New smart card standards unveiled

Smart cards used by the Defense Department and the General Services Administration must now comply with new biometrics technology standards.

The Bio Application Programming Interface (BioAPI), a government and industry consortium, announced the standards March 20. They define an open-system standard API as one that enables software applications to communicate with a broad range of biometric technologies in a common way. Also, it must provide for a simple biometric API; standard access methods to biometric functions, algorithms and devices; and support for biometric identification in distributed computing environments.

GSA's and DOD's smart cards must comply with the new rules. Such cards combine identification cards with digital fingerprint data and digital signatures to increase security in buildings and on computer networks. DOD is testing smart cards that it plans to roll out to 4 million employees and contractors at the department.

"This is truly a major milestone, which will aid in our common identification endeavors for the federal government,'' said Mike Brooks, director of the center for smart card solutions within GSA. "We believe that these standards will aid in the implementation of biometric solutions for critical operating infrastructures."

The BioAPI specification Version 1.1 and the associated reference implementation software are on the consortium's Web page (www.bioapi.org).

The biometric specification is an open system, meaning it is intended for use across a broad spectrum of computing environments to ensure cross-platform support, according to Cathy Tilton, chairwoman of the BioAPI consortium steering committee. Supported platforms include Microsoft Corp.'s Windows NT, 95, 98 and 2000 and Unix.

"Biometric open-system standards like BioAPI are helping to accelerate the adoption of biometric-based personal authentication in multiple markets and will stimulate the industry's growth," said Fernando Podio, project manager of the biometrics smart card project at the National Institute of Standards and Technology.

The BioAPI has 78 members from U.S. government, industry and international organizations, Tilton said. Members include NIST, the National Security Agency, Compaq Computer Corp., Iridian Technologies Inc. and Raytheon Co.