Agencies look to bring cohesion to digital identity projects

Several agencies have embarked on digital identity verification projects in recent years, with some looking to now leverage each other’s work.

Several agencies have embarked on digital identity authentication and verification projects in recent years, with some departments looking to leverage each other’s work and bring cohesion to digital identity efforts across government.

The General Services Administration launched Login.gov in 2017 as a secure sign-in service for the public to access government websites and services. It can be used to access USAJobs or apply for federal small business loans, among other services and benefits. GSA received nearly $187 million from the Technology Modernization Fund last year to continue scaling up the use of Login.gov.

As it considers how to expand Login.gov and provide other digital verification services for agencies, GSA is also looking to advance the concept of “strong authoritative attribute verification,” according to Phil Lam, executive director of identity at GSA.

“How can we do that with other agencies such as the [Postal Service], for example, with address, or State Department, perhaps with the passport and maybe even [the Transportation Security Administration] with a known traveler number?” Lam said today during a conference hosted by the Better Identity Coalition, the FIDO Alliance and the ID Theft Resource Center.

“And how do we bring together these different government agencies so that we can do identity verification at the attribute level, direct to the authoritative source?” Lam continued.

The Social Security Administration’s work on the electronic Consent Based Social Security Number Verification service, or eCBSV, could be a model for other agencies, he said. The system allows financial institutions to verify a consumer’s name, date of birth and social security number against SSA’s records.

“It’s groundbreaking for government agencies to allow that,” Lam said. “They do it in a privacy preserving way, where they’re not sending information out. They’re just saying, ‘yes’ or ‘no.’ And that sort of model, I think is a really great model for other agencies.”

The eCBSV service launched last year and has processed nearly 40 million transactions so far, according to Katie Wechsler, executive director of the Consumer First Coalition, which worked with SSA to build and launch the system. The coalition’s members include major banks and credit institutions.

“We’re continuing to work to make it sure that it’s efficient and effective as possible,” Wechsler said. “But I think that the bottom line is I really do think the system could be a model for other government-private sector verification initiatives. Real-time access to reliable and secure government data is key to combating identity theft and fraud.”

Wechsler said she’s encouraging other agencies to reach out to SSA to discuss the agency’s experience with eCBSV. She said she recently directed the Department of Defense to SSA as DoD explores a system to check the duty status of service members.

Meanwhile, the Transportation Security Administration is working with Apple and “other vendors” to allow travelers to use a digital wallet ID at airport checkpoints, according to Jason Lim, branch manager for the screening technology integration program at TSA. He said the agency wants to build “an ecosystem based on open standards by which we can ingest this data.”

TSA will launch a pilot program, starting with iOS devices and then moving to Android devices, by the end of fiscal year 2022 at multiple locations, according to Lim. While the pilot is focused on in-person checkpoints, the work will “inform” how TSA also approaches online ID verification, Lim said.

Congress is also showing some interest in how agencies are approaching digital identities. House lawmakers introduced the Improving Digital Identity Act of 2021 last year. The bill would establish a task force involving numerous federal agencies, as well as state and local government members, to determine how the government can best support digital identity services.

The legislation would also direct the National Institute of Standards and Technology to develop a “digital identity framework” to guide federal, state and local efforts to support identify verification services.

While the bill didn’t see any movement last year, the issue may have some increased urgency behind it this year as the scale of pandemic-related fraud becomes more apparent, according to Tim Weiler, economic policy advisor and legislative counsel to Rep. Bill Foster (D-Ill.), one of the sponsors of the legislation.

“Congress is tough because we move from fire to fire to some extent, especially in the pandemic,” Weiler said. “But we’ve rephrased this, it can be a pandemic issue. A lot of the rollout of stimulus support and the fraud that we saw with that and a lot of problems there could have been alleviated with a digital identity framework.”

GSA’s Lam said agencies will need congressional action to bring a more unified strategy to federal digital identity initiatives.

“It won’t be something we can just kind of do on our own as agencies, but the desire is there,” he said. “We’ve all been here in this space in the U.S. working on this problem, some of us over a decade now. So we’re dedicated. But it does take some time.”

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories

    Beyond passwords: NIST explores new digital identity management

    Read more
    GSA

    Agency evaluation offices reviewing equity in pandemic spending and recovery

    Read more
    (Getty Images/iStockphoto/shironosov)Close-up of hands of a nurse typing on laptop

    Getting equitable access to digital services right

    Read more