The Homeland Security Department is buying $100 million worth of services to issue staff at all agencies smartcards with iris and facial recognition capabilities.
Late Friday, DHS opened the bidding process for a decade-long project to upgrade personnel identification cards that are used to access federal buildings and networks. Following the September 2001 terrorist attacks, Homeland Security Presidential Directive–12, or HSPD-12, mandated biometric IDs for employees governmentwide. But many workers, including 82 percent of DHS computer users, flash the credentials at guards, rather than digital readers, largely because the cards’ electronic components haven’t been activated, according to internal audits.
Now, contractors will replace about 161,924 cards in 2013 and 116,172 cards in 2014, according to contracting documents.
“The present Identity Management System was designed in 2008 and has remained basically unchanged since its inception. New more capable methods are now available that must be evaluated and implemented to move the [ID management] process into compliance,” project plans state.
The work includes "the full range of program management support, engineering services, labor, materials, and equipment" to operate the entire credentialing process, from enrolling employees to synching with card readers on facilities and computers, the contracting papers state. The deal is capped at $99.5 million.
The use of iris recognition is expanding governmentwide. In July 2012, the Obama administration announced plans to embed iris images in all employee ID cards. Meanwhile, DHS and the Justice Department are collecting iris snapshots to identify legitimate travelers as well as track criminal offenders.
Companies competing for the Homeland Security smartcard job must "demonstrate the system’s ability to capture facial, fingerprint and iris biometric,” technical specifications state.
The contractor will provide the technology backbone for up to 400 workstations that distribute IDs at sites departmentwide. Wherever possible, the new tools will be incorporated into the department's roughly 405 pre-existing stations. The contract also requires as many as 16,000 "light activation stations" -- PCs connected to a credential management computer program -- that allow workers to independently update ID data and reset passwords.
The new supplier will be responsible for adapting current operations overseen by incumbent contractor XTec to the new arrangement without disrupting credentialing or login systems on buildings and computers. Homeland Security’s goal is to minimize "downtime and cost overruns as well as functional, security and performance impacts,” according to the contracting documents. The technologies in need of transitioning include "back-end infrastructure and interfaces and distributed end user facing systems."
Since clinching the DHS ID management award in 2008, Reston-based XTec has continued to win credentialing contracts from other major departments. In February, the General Services Administration closed a deal with the firm for an unspecified price to issue smartcards for more than 90 agencies that outsource their HSPD-12 credentialing services to GSA, according to XTec.
As of December 2012, most federal employees were carrying biometric IDs but more than 40 percent didn’t use them to log onto agency networks, according to the executive branch’s annual report on adherence to the 2002 Federal Information Security Management Act. Last year, about 57 percent of computer accounts required smartcards to sign in, down from 66 percent in 2011. A decrease in smartcard usage at the Pentagon and significantly less usage at the Agriculture Department drove the decline.