GSA smart cards get smarter

The General Services Administration has hammered out a set of standards that will make smart cards, smart card readers and the applications that use the cards work together regardless of the manufacturer.

For now, the new standards apply to the Smart Access Common ID contract. Cards under that contract are used for building access, computer access, biometric services (which use physical attributes, such as fingerprints, to authenticate identity), and cryptographic services.

Cryptographic services enable secure file transmission as well as the use of digital signatures. Cryptography is also the basis for public key infrastructure, or PKI, technology. With this technology, every user is assigned a public key for the purpose of authenticating their identity.

"We decided that we had to have some standards," said Mickey Femino, director of the Center for Innovative Business Solutions at the Federal Technology Service. "We couldn't all be going in different directions."

GSA may seek to set standards for other applications, including electronic purses, electronic forms, food services and medical records, Femino said.

"Interoperability allows us to competitively bid each task order in order to keep competition up," Femino said. "This means we aren't locked into one vendor."

The Defense Department may be the first agency to benefit from the new standards. Femino expects DoD to purchase the smart cards for its new "common access" program from the Smart Access contract, and the agency could benefit from having multiple vendors competing to provide the same functionality, he said.