Changing with the times

More than three years after the General Services Administration awarded its smart card contract, the agency is maneuvering to boost the popularity of that contract among agencies by creating a standard set of federal credentials to support interoperability while also examining the possibility of opening the procurement vehicle to more contractors.

GSA's Smart Access Common ID contract has attacted significant attention from agencies — especially for physical access applications — since the terrorist attacks of Sept. 11, 2001, but the contract still needs some tweaking to fully capitalize on this newfound interest, according to industry observers.

The indefinite-delivery, indefinite-quantity contract is now at a critical turning point. Agencies need a set of standardized identity requirements to ensure cross-agency interoperability. In addition, officials are clamoring for more advanced technologies, such as contactless cards and biometric tools, as they work to secure buildings and computer systems.

"This contract is really just starting to take off right now," said Jeremy Grant, director of strategy and business development for Maximus, one of four vendors on the contract. "A lot of the business case before Sept. 11 was in terms of efficiency of government. Once Sept. 11 happened, the brand-new focus was on security. There was not a lot of interest in biometrics before Sept. 11. We're now seeing a much greater integration of biometrics."

To date, buying on the contract has flowed from three main sources: commodity card buys from the Defense Department, a handful of DOD demonstration projects that are testing the use of biometrics on the cards, and competitive task orders from various agencies, Grant said.

For example, Maximus has won task orders from the Department of Veterans Affairs for its next-generation ID card, the Treasury Department for physical and logical access, GSA's New York office for physical access with biometrics, GSA's headquarters for physical access and the Transportation Security Administration's new pilot project for employee credentialing.

The VA Express Card program was designed to provide veterans with a portable data carrier so that health information could be transferred into an internationally readable format at any facility that a veteran enters for care, Grant said. For the Navy, Maximus is developing a card that functions like a debit card for financial transactions on a "cashless ship."

New OMB Push

For its part, GSA is working with the Office of Management and Budget to come up with a common set of information to identify individual federal employees that could be incorporated into an identity credential. The policy would not mandate what individual agencies' cards should support, but would call for a basic means of identifying and authenticating cardholders that could work across agencies.

"Once this happens and a policy is established, I can see a more widespread use of the contract," said Mickey Femino, director of GSA's Center for Innovative Business Solutions. "Our intent going back to 1996 was to have one interoperability [specification] to allow all federal employees to be recognized and authenticated and verified as federal employees. It would allow us to have one card that could be recognized by all federal employees, and we could standardize some of the basic features on it. Until a spec and policy are out, agencies still may go in many different directions."

This type of policy — combined with OMB's enterprise architecture blueprint — may help eliminate some of the "fits and starts" that have plagued other government smart card efforts such as GSA's, said Ray Bjorklund, vice president of market intelligence and chief knowledge officer for Federal Sources Inc.

"When an agency like OMB has established an enterprise architecture, there are many different layers...that should provide the real framework for these many disparate smart card programs," he said.

Seamless interoperability between smart card programs could facilitate the governmentwide information sharing that has become crucial in the post-Sept. 11 world, he added.

"The agencies that are using smart card technology are implementing them more as unique tools for their own agencies rather than talking about the total government need for sharing information," Bjorklund said. "There is some duplication right now. You can't share information if you have multiple log-in requirements and Joe has one kind of card and Sally has another kind of card."

Open to New Ideas

GSA officials also are considering an "open season" for the smart card contract, which would give more vendors a chance to join the market, Femino said. Some industry observers say this market is ripe for additional players that can offer new technologies.

Widening the field might also boost the popularity of the contract among agencies. Some are forging ahead with their smart card projects, because the smart card technology — and their in-house expertise in deploying it — have matured, said Greg Dicks, vice president of global solutions for ActivCard, a subcontractor on the GSA contract.

"Not everybody is using the GSA contract," Dicks said. "They might say, 'I have enough expertise in [information technology] and have supportive contractors so that I don't need the tech services from GSA. We can do this.' They are doing their own integration."

In addition, ActivCard is working through Maximus to supply applet technology to Treasury to enable its card to be used for secure sign-on with biometrics. Applets are small pieces of code that smart cards use to manage data and flow information between applications and the card.

Treasury employees use "the same card to get into the building and to get into the network," Dicks said. "That's the next step in sophistication in use of smart cards."

ActivCard attributes much of its success in the smart card middleware market to its ability to automatically send its software to a network server to automatically load onto users' computers.

As the contract moves forward, vendors most likely will add components such as contactless readers for physical access and biometrics-compatible technology, said Randy Vanderhoof, executive director of the nonprofit Smart Card Alliance Inc.

"As the government is starting to look at additional, expanded functionality on the smart card, you are likely to see other services, software and middleware be added," he said.

Havenstein is a freelance writer based in Cary, N.C.

***

At a glance

GSA's Smart Access Common ID contract

The contract was awarded in May 2000.

Vendors are EDS, BearingPoint Inc., Maximus and Northrop Grumman Corp.

The indefinite-delivery, indefinite- quantity contract is designed to provide agencies with common, interoperable, multiapplication smart card systems for identification, physical access, biometrics and cryptography.

Task orders are competed among the vendors to keep competition high and prices low.

Technologies available under the contract include integrated circuit chips, bar codes and magnetic strips. Multiapplication technologies allow agencies to maintain existing systems while deploying smart card technologies.

The contract supports applications such as property control, "electronic purse" transactions, electronic forms, medical information and financial applications.

The Fed 100

Save the date for 28th annual Federal 100 Awards Gala.

Featured

  • computer network

    How Einstein changes the way government does business

    The Department of Commerce is revising its confidentiality agreement for statistical data survey respondents to reflect the fact that the Department of Homeland Security could see some of that data if it is captured by the Einstein system.

  • Defense Secretary Jim Mattis. Army photo by Monica King. Jan. 26, 2017.

    Mattis mulls consolidation in IT, cyber

    In a Feb. 17 memo, Defense Secretary Jim Mattis told senior leadership to establish teams to look for duplication across the armed services in business operations, including in IT and cybersecurity.

  • Image from Shutterstock.com

    DHS vague on rules for election aid, say states

    State election officials had more questions than answers after a Department of Homeland Security presentation on the designation of election systems as critical U.S. infrastructure.

  • Org Chart Stock Art - Shutterstock

    How the hiring freeze targets millennials

    The government desperately needs younger talent to replace an aging workforce, and experts say that a freeze on hiring doesn't help.

  • Shutterstock image: healthcare digital interface.

    VA moves ahead with homegrown scheduling IT

    The Department of Veterans Affairs will test an internally developed scheduling module at primary care sites nationwide to see if it's ready to service the entire agency.

  • Shutterstock images (honglouwawa & 0beron): Bitcoin image overlay replaced with a dollar sign on a hardware circuit.

    MGT Act poised for a comeback

    After missing in the last Congress, drafters of a bill to encourage cloud adoption are looking for a new plan.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group