (v) allows, but does not require, relying\nparties to be members of the federated digital identity system in order to\naccept an identity credential issued by a certified identity provider to verify\nan identity credential holder&#8217;s identity.\n\t\t&#8220;Federated identity management&#8221; means a process that allows the\nconveyance of identity credentials and authentication information across digital\nidentity systems through the use of a common set of policies, practices, and\nprotocols for managing the identity of users and devices across security\ndomains.\n\t\t&#8220;Federation administrator&#8221; means a person or entity that certifies\ncompliance with the Commonwealth&#8217;s identity management standards by either\na federation operator or an identity trust framework operator at the time of\nissuance of identity credentials, identity and entitlement attributes, or\ntrustmarks.\n\t\t&#8220;Federation operator&#8221; means the entity that (i) defines rule and\npolicies for member parties to a federation; (ii) certifies identity and\nentitlement attribute providers to be members of and issue identity credentials\npursuant to the federation; and (iii) evaluates participation in the federation\nto ensure compliance by members of the federation with its rules and policies,\nincluding the ability to request audits of participants for verification of\ncompliance.\n\t\t&#8220;Identity attribute&#8221; means identifying information associated with\nan identity credential holder.\n\t\t&#8220;Identity credential&#8221; means the data, or the physical object upon\nwhich the data may reside, that an identity credential holder may present to\nverify or authenticate his identity in a digital or online transaction.\n\t\t&#8220;Identity credential holder&#8221; means a person bound to or in\npossession of an identity credential who has agreed to the terms and conditions\nof the identity provider.\n\t\t&#8220;Identity proofer&#8221; means a person or entity authorized to act as a\nrepresentative of an identity provider in the confirmation of a potential\nidentity credential holder&#8217;s identification and identity attributes prior\nto issuing an identity credential to a person.\n\t\t&#8220;Identity provider&#8221; means an entity, or a supplier, employee, or\nagent thereof, certified by an identity trust framework operator to provide\nidentity credentials that may be used by an identity credential holder to assert\nhis identity, or any related attributes, in a digital or online transaction. For\npurposes of this chapter, &#8220;identity provider&#8221; includes an attribute\nprovider, an identity proofer, and any suppliers, employees, or agents thereof.\n\t\t&#8220;Identity trust framework&#8221; means a digital identity system with\nestablished identity, security, privacy, technology, and enforcement rules and\npolicies adhered to by certified identity providers that are members of the\nidentity trust framework. Members of an identity trust framework include\nidentity trust framework operators and identity providers. Relying parties may\nbe, but are not required to be, a member of an identity trust framework in order\nto accept an identity credential issued by a certified identity provider to\nverify an identity credential holder&#8217;s identity.\n\t\t&#8220;Identity trust framework operator&#8221; means the entity that (i)\ndefines rules and policies for member parties to an identity trust framework,\n(ii) certifies identity providers to be members of and issue identity\ncredentials pursuant to the identity trust framework, and (iii) evaluates\nparticipation in the identity trust framework to ensure compliance by members of\nthe identity trust framework with its rules and policies, including the ability\nto request audits of participants for verification of compliance.\n\t\t&#8220;Relying party&#8221; is an individual or entity that relies on the\nvalidity of an identity credential or an associated trustmark.\n\t\t&#8220;Trustmark&#8221; means a machine-readable official seal, authentication\nfeature, certification, license, or logo that may be provided by an identity\ntrust framework operator to certified identity providers within its identity\ntrust framework or federation to signify that the identity provider complies\nwith the written rules and policies of the identity trust framework or\nfederation.\n\nHISTORY: 2015, cc. 482, 483; 2020, cc. 736, 738.","edition":{"id":1,"name":"2025","slug":"2025","date_created":"2026-06-21 22:39:22","date_modified":"2026-06-21 22:39:22","current":1,"order_by":1,"last_import":null}}