The anticipated business boom in government identity management systems is taking longer to arrive than some had expected. Sustained growth in spending on biometrics, identity management systems, and identification cards and readers is seemingly just around the corner — but the greatest bursts of activity have not yet occurred.
“The agencies and Congress are trying to push these programs full speed ahead, but there have been a few bumps in the road,” said Jeremy Grant, senior vice president of Stanford Group Co.’s investment research.
“Things have been moving in stages,” said Scott Price, vice president of homeland security and civilian solutions at General Dynamics Corp. “First, people asked, ‘Do we need this?’ And then — until the ID card programs had teeth — no one cared, and there was evangelizing going on. Now we are getting the cards out.”
Several powerful forces have been converging in recent months to nurture public-sector identity management programs and push them to maturity such as:
- Urgent need for physical and cybersecurity since the Sept. 11, 2001, terrorist attacks.
- Serious interest in authenticating identities and protecting against identity theft.
- Technology advancements in biometrics, radio frequency identi- fication and smart cards.
- Development of Federal Information Processing Standard 201 and other standards.
- Major investments in identity solutions by large systems integrators including Lockheed Martin Corp., General Dynamics Corp., Northrop Grumman Corp., EDS Corp., Maximus Inc., BearingPoint Co. and Unisys Corp.
FOLLOW THE MONEY
Spending on the 10 largest U.S.
government identity solutions programs
is projected to total $7.7 billion
from 2007 to 2011, according
to a January report from Stanford
Group. Accelerated growth is projected
for 2007, 2008 and 2009,
with spending peaking in 2009
and flattening in 2010 and 2011.
An additional $14 billion in international
government ID card programs
and $250 million in statesponsored
identity solutions is
forecast during the period.
Although the Defense Department took an early lead in issuing millions of Common Access Cards in the past several years, new ID solutions are moving aggressively out of the gate, including the State Department’s e-Passport and the Transportation Security Administration’s Registered Traveler ID cards for frequent airline travelers. The intelligence community and the FBI also have projects in the works. Last month, Arlington County and the city of Alexandria in Virginia issued prototypes of the First Responder Authentication Credential to police, fire and emergency medical personnel.
“Growth is being driven by a number of programs that have been in the works for years — but to date gone nowhere — and will finally take off in 2007,” Grant wrote in the Stanford Group report. Systems integrators will take a lead role in implementing the ID card projects, and industry consolidation and pressure to reduce prices will continue as a large number of companies vie for a finite number of programs.
The largest program, deployment of government employee ID cards under Homeland Security Presidential Directive 12, achieved milestones in late 2006 but has since slowed in momentum, in part because of a lack of interoperability among vendors’ cards. But industry executives are optimistic that those issues will be resolved.
“We believe there is tremendous potential in the HSPD-12 market,” said Jon Rambeau, director of credentialing systems at Lockheed Martin. “FIPS-201 is a phenomenal standard, and that is driving down the price.”
A BUMPY RIDE
Even so, Grant and others said
that several major programs —
while moving forward in recent
months — have experienced significant delays because of technical
glitches and policy and funding
impasses, and they have not yet
begun accelerated growth. For
example, the Real ID Act of
2005, which will standardize
state driver’s license programs,
has faced numerous objections
from state governments over
its costs and possible impact
on privacy. On March 2,
Congress delayed by 20
months the states’ required
implementation of the law,
until the end of 2009.
Other rumblings: The U.S. Visitor and Immigrant Status Indicator Technology initiative stumbled in creating a program to identify visitors as they exit the country, and rollout of the Transportation Worker Identification Credential has lagged because of uncertainties about encrypting the data and changes in specifications for the card readers. Harbor operators balked because they did not want to manage complex encryption keys, and they insisted on a contactless reader.
“The problems have not been solved yet, but in my opinion, they will be able to encrypt the data,” said Walter Hamilton, chairman of the International Biometric Industry Association.
Meanwhile, Lockheed Martin, which won the TWIC enrollment and card-issuing contract in January, is working with the maritime industry and TSA to ensure compatibility once the reader design is made final.
The People Access Security Services border-crossing card experienced a setback after Homeland Security Secretary Michael Chertoff revealed that the long-distance RFID chip failed to perform adequately in field tests on a similar ID document. Industry sources said the failures are likely because of faulty placement of the readers rather than the chip technology.
“The technical solution in the PASS card is still lagging behind the need,” Price said.
PROTECTING PRIVACY
Also affecting momentum is
the new, Democratic
Congress, which is increasing
oversight on federal contracting at the same time it is scrutinizing
the Iraq War budget.
And privacy advocates are
opposed to huge expansions in
biometric cards and centralized
databases because they
open the door to invasive government
snooping. Jim
Harper, director of information
policy studies at the Cato
Institute, said a government-controlled
ID system will
threaten privacy and civil liberties.
For example, DHS regulations
for the Real ID Act
lay the groundwork for racial
tracking, Harper said.
“The bar code system standard that DHS calls for in the regulation includes machine readable information about race and ethnicity. This is deeply concerning and unwise,” Harper told a congressional committee on March 26.
Nonetheless, industry executives are optimistic that identity management technology offers substantial benefits in protecting and verifying identities, and that privacy concerns can be resolved. Niche opportunities also abound in selling networking services, middleware, public-key infrastructures and federated identity management services.
For example, there are opportunities in providing the middleware for HSPD-12 solutions and in upgrading the backbone networks to combine physical and cybersecurity, said Greg Gardner, vice president of government and homeland security solutions at Oracle Corp.
The challenge is that the cybercomponents typically are run by the chief information officer while the physical access systems are run by building security directors, and there is little integration between them, he said.
Another area of growth is in federated identity management, in which infrastructures are created so a single ID card can be used at different agencies. This usually requires linking the networks.
“What really resonates is that the federated capability is simple and easy to implement,” Gardner said. “The other parts of HSPD-12 are harder to implement.”
Despite the challenges, identity management continues to be a burgeoning field.
“A year ago, people were scrambling. There was no real funding and a lot of churn in these programs,” said Ivan Hurtt, director of federal solutions at Novell Inc. “Now people are rolling out the enrollment and beginning deployment of the cards. People really see the value of it.”
Staff Writer Alice Lipowicz can be reached at alipowicz@1105govinfo. com.
