E-Authentication looking for new service providers
- By Jason Miller
- Sep 06, 2006
The General Services Administration is looking for ways to give the federal E-Authentication e-government project a boost by bringing in more credential providers.
In a request for information
issued yesterday, GSA is asking commercial and public-sector providers to provide information on how they could support public access to online government services. GSA said there currently are six public and private-sector providers issuing at least two of the four levels of identity credentials.
Additionally, 14 agencies have at least one application using the E-Authentication federation. GSA said it expects the number of online services using credentials to increase to more than 450 by fiscal 2011.
GSA had planned on issuing the RFI in August.
GSA said in the RFI that it wants information on how entities would provide Level 1 and Level 2 credentials, which include a user identification and personal identification number that provide little or no confidence of the person's identity and some confidence of the user's identity, which would include a username and password.
The functional requirements GSA said it is looking for includes:
- Capability to issue credentials to the public in a way that meets National Institute of Standards and Technology special publication 800-63.
- Compliance with the requirements specified in the password credential assessment profile 2.0
- Capability to provide online registration and credential maintenance
- Capability to provide customer support services, including 24x7 help desk services
- Capability to complete registration and issue credentials in a single online session
- Capability to provide a scalable architecture to support the interface to additional online services as they join the federation
- Capability to provide technical interface with the E-Authentication technical architecture
- Capability to meet the requirements to become a member of the E-Authentication Federation
- Capability to provide physical and logical security for services provided and for protection of personal information.
Responses to the RFI are due Oct. 2.