 |
 |
 |
 |
March 2006 • Volume 11 Number 3
|
 |
|
Executive Director's Letter
"226 days left." That was part of the message delivered by Ron Martin, U.S. Department of Commerce, at the March 15th gathering of the Interagency Advisory Board (IAB), the federal agency committee helping government agencies help themselves in meeting the deadline for Homeland Security Presidential Directive 12 (HSPD-12) implementation. Referring to the October 27 deadline to begin issuing PIV Part II-compliant identity cards, the number resonated throughout the room. There was some applause and also some nervous laughter as both government and industry gathered to discuss the progress being made to implement the U.S. federal government's smart card credentialing mandate. The directive, signed on August 27, 2004, requires "the development and agency implementation of a mandatory, government-wide standard for secure and reliable forms of identification for Federal employees and contractors." Since that announcement less than two years ago, there has been furious activity throughout the industry and with government policy makers, standards bodies, and federal agencies themselves to come to grips with this mandate and to put in place the specifications and plans for compliance. What we continue to observe is that the devil is in the details. The standards definition effort by NIST, called FIPS 201, has continued to move forward in a positive direction. The vendor community is starting to show the first signs of testing and integrating FIPS 201-compliant products in labs and with partners. In the next 200 or so days, the details to work out include both policy decisions and technology selection and implementation. The lines of responsibility clearly separate the government policy makers from its standards setters. What is left between those two forces are the industry suppliers, integrators and federal agency credential issuers who are trying to issue PIV-compliant credentials and to sort out the myriad of details to make it happen. The smart card industry is used to working under conditions of shifting requirements and tight deadlines. So are the developers and integrators of the physical security systems and related card production systems. What is becoming the choke point is something called the IDMS, or Identity Management System, which captures all of the personnel data and formats it so that the CMS, or Card Management System, can issue the credential and manage it after it has been issued. The IDMS and CMS systems feed into the physical access systems (PACS) that control what cardholders can do with their new government ID after it is issued. Knitting these systems together in an open architecture so that agencies can choose any IDMS, CMS, PACS, or card is where many challenges remain. One thing is certain - the next 226 days are going to be even more intense then ever as we begin closing in on the October deadline. Stay tuned to the Smart Card Alliance and particularly to our Physical Access Council as we discuss and try to solve the HSPD 12 challenges side-by-side with our government colleagues. What better way to stay tuned to the government smart card market than to attend our next conference event - the 5th Annual Smart Cards in Government Conference, April 18-20, 2006 in Arlington, VA. With over 60 speakers representing the best minds of the government, industry, and outside observers, this event promises to be the comprehensive government identity and security event of the year. Our exhibitor pavilion and hotel block have been completely sold out and we expect over 400 attendees at this year's conference. The agenda includes a balance of technical sessions and non-technical implementation and policy sessions on a wide variety of subjects involving government smart cards. In addition to HSPD-12, sessions also include updates on electronic passports, border security, registered traveler cards, the first responder program, REAL ID, and public policy debate regarding the appropriate use of radio frequency technology. For government HSPD-12 implementers, we have created a new one-day, pre-conference workshop on Monday, April 17th, covering the details of FIPS 201 implementation. The main three-day conference kicks off with the open, public IAB meeting, developed and run by the government Interagency Advisory Board. The exhibit hall is open on both Tuesday and Wednesday, with networking receptions held each night so that attendees can reconnect with friends and discuss the day's events. Visit our web site at www.smartcardalliance.org for registration rates, exhibitor lists, full program agenda, and hotel information. I am pleased to report that our February 22nd webinar, organized by the Contactless Payments Council and titled "Contactless Payments: A New Era of Payments for Retailers," was a huge success. The webinar was produced in partnership with STORES Magazine and included speakers from an issuing bank (KeyBank), a merchant (Wawa), and a payment processor (Chase Paymentech). Speakers discussed the business drivers and their first-hand experience with contactless payments. The free one-hour webinar was expected to draw about 100 merchants and retailers. Instead we had 327 people participate live and another 163 access the post-event replay! In addition, we received more than 130 questions from the audience. Some of the questions were answered during the live Q&A session and the rest are being answered by the council members, with responses emailed back to the participants. This webinar is another great deliverable from the Alliance that was made possible by members working together to create programs that share timely information about important industry topics in an open, public forum. Looking ahead, the Smart Card Alliance Latin America chapter has two important conferences coming up in Sao Paulo, Brazil, on consecutive weeks beginning March 27. The first event, SecurityWeek Brazil, is an information security conference where the Alliance's Latin America Chapter will be a sponsor and exhibitor, and will lead a half-day educational workshop on the role of smart cards in IT. The following week in Sao Paulo, the Cards 2006 Brazil conference takes place; at this event, the leading financial industry and transportation systems providers gather to discuss the growing market for smart cards in Latin America. The Alliance will again be a sponsor, exhibitor and speaker at this important Latin American cards industry event. At the end of April, the Latin America chapter travels to Mexico City for Expo Seguridad, an electronic security conference. There the chapter will be giving several conference sessions and exhibiting to further the awareness of smart cards in Mexico. In between these Latin American events, the Smart Card Alliance will be actively participating as a presenter, exhibitor and sponsor at the NFC Technology Summit (April 4) and the ISC West Conference (April 5-7) in Las Vegas. Those events are closely followed by our Smart Cards in Government Conference (April 18-20) in Arlington, VA.. Then comes the CardTech SecurTech Conference in San Francisco, CA (May 2-4). At CardTech SecurTech, a full-day Foundations in Card Technology for Transactions Workshop is planned on May 2. Speakers selected by the Alliance will present contactless payments technology and applications trends. So much for easing into spring! I will catch up with you at one of these events, I hope. I will be the guy with the bags under my eyes from all of this travel! While everyone's plates are full to overflowing, all of this activity is tremendously exciting for the industry as our members both grow their business and stay connected to the Alliance to help propel adoption further. 2006 is shaping up to be a busy and satisfying year. Randy Vanderhoof, Executive Director
|
|
