Feds look for more smart card memory

FedBizOpps Sources Sought Notice for Smart Card Technology

The federal government’s new standard for smart card identity credentials is looking more like a moving target than a fixed one as some agencies bump up against the standard’s 64K of data storage capacity.

A notice to smart card vendors appeared on the General Services Administration’s FedBizOpps Web site July 26 asking about the availability of 128K smart cards that could meet the government’s new standard, known as Federal Information Processing Standard (FIPS) 201.

The card’s mandatory elements, which include cryptographic software, a digital certificate, two biometric fingerprints and a digital photo, will use almost the entire 64K of memory, according to the notice. Some federal agencies plan to put additional elements on the cards — more than one digital certificate, for example — which will cause them to approach the card’s full storage capacity.

The cards were designed to be used as personal identity cards to control employees’ and contractors’ access to federal buildings and information systems. Office of Management and Budget officials have encouraged agencies to think of additional uses for the FIPS 201 cards besides their primary use.

As the lead agency for procuring FIPS 201-compliant smart cards, GSA has posed many questions for smart card vendors. Answers to those questions most likely will affect specifications for cards the government buys when it requests proposals for FIPS 201-standard smart cards.

Because the FIPS 201 cards are mandatory, the government expects to buy them in large quantities — as many as 150,000 cards per month for the next two to three years, according to the notice.

GSA officials are especially interested in information about differences in the availability, relative cost and performance characteristics of fingerprints based on images and those based on minutiae, or selected data points.

Featured

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.