Government releases guidelines for governmentwide smart cards

Government releases guidelines for governmentwide smart cards

The Federal Identity and Credentialing Committee has released guidelines for developing interoperable federal identification systems based on smart cards.

The government has adopted a policy for establishing a common Federal ID Card, which could be used for both physical and logical access control. Individual agencies would issue and manage the cards, but the cards would interoperable across agencies.

'The FIC is to be used as the identity and basic authentication credential ' within the issuing agency,' the guidelines note. 'It will be the basis of identity and basic authentication when visiting other domains within the federal government enterprise.'

The committee is promoting smart cards as the platform of choice for Federal ID Cards as agencies replace existing badge and ID systems.

The Office of Management Budget chartered the committee, which is a consolidation of two other groups: the Federal PKI Steering Committee and the Smart Card Interoperability Advisory Board. Members include federal smart-card managers, PKI managers, human resources managers, physical security managers and officials from the National Institute of Standards and Technology.

Each agency relying on the common card would be responsible for verifying cards issued by other agencies and would establish its own physical and logical access policies.

The guidelines lay out minimum requirements for smart-card credentials:

  • Standard electrically readable format for data

  • Tamper and counterfeit resistance

  • Support for three means of authentication, such as passwords, credentials and biometrics

  • Automated use monitoring for audit trails

  • Digital certificates on each card for identification, encryption and digital signatures

  • Ability to be updated after issuance

  • Certification of applications carried on the cards.

The committee encouraged agencies to design smart-card systems that can support biometrics and comply with standards from the major federal and international standards bodies.

The guidelines also suggest that agencies plan for a functional card life of six years.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected