Tom Lockwood headshot

Tom Lockwood

Technology Vice Chair

Secure Technology Alliance (NextgenID)


Using Mobile Devices for Identity Assurance Level 2 Enrollment and Proofing (Co-Presented With the Secure Technology Alliance)

Wednesday, May 17th

The need to perform identity proofing (remotely) has greatly increased as a result of COVID-19 and the need to perform enrollment for a federal personal identity verification (PIV) smart card or U.S. Department of Defense common access card (CAC) card. Federal Information Processing Standards (FIPS) 201 specifies that applicants must provide state-issued documents, such as a driver’s license, a government-issued ID or applying for employment, proofing or enrollment would require a person/applicant go to a designated location to perform the process. Federal identity standards are evolving to allow the use of mobile phones to enhance and limit fraud potential for the Identity Assurance Level 1-3 proofing processes and accelerate the convenience and enrollment time for a PIV/CAC/Transportation Worker Identification Credential smart card.

Typically, it takes a 30+-minute meeting at a smart card enrollment center to provide the necessary biometric and biographic information. Now, at the request of an agency, applicants can launch a secure web services mobile application to take a picture of their state-issued driver’s license (front and back) as well as their passport or passport card or other government-issued ID and take a selfie. The photos in these documents are not only compared against themselves and the selfie photo, they can be compared against the state-issued system of record in many cases and/or credit agencies for final validation. This situation made necessary by the COVID-19 pandemic could result in a better way of handling enrollment for an Homeland Security Presidential Directive 12 credential far into the future. NASA has launched this enrollment capability today as a “preenrollment” for their PIV cards and other potentially visiting agencies.

This presentation will demonstrate how a FIDO security key can be enabled for different use cases including logical and physical access, signature, encryption and payments. The key can be a wrist band to make authentication easier at a medical facility. Or the key can be a fob that incorporates live biometrics with multiple communication channels. A FIDO security key platform combined with a tamper-proof secure element makes the authentication process extremely secure. The platform supports a flexible framework for onboarding additional services on request. Whatever the hardware or software key form factor, the experience is frictionless. The keys can be provisioned with an agnostic FIDO backend to provide a variety of use cases.

Why Federal Agencies Should Leverage ISO 18013-5 Mobile Credentials Beyond Mobile Driver’s Licenses (Co-Presented With the Secure Technology Alliance)

Wednesday, May 17th

This session will explore why federal agencies should be interested in advancing implementation of mobile credentials. The technical model of the International Organization for Standardization (ISO) standard for mobile driver’s licenses (mDLs), ISO 18013-5, has been recognized by both public- and private-sector entities and organizations as a viable and secure foundation for mobile credentials other than mDLs. ISO 18013-5 defines a mobile document (mDoc) structure that accommodates use-case specific custom identifiers and attributes. mDoc identifiers and attributes are cryptographically authenticated by relying parties, using a suite of interoperable interfaces which can support local and remote (offline and online) validation.