VA smart cards roll on

Officials at the Department of Veterans Affairs expect to issue up to half a million smart cards in the next five years, according to the Government Accountability Office.

In a report released last week, GAO analysts said the VA is one of nine federal agencies pursuing large-scale, agencywide smart card initiatives. Currently in limited deployment, the VA's initiative involves using, among other technologies, the One-VA identification card to authenticate users and grant them access to information systems essential to accomplishing the agency's business functions.

VA officials estimate that they will spend about about $162 million on the project from now through 2009, which will enable them to issue 500,000 smart cards to employees and contractors.

The initiative has three core components: the One-VA ID card, a public-key infrastructure, and an identity and access management infrastructure that addresses VA users' internal and external access requirements.

According to project documentation, the One-VA ID card will replace the several hundred methods officials now have for issuing ID cards.

Smart cards, which are the shape and size of credit cards, contain a computer chip that can exchange data with other systems and process information. Unlike debit and credit cards, smart cards do not use magnetic strips, which can be deleted or changed. And smart cards incorporate three-factor authentication: A user must present a smart card, enter a password and verify his or her identity with a biometric scan to gain access to networks or buildings.

Newer cards can accommodate up to 64K of data, enabling users to track their itineraries or link to medical records; they can also function as debit cards. Notably, the Washington Metropolitan Area Transit Authority in the Washington, D.C., area issues smart cards that enable riders to pay bus and subway fares. In June, the SmarTrip card became the only method of payment accepted at WMATA-operated parking lots.

Between December 2004 and December 2008, officials at five agencies — NASA, the Defense Department, the Homeland Security Department, the Interior Department and the VA — plan to make a combined purchase of up to 40 million cards through a General Services Administration contract.

One of the largest agencywide efforts is DHS' identification and credentialing project. Officials plan to issue 250,000 cards to employees and contractors as part of a three-factor authentication system.


  • Cybersecurity
    cybersecurity (Rawpixel/

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

  • Comment
    cloud (Phaigraphic/

    A call for visionary investment

    Investing in IT modernization is not an either-or proposition, Rep. Connolly writes. This pandemic has presented Congress a choice: We can put our head in the sand and pretend these failures didn't happen, or we can take action to be prepared for the future.

Stay Connected