Page 32 - FCW, June 15, 2016
P. 32

FirstMovers
real consequences for agencies
that go their own way,” Grant said. “So U.S. efforts depended more on a ‘coalition of the will- ing’ when it comes to agencies adopting this approach. And that makes things go slower.”
UK.GOV Verify was also better funded, with five times the money for a government that serves a population one- fifth the size of the U.S.
“This let the [U.K.’s Gov-
ernment Digital Service] team
build a very competent, sophis-
ticated, robust operation and
solution, and ensured that agencies there weren’t scrambling for budget to pay for Verify,” Grant said. “In the U.S., a pass- the-hat approach was taken to fund things. There was no dedicated funding. That set up a very different dynamic.”
The closest thing in the U.S. to UK.GOV Verify is Connect. gov, which is imagined as a single login to access the range of government services. It was launched as an NSTIC project and designed as a cloud-based shared service that agencies could sign up to use, essentially as their front door. The U.S. Postal Service was tapped as a partner in identity proofing and as a likely hub of any in-person verification activity that had to take place. But the effort, like the British work, also sought to tap commercial partners.
The project was seen as the means to accomplish the goals of a 2014 Obama administration executive order that states that “all agencies making personal data accessible to citizens through digital applications require the use of multiple factors of authentication and an effective identity-proofing process, as appropriate.”
The target date for completion set forth in the order was April 17, 2016.
Connect.gov seemed to gather steam when the General Services Administration took over the project from NSTIC and issued a request for information to vendors in April 2015 seeking insight into a federated digital identity ecosystem.
According to contracting documents, the Department of Veterans Affairs planned to consolidate its identity-proofing applications to incorporate the Connect.gov ID. The firm SecureKey had a contract to provide a broker hub, while Verizon and ID.me were offering credentialing services. But the RFI never blossomed into a request for proposals.
GSA’s 18F announced in a May 10 blog post that it had taken the lead “to tackle the inconsistent, difficult experience that the public has logging in and proving their identity when interacting with the government online.”
In the post, 18F’s Joel Minton said the organization was
The end goal is a drastic reduction in both the time it takes to accomplish certain tasks and a significant reduction in the amount of forms that need to be submitted.
JOEL MINTON, 18F, ON CONNECT.GOV
taking cues from the les- sons learned in the design of GOV.UK Verify. “This system is designed to be your one account for government,” he wrote. “The end goal is a dras- tic reduction in both the time it takes to accomplish certain tasks and a significant reduc- tion in the amount of paper- work or forms that need to be submitted.”
Although the post states that 18F will build on the foundations of the Connect. gov effort, it appears that the
Connect.gov brand will be retired. It’s not clear what will become of all the work that companies put in to trying to participate in a federated credentialing ecosystem.
Grant, who is now a managing director at the Chertoff Group, told FCW he has heard from firms that feel they have been left out of the loop after having “gone through the exhaustive and expensive process GSA established for getting their solutions accredited for government use.”
“The private-sector partners are asking whether they are still partners, whether there is still a place for them in this government identity ecosystem,” Grant added. “In the U.K., they know where they stand; in the U.S., not so much now.”
NSTIC and NIST are still in the game. NIST recently post- ed a pre-draft preview of its updated digital authentication guidelines on GitHub for comment.
“There are many updates to this document that make room for federal agencies to adopt market innovations, leverage the solutions individuals already have and establish increased global alignment of identity practices,” Acting NSTIC Direc- tor Michael Garcia told FCW.
“Agencies are making great strides, and our pilots have demonstrated secure and interoperable solutions that enhance privacy for individuals while reducing cost for providers, all while improving the digital experience,” he added. “We’re heartened to see these private-sector solutions deployed throughout the marketplace, including across gov- ernment, and look forward to even more adoption over time.”
He said NSTIC continues to coordinate with the U.K. Gov- ernment Digital Service and hopes to build on its work. But a go-live date for a governmentwide digital login in the U.S. will likely have to wait for the next administration.
Although acknowledging that GSA has its reasons for the new approach, Grant said the pivot “equates to a conscious decision to push back delivery of a real solution agencies can use to start offering more high-value, citizen-facing digital applications.” n
28
June 15, 2016 FCW.COM


































































































   30   31   32   33   34