ID lifecycle 101: Understanding issuance models
Part two in a series on credential issuance and management
09 August, 2011
category: Contactless, Government, Library
As the Real ID Act continues to make headlines, more attention is focusing on the second stage in the identity process–issuance.
The 2005 act would tighten standards governing the process for issuing credentials–specifically driver licenses and state-issued IDs–used for federal purposes. As a result, many states could migrate the issuance of these IDs toward a centralized, or off-site, model. That means an individual applying for an ID wouldn’t walk away with his credential the same day he applies for it. In March, the U.S. Department of Homeland Security extended the deadline for states to comply with the act until Jan. 15, 2013.
Although the move toward a more centralized model has garnered criticism, experts say there are pros and cons to both on-site (decentralized) and off-site (centralized), the two primary models for issuing credentials. Deciding which model to use comes down to the issuing agency’s security needs and customer service preferences.
“If it’s an instant process, the chances go up that you’re going to give a license to someone you might not want to give a license to,” says Geoff Slagle, director of Identification Standards for the American Association of Motor Vehicle Administrators, headquartered in Arlington, Va. “If you had more time, the chances are better–not perfect, but better–that you might catch (on) before you give a license to someone who shouldn’t have one.”
On-site versus off-site
In the on-site model, credentials are issued over the counter the same day an individual enrolls. This is the case with most driver license bureaus, corporate environments and campuses.
“You prove who you are with some sort of ID document; they take your information and assume you pass your driver’s test, and you get your credential printed right there at the counter,” explains Steve Purdy, business development director for government affairs with digital security firm Gemalto. The company personalizes about 1.3 billion identity documents and devices a year at its 30 worldwide personalization centers as well as via over-the-counter issuance.
In the off-site model, an individual enrolls by providing any required information, such as proof of identity, biometrics and other documentation. The agency providing the credential then reviews that information and runs any background or criminal history checks to make sure the individual’s identity is sound. The printing and issuance of those credentials is conducted off-site at one or more centralized facilities, and the credential is mailed to the individual or sent to a location where it can be claimed.
Complying with Real ID could require more agencies to adopt the off-site issuance model. Some supporters of off-site issuance argue that certain issuance programs create more opportunities for fraud by giving a single person the power to both enroll and issue a credential, Purdy says. Because a driver license is a breeder document for other forms of identity, the federal government has expressed concern about how licenses are issued.
Pros and cons of issuance models
Customer service is one of the main reasons why people go with over-the-counter, on-site issuance, Purdy says. “If people have to take time out of their day and go to a center to enroll, it becomes somewhat painful to require them to come back again,” he says.
When a credential is issued over the counter, the cardholder can look at the ID and be able to tell immediately whether all of the information is accurate, so the card could be reissued right away. But with a central issuance model, the cardholder isn’t present, so there has to be a strong process in place to ensure the accuracy of that information.
“The central issuance facility can only print what’s given to them,” Purdy says. “There will be a quality check for the accuracy of what (information) they’ve received, but not a quality check with the cardholder in front of them.”
Digital technology has enabled even faster creation of a card on the spot. “It can be handy for the consumer, but you don’t necessarily have enough time to vet an individual who comes to you,” Slagle says.
Another disadvantage of off-site issuance is that the credential is often mailed to the issuing agency instead of the individual’s home or office, meaning the person has to yet again prove their identity to claim their card.
Then there’s the need to factor in shipping and postage costs to the cardholder or to the agency. And, because of the time lag between enrollment and receipt of the credential, a temporary document may need to be issued.
In addition to vetting time, experts cite a number of other advantages to off-site issuance. It can give an organization more control over document security features. A facility that produces cards in bulk may have more resources and, thus, the ability to provide more advanced security options for credentials. Security features such as laser engraving and high-end holography are more readily available at centralized facilities than via smaller-scale desktop printing environments.
By opting for off-site issuance, agencies also don’t have to worry about replacing consumables such as printer ribbons, or calling in a technician to repair a broken printer. “It’s more overhead to manage that program than it is to outsource it. And you potentially have fewer personnel,” Purdy says.
Licensing changes ahead
One of the fundamental issues the ID world faces is that a driver license is an identification document, not just a license to drive a car, Slagle says. In the past, states have been able to make the issuance process swift and user-friendly through over-the-counter methods. But the trade-off was less time and ability to check the individual’s background.
“We can’t turn this around. We literally are now left with this thing that an overwhelming majority of people use for ID purposes. So how do we fix it?” Slagle asks.
Moving toward off-site issuance is one solution, but a program has been put in place to explore other options.
The Driver License/Identity Verification Systems (DIVS) program was formed to organize, implement and coordinate a system to verify information provided by applicants for driver licenses and identification cards. Mississippi is the lead state for planning and implementing the initial stage of the program. Florida, Indiana, Kentucky and Nevada also participate in the joint effort between the states, DHS and AAMVA.
