The Chief Information Officer’s Council is giving industry and others non-feds some guidance for issuing secure identification cards that are compliant with federal requirements.
The document provides a minimum set of requirements for federal agencies to trust secure ID cards issued by industry, state and local governments and non-governmental organizations.
Several organizations have been trying to match the federal requirements under Homeland Security Presidential Directive 12.
State and local governments have issued First Responders Authentication Cards (FRAC), and many of the largest federal contractors have signed up for the Federation for Identity and Cross-Credentialing Systems (FIXs).
The document details four specific areas to make sure non-federal cards could be trusted and interoperate with federal cards:
Common terminology for ID cards;
Technical requirements for the cards to interact with federal systems;
Identifier namespace, which ensures that the card is unique;
Trusted identity process to verify and authenticate the card holder;
The council says trust of non-federally issued ID cards is not mandated.
Instead, each agency can decide for itself what, if any, cards to trust, and if so, for what purposes.