<?xml version="1.0"?>
<law><site_title>Virginia Decoded</site_title><site_url>https://vacode.org</site_url><law_id>80291</law_id><section_number>59.1-550</section_number><catch_line>Definitions</catch_line><edition url="https://vacode.org/2025/" slug="2025" current="TRUE" last_updated="">2025</edition><referred_to_by><reference>2.2-436</reference></referred_to_by><structure><unit label="title" level="1" order_by="1" identifier="59.1">Trade and Commerce</unit><unit label="chapter" level="2" order_by="1" identifier="50">Electronic Identity Management Act</unit></structure><text>
						<section><p>As used in this chapter, unless the context requires a different meaning:
		&#x201C;<span class="dictionary">Attribute provider</span>&#x201D; means an entity, or a supplier, employee, or agent thereof, that acts as the authoritative record of identifying information about an <span class="dictionary">identity credential holder</span>.
		&#x201C;<span class="dictionary">Commonwealth identity management standards</span>&#x201D; means the minimum specifications and standards that must be included in an <span class="dictionary">identity trust framework</span> so as to define liability pursuant to this chapter that are set forth in guidance documents approved by the Secretary of Administration pursuant to Chapter 4.3 (&#xA7;&#xA0;<a class="law" title="Approval of electronic identity standards" href="/2.2-436/">2.2-436</a> et seq.) of Title 2.2.
		&#x201C;<span class="dictionary">Federated digital identity system</span>&#x201D; or &#x201C;federation&#x201D; means a digital identity system that (i) utilizes <span class="dictionary">federated identity management</span> to enable the portability of identity information across otherwise autonomous security domains; (ii) is compliant with the Commonwealth&#x2019;s identity management standards and with the provisions of the governing <span class="dictionary">identity trust framework</span>; (iii) has established identity, security, privacy, technology, and enforcement rules and policies adhered to by certified <span class="dictionary">identity providers</span> that are members of the <span class="dictionary">federated digital identity system</span>; (iv) includes as members <span class="dictionary">federation administrators</span>, <span class="dictionary">federation operators</span>, <span class="dictionary"><span class="dictionary">identity trust framework</span> operators</span>, and <span class="dictionary">identity providers</span>; and (v) allows, but does not require, relying parties to be members of the <span class="dictionary">federated digital identity system</span> in <span class="dictionary">order</span> to accept an identity credential issued by a certified <span class="dictionary">identity provider</span> to verify an <span class="dictionary">identity credential holder</span>&#x2019;s identity.
		&#x201C;<span class="dictionary">Federated identity management</span>&#x201D; means a process that allows the conveyance of <span class="dictionary">identity credentials</span> and authentication information across digital identity systems through the use of a common set of policies, practices, and protocols for managing the identity of users and devices across security domains.
		&#x201C;<span class="dictionary">Federation administrator</span>&#x201D; means a person or entity that certifies compliance with the Commonwealth&#x2019;s identity management standards by either a <span class="dictionary">federation operator</span> or an <span class="dictionary"><span class="dictionary">identity trust framework</span> operator</span> at the time of issuance of <span class="dictionary">identity credentials</span>, identity and entitlement attributes, or <span class="dictionary">trustmarks</span>.
		&#x201C;<span class="dictionary">Federation operator</span>&#x201D; means the entity that (i) defines rule and policies for member parties to a federation; (ii) certifies identity and entitlement <span class="dictionary">attribute providers</span> to be members of and <span class="dictionary">issue</span> <span class="dictionary">identity credentials</span> pursuant to the federation; and (iii) evaluates participation in the federation to ensure compliance by members of the federation with its rules and policies, including the ability to request audits of participants for verification of compliance.
		&#x201C;<span class="dictionary">Identity attribute</span>&#x201D; means identifying information associated with an <span class="dictionary">identity credential holder</span>.
		&#x201C;Identity credential&#x201D; means the data, or the physical <span class="dictionary">object</span> upon which the data may reside, that an <span class="dictionary">identity credential holder</span> may present to verify or authenticate his identity in a digital or online transaction.
		&#x201C;<span class="dictionary">Identity credential holder</span>&#x201D; means a person bound to or in <span class="dictionary">possession</span> of an identity credential who has agreed to the terms and conditions of the <span class="dictionary">identity provider</span>.
		&#x201C;<span class="dictionary">Identity proofer</span>&#x201D; means a person or entity authorized to act as a representative of an <span class="dictionary">identity provider</span> in the confirmation of a potential <span class="dictionary">identity credential holder</span>&#x2019;s identification and <span class="dictionary">identity attributes</span> prior to issuing an identity credential to a person.
		&#x201C;<span class="dictionary">Identity provider</span>&#x201D; means an entity, or a supplier, employee, or agent thereof, certified by an <span class="dictionary"><span class="dictionary">identity trust framework</span> operator</span> to provide <span class="dictionary">identity credentials</span> that may be used by an <span class="dictionary">identity credential holder</span> to assert his identity, or any related attributes, in a digital or online transaction. For purposes of this chapter, &#x201C;<span class="dictionary">identity provider</span>&#x201D; includes an <span class="dictionary">attribute provider</span>, an <span class="dictionary">identity proofer</span>, and any suppliers, employees, or agents thereof.
		&#x201C;<span class="dictionary">Identity trust framework</span>&#x201D; means a digital identity system with established identity, security, privacy, technology, and enforcement rules and policies adhered to by certified <span class="dictionary">identity providers</span> that are members of the <span class="dictionary">identity trust framework</span>. Members of an <span class="dictionary">identity trust framework</span> include <span class="dictionary"><span class="dictionary">identity trust framework</span> operators</span> and <span class="dictionary">identity providers</span>. Relying parties may be, but are not required to be, a member of an <span class="dictionary">identity trust framework</span> in <span class="dictionary">order</span> to accept an identity credential issued by a certified <span class="dictionary">identity provider</span> to verify an <span class="dictionary">identity credential holder</span>&#x2019;s identity.
		&#x201C;<span class="dictionary"><span class="dictionary">Identity trust framework</span> operator</span>&#x201D; means the entity that (i) defines rules and policies for member parties to an <span class="dictionary">identity trust framework</span>, (ii) certifies <span class="dictionary">identity providers</span> to be members of and <span class="dictionary">issue</span> <span class="dictionary">identity credentials</span> pursuant to the <span class="dictionary">identity trust framework</span>, and (iii) evaluates participation in the <span class="dictionary">identity trust framework</span> to ensure compliance by members of the <span class="dictionary">identity trust framework</span> with its rules and policies, including the ability to request audits of participants for verification of compliance.
		&#x201C;Relying <span class="dictionary">party</span>&#x201D; is an individual or entity that relies on the validity of an identity credential or an associated <span class="dictionary">trustmark</span>.
		&#x201C;<span class="dictionary">Trustmark</span>&#x201D; means a machine-readable official seal, authentication feature, certification, license, or logo that may be provided by an <span class="dictionary"><span class="dictionary">identity trust framework</span> operator</span> to certified <span class="dictionary">identity providers</span> within its <span class="dictionary">identity trust framework</span> or federation to signify that the <span class="dictionary">identity provider</span> complies with the written rules and policies of the <span class="dictionary">identity trust framework</span> or federation.</p></section></text><history>2015, cc. 482, 483; 2020, cc. 736, 738.</history><metadata></metadata></law>