DIVS encompasses several electronic verification systems that can be used by state driver licensing agencies to verify documentation provided by driver license applicants as a form of identification, says Maj. Jason Jennings, director of the Driver Services Bureau of the Mississippi Department of Public Safety.
The scope of DIVS includes verification of:
- U.S.-issued birth certificates;
- U.S.-issued Passports;
- U.S.-issued immigration papers; and
- Social Security information.
DIVS also has oversight of a yet-to-be-developed system states can use to make sure that a driver license applicant does not hold multiple licenses across the country.
Because of the reliance on a number of outside entities to provide these verification services, many states are looking at moving from over-the-counter issuance to central issuance, Jennings explains.
“By making this change, states will have the time they need to examine the results of the various electronic checks before issuing a license without being overly concerned about the impact that system downtime has on customer service,” he says.
The program is also charged with determining ways to address the budgetary challenges states could face in complying with Real ID. The estimate from the AAMVA and the National Conference of State Legislators is that it would cost states $4 billion collectively to comply, down from the initial estimate of $11 billion, Slagle says.
As the centralized issuance model gains prominence, experts predict more systems coming in place to support it.
A large part of that will be more emphasis on security features. “I think the way the market is going now, you’ll continue to see vendors differentiate themselves by offering more and more distinct security features,” Purdy says.
Whereas anyone can go out and buy a desktop printer to make a fake document, not anyone can duplicate laser engraving features or holograms on a card, he says. Obtaining equipment to perform these tasks would be cost prohibitive for most people.
Despite the security advances, the actual process for central issuance will likely remain much the same, Purdy says.
“Visibility, traceability and security features are just going to get more advanced,” he says.
Issuance at a glance
The GSA follows four steps when issuing a document:
- Someone from the issuing agency sponsors the individual. That individual then receives an email from the system saying they’ve been sponsored. The email contains a link for the individual to schedule an appointment at one of GSA’s enrollment sites.
- During the scheduled appointment at the enrollment site, the individual’s enrollment documents are verified and his fingerprints and biometric information captured.
- The agency adjudicates the individual by performing a national criminal history check. GSA then issues a request to print the credential.
- The credential is printed and shipped to the location specified by the individual’s sponsor. The individual is notified and asked to make an appointment to activate and pick up the credential. At that time, GSA electronically personalizes the credential and loads the certificate, fingerprints and biometrics to the card’s chip.
Exploring the GSA’s centralized PIV-issuance process
In carrying out its task to issue compliant credentials to the federal work force, the General Services Administration relies on off-site printing to allow for more security checks and features.
When President Bush signed HSPD-12 in 2004, mandating a federal standard for secure identification, the Office of Management and Budget asked the agency to come up with a uniform service so that the numerous agencies employing GSA credentials wouldn’t have to come up with their own model for issuing cards, says Steve Duncan with the GSA’s managed service office. GSA has 90 customers that are federal agencies, and many are small boards and commissions that would be unable to issue their own cards.
“We made a business decision that off-site was the best way to go at the time this first started,” he says.
GSA opted for off-site issuance for a number of reasons, with cost being one of them. On-site printing can be expensive, says Duncan. It requires high levels of maintenance and can burn through a great deal of printer equipment.
GSA issues cards using a number of different card stocks as source material. Decentralized issuance would require inventorying these card stocks at many different locations. “That becomes a huge problem in the security of the cards,” Duncan says.
By opting for a shared issuance program across multiple agencies, GSA made it so that a person could go into any GSA building and get enrolled for their credential. GSA has 360 enrollment locations nationwide where people can submit their fingerprints and have their photo taken. Credentials are issued at a single off-site facility in Washington, D.C., and shipped across the country. GSA contracts with HP Enterprise Services to issue its credentials.
When GSA first developed the business case for this service, it had about 40 agencies as clients and anticipated issuing 400,000 credentials to this base. The agency now has more than 90 agencies, commissions and boards, and expects to issue between 750,000 and 800,000 to the group.
Still, GSA’s off-site issuance system comes with its challenges, Duncan says. GSA has been working to improve its delivery mechanism and reduce the time from when the cards are initiated until they reach the end user. That time varies, but for people in remote locations, it can take up to two weeks to get a credential.
“Now that more agencies are on the usage side of the credential, that’s just not acceptable,” Duncan says, adding that the earliest delivery time can be overnight. “If you’re using your credential to log on to your computer at work and it breaks, and it takes two weeks to get a new one, that creates a productivity problem.”
GSA is negotiating with HP on ways to improve the issue, Duncan says.
In the meantime, GSA has developed two solutions to more rapidly get credentials to more remote users. Light activation setup enables the individual to activate his or her credential from a more convenient location, possibly even their desktop. A new mobile issuance solution features a roll-around suitcase that agency representatives can take into the field, hook up to the Internet and enroll people, Duncan explains.