Team to test CAC biometrics

The Defense Department recently selected a contractor team lead by KPMG Consulting Inc. to test and evaluate biometric technologies as an added layer of security for its departmentwide smart card, the Common Access Card (CAC).

The 90-day contract was awarded last month and is valued at $915,000. KPMG Consulting's Smart Card Solution Team will demonstrate and evaluate biometric identifiers - such as voiceprint, fingerprint, iris pattern or facial contour - that could be used as an additional security mechanism for the card, according to company spokeswoman Angelique Rewers. The results of those evaluations will help DOD decide which biometric technology to deploy in concert with the CAC.

CACs are secure, multi-application smart cards for physical identification and building and network access, and the DOD's goal is to issue more than 3.5 million of the cards by October 2003.

The contractor team will provide development, training, testing and post-delivery support to the DOD's Biometric Working Group, Biometrics Management Office and Biometrics Fusion Center.

The Smart Card Solution Team includes:

* SAFLink Corp., a developer of integrated biometric security solutions.

* Spyrus, a public-key infrastructure middleware provider.

* Xtec Inc., makers of smart card readers.

* Precise Biometrics, which produces fingerprint readers.

Michael Palmer, managing director of KPMG Consulting, said an individual's biometric identifier is especially useful for security purposes because it "cannot be stolen or shared.... The biometric is who you are."

Walter Hamilton, vice president of business development at SAFLink, agreed and said he believed this contract was "a major first step in the large-scale adoption and deployment of biometrics within the government."

A separate contract was also awarded to Northrop Grumman Corp., and the two teams are working separately toward the same goal, Rewers said.

The Army is the executive agent for DOD's management of biometrics and has established a basic plan to implement the department's policy on those technologies that calls for an enterprise solution to be fully operational by January 2005, Lt. Gen. Peter Cuviello, the Army's chief information officer, said last week.