DOD expanding biometrics rules

Common Criteria home page

The Pentagon is considering a new policy that would require biometrics products — whether used for physical security or cybersecurity — to be evaluated

using the Common Criteria Scheme.

When acquiring information assurance products, the Defense Department

is required to give preference to products evaluated under the international

Common Criteria Evaluation and Validation Scheme.

Under the Common Criteria Scheme, products are tested by commercial

laboratories accredited by the National Information Assurance Partnership.

The process allows technologies certified in one country to be automatically

approved for government purchase in any of the 13 participating countries.

Even if used for physical security, biometrics products have information

assurance element and should therefore be subjected to thorough evaluation

prior to DOD purchase, said Phillip Loranger, who leads the office of the

Army's director for biometric technology integration and insertion.

The policy was drafted by Loranger's office and delivered Tuesday evening

to the Army chief information officer, after which it is destined for the

desk of Art Money, the Pentagon CIO.

The Army acts as the lead agency in DOD for biometrics systems. Loranger

said the document has been approved by the other services and that he foresees

no hurdles to final approval.


  • innovation (Sergey Nivens/

    VA embraces procurement challenges at scale

    Steve Kelman applauds the Department of Veterans Affairs' ambitious attempt to move beyond one-off prize-based contests to combat veteran suicides more effectively.

  • big data AI health data

    Where did the ideas for shutdowns and social distancing come from?

    Steve Kelman offers another story about hero civil servants (and a good president).

Stay Connected


Sign up for our newsletter.

I agree to this site's Privacy Policy.