The Qualifying procedure
The action plan that the government has carried out as an attempt to improve identity verification is a procedure split into three parts – locating a sponsor is the first step, after that comes finding a registrar and, finally, assigning an issuer. This complicated process is designed to make it more complex for any one person to fabricate data, meddle with a card or generate a credential for an inappropriate individual.
Prior to attaining a card, each and every federal worker or contractor is obligated to have a sponsor. More often than not, this sponsor will be a supervisor who can authenticate employment and supply data regarding the worker's requirement for physical and logical access to federal facilities. This can include constraints on days, times or designated locations.
The registrar comes next in the credentialing process. To explain further, a registrar can be a single person or group within an agency or an external supplier approved by the government to supply the needed services. The main task of the registrar is to collect pertinent information about the registrants as well as data from the sponsor and from the agency's human resources branch. On top of that, the registrar is responsible for taking a digital picture of the applicant as well as digitally collect a scan of the worker's hand fingerprints for security purposes. These captured fingerprints will later be delivered to the federal Office of Personnel Management or to the FBI in order to carry out a criminal background examination.
As soon as the background check is successfully carried out, the issuer will finalize the procedure. As we mentioned before, the issuer can be an internal agency group or an external supplier. The initial step is to authenticate, via fingerprints, the identity of the proposed card receiver. Upon completion of that step, the issuer will then include a Java applet to the card, in addition to a bar code as well as a photo of the worker. At that instant, the card is becomes ready for the final step of printing. Not to mention that the cards are covered with hidden text, graphic designs, holograms in addition to other data as an attempt to discourage counterfeiting or illegal duplication.
As soon as the PIV card is finally issued to the employee, the workers are demanded to swipe the card through a scanner to access their office, and then swipe the card for a second time, while placing a finger on a biometric scanner to validate their identity and acquire access to the agency computer network.

A deployment for the whole government
when staff members and other employees depart government employment, human resources departments can instantly deactivate identity cards without any delay, rendering them ineffective if utilized illegally. Adding on to that, as new personnel are hired, human resources can inform a sponsor to commence the registration procedure all over again.
Quite a few suppliers, together with systems incorporators, are planning on offering partial or end-to-end products for card registration on an agency or according to the office that needs it. Before it meets the criteria for the job, a supplier must put forward its solution or products to NIST for assessment and careful examination. The General Services Administration has pointed out that it strives to encourage interagency collaboration. For instance, two or more agencies utilizing the same building will be advised to share the same registration interface to practically save paperwork, time as well as financial resources.
At the same time as plans for the new identification card have lately acquired widespread attention in the media, a study published last summer by a consulting firm for government procurement and contracting revealed that nearly half of federal IT security administrators did not have a functional plan ready to meet the cut-off date. Amongst the causes is the deficiency of funds in the federal budget that are specifically set aside to pay for this ambitious project.
Nevertheless, HSPD-12 addresses a grave matter. A number of agencies have already started pilot programs to put HSPD-12into practice. In addition to that, it is also predicted that most agencies utilized optional funds to start pilot programs prior to the actual cut-off date.
Adding on to that, the nation's ports also have plans to enhance security measures through the anticipated TWIC card, which will be delivered to each of the seven hundred thousand truck drivers, longshoremen as well as railway workers who enter docks and shipyards on a daily basis. About four years ago, Congress demanded the administration to establish a tamper-proof photo verification card for port and other transportation employees. Every personnel with unescorted access to locked vicinities of port property would be required to carry this verification license. The initial cards were projected to be delivered the August before last. As reported by Congressional inspectors, however, bureaucratic holdups and bad management slowed the cards' progress.

The correct path
The initial cards, coasted employees a little over a hundred dollars each and were valid for about five years, are just now being delivered. Corporations may agree to take care of the cost to their employees and the expenses of card scanners. Depolyments and maintenance costs will be taken on by the companies and ports deploying the credentialing interfaces.
Prior to the delivering of TWIC cards, the government will carry out a background investigation of each employee that will include a evaluation of warrants, criminal records, immigration standing as well as terrorist watch lists. Terminals and Shipyards will be anticipated to update their criminal lists from the FBI on a weekly or daily basis, depending upon the facility's rated threat status. On top of that, similar to PIV cards, workers will have their fingerprints digitally integrated into the TWIC interface.
Once a port or shipyard worker attains a card, they will have to walk or drive up to an access point, swipe their card through a scanner and then place a finger on a biometric scanner. The scanners will then validate that the fingerprint is equivalent to that which is embedded in the TWIC interface. An analogous process will be obligated each time that an employee walks through an access point.
Despite the fact that FIPS 201 and TWIC may not yet be perfect, the two are a step in the right path. The background checks that are conducted by the government as well as biometrically-embedded smart cards will aid in making sure that the individual seeking access to network computer, federal office property or a port terminal is the person he or she declares to be.