Beginning in spring 2001, Department of Defense (DoD) employees began receiving a new identification (ID) card. This card, called the Common Access Card (CAC), is a credit card sized device that serves as the standard ID card for active duty personnel, selected Reservists, DoD civilian employees, eligible contractors, and designated foreign nationals. Retirees, family members, and inactive reserves will not receive a CAC at this time. The CAC employs smart card technology—a 32K chip affixed to the card—as the key enabling technology in achieving our goals of a Revolution in Business Affairs and Information Assurance. Smart card usage can extend into a number of different functional areas, improving quality of life and productivity while reducing operating costs.
The CAC initiative follows the January 16, 2001, policy memorandum issuance by the Office of the Secretary of Defense. The policy states that the CAC will be the standard DoD identification card, the Geneva Convention card for the military, the principal card used to enable physical access to building, installations, and controlled spaces, and will be used to securely access unclassified information systems and applications that link the Department's computer networks.
As the new armed services' ID card, the CAC delivers more functions and provides a much higher degree of identity security than the current identification card. By allowing users to log on to their computer, encrypt e-mail, or digitally sign documents, the CAC will increase security for unclassified networks and allow for secure transactions over the Internet. In addition, the unified look of a DoD ID card will facilitate proper recognition of military, civilian, and appropriate DoD contractors worldwide.
The Common Access Card is issued using an information infrastructure that includes a database maintained by the Defense Enrollment Eligibility Reporting System (DEERS) and the Real-time Automated Personnel Identification System (RAPIDS). The innovative technologies that are housed in the CAC have created some questions about the security and privacy of the information on the cards.
For active duty military and selected reservists, information printed on the CAC includes first, middle, and last names, person designator code (i.e., active duty v. civilian), rank, Social Security Number (SSN), Geneva Convention Category, date of birth, organ donor information, and blood type. Furthermore, other unique information will be embedded in the chip.
This data will include identification data (name, rank, SSN, electronic data interchange personal identifier (EDIPI)--a unique identification code used in DEERS), blood type, organ donor information, Public Key Infrastructure (PKI) certificates (ID, e-mail, and encryption), private authentication materials, date of birth, meal entitlement code, exchange code, commissary code, Morale, Welfare, and Recreation (MWR) code (i.e., to distinguish ability to use specific athletic facilities), end date (CAC non-medical benefits eligibility end calendar date), entitlement condition code, benefit end date, branch of service, personnel category (i.e., civilian, active duty, etc.), Government Agency Code, pay category, pay grade, three-digit service short name (i.e. NAV), and card management information (e.g., when the card expires, etc.).
For DoD civilian employees, selected contractors, and designated foreign nationals, demographic information and benefit information will be printed on the card. First, middle, and last names, personnel designator code, and departmental affiliation (e.g., DON) will appear on the card. Identification data including name, SSN, EDIPI, PKI certificates (ID, e-mail, and encryption), private authentication materials, date of birth, pay category, pay grade, three-digit service short name, and card management information will be embedded in the chip.
The data on the chip is protected by a six to eight digit personal identification number (PIN) that the user must create to access data. Therefore, like an Automatic Teller Machine (ATM) card, if one loses his or her CAC, it will be of no use to whomever finds the card without knowledge of the access code.
When the user is issued a CAC, he or she will be asked to place his or her finger on a fingerprint reader in order to access the DEERS database and begin the issuance process. Although most military personnel have had fingerprints required for previous identification cards, this may be a new security measure for civilian employees. Fingerprints are required to protect the CAC and the PKI certificate it holds, by validating the identity of the CAC user before their personal information is altered.
It is important to note that the system does not store an image of the entire print. It converts the fingerprint image into a mathematical template of the fingerprint's minutiae points (the points at which ridges split or end) then these data are encrypted and used as an identifying template. After this process is complete, the fingerprint image itself is thrown away. An employee's fingerprint cannot be re-created from the template of minutia points, so there is no privacy issue stemming from storing fingerprints on file.
If the user is a member of the military, his or her information is already on file and will be imprinted on the CAC once the user's identity is verified. Conversely, if the user is a civilian or contractor, personal data are first entered into the DEERS database where it will be continuously maintained and protected. If you lose your CAC or need to change your PIN, your biometrics (i.e., your fingerprint) can be used as confirmation of your identity in order to access your personnel information in DEERS and issue you a new CAC or PIN.
Every effort has been made by the DoD and DON, using the latest technology, to ensure that the information on the new CAC remains protected and secure. By protecting your CAC and PIN, you can rest assured that your privacy will remain protected.
Colleen M. Herrmann is a member of the DON CIO Privacy Team.