Department of LaborHSPD-12

Created: October 27th, 2006Last Updated: August 20, 2007

A guide to what you can expect from the PIV-II process

Audio commentary included

2

What does this guide cover?

HSPD-12 Overview and Goals (3 minutes)

Personal Identity Verification (PIV) I and II (3 minutes)

PIV-II Badge Technology (3 minutes)

What to Expect: Process Overview (3 minutes)

3

What is HSPD-12?

Homeland Security Presidential Directive 12 (HSPD-12) is a mandate for all federal agencies.

Issued August 27th, 2004, First Phase took effect October 27th, 2005, Second Phase took effect October 27th, 2006

Phase II began with new employees and contractors on 10/27/06 at Frances Perkins Building and Postal Square Building in Washington DC.

By 10/27/08 Phase II will apply to all employees and contractors.

4

What are the goals of HSPD-12?

Enhance security Reduce identity

fraud Protect personal

privacy Provide a secure

and reliable form of identification

5

Why was HSPD-12 Implemented?

Each Federal department and agency has its own standards for ID badges, which vary in consistency and security

There may be several badge variations within an agency

6

Common ID Badge Benefits

Key Benefits: Secure Identification - The

ability to authenticate a person’s identity, before issuance of a badge, provides greater identity validation

Standardization - Processes and technologies to determine identity and appropriate level of access will be standardized across the government

7

PIV II Badge Issuance Requirements

A Sponsor is designated in order to validate that each employee or contractor requires a PIV-II badge.

Rigorous identity validation is necessary to minimize identity fraud risk.

Expanded background investigation is required; a minimum of a National Agency Check with Written Inquiries (NACI) and a Fingerprint Check.

You are required to report theft or loss of your PIV-II badge immediately to your Sponsor.

8

PIV-II Badge Security Features

Biometrics

Smart Card

Digital Certificate

How does your PIV-II badge work?

Your PIV-II badge workslike your current DOL badge, with these additional security features: Smart Card Digital Certificate Biometrics: Primary and Secondary Fingerprints are stored on the badge

9

PIV-II Badge LayoutNew DOL PIV-II Badges will include the

followingfeatures: Specific tamper-

resistant features Standards that will

eventually allow badges to be used throughout multiple agencies and locations; (for example, a DOL employee can be validated at a DOL building, and be allowed access to facilities and networks)

Uniform print layout and design so badges can be recognized and validated.

Biometrics, including fingerprints, to allow two-factor authentication when needed

Standard information printed on the badge (photograph, name, Agency, employee/contractor status, expiration date)

Two electronic fingerprint captures

Unique badge identifier (a number specific to the actual badge)

Personal Identification Number (PIN)-a number of your choosing

Digital authentication certificate

10

How will my information be utilized?

DOL and other agencies will use the information on the PIV-II Badge and may use some of the stored information about you when you access federal facilities, computers, applications, or data to prove your identity and your right of access.

After deactivation (upon separation) this information is kept for a length of time consistent with the applicable records schedule. After that time, if it is not needed for safety or security reasons, or to investigate improper behavior, it is destroyed.

If you have additional questions contact your local Enrollment/Issuance center for a list of PIV-II frequently asked questions.

11

Digital Certificate Characteristics

Your name A unique

identification number

An expiration date; A copy of the

certificate holder’s public key

The digital signature of the Certification Authority

12

Potential Digital Certificates Uses

Authentication for physical or logical system access

E-mail encryption Digital signature

13

Personal Identification Number (PIN)

Creation and use of PIN activates your PIV-II badge

The PIN provides an additional method of authentication

The PIN you generate will be stored on the smart card microchip as well as in the HSPD-12 system

14

Biometric Information

Biometric information refers to measurable physical characteristics that can automatically be checked by a device or application.

PIV-II standards require two fingerprint captures to be stored on the PIV-II badge.

Fingerprints Scanned Two fingerprints captured

Fingerprints stored on smartcard microchip

15

How Your Fingerprints Could Be Used Your fingerprint images

stored on the badge can be compared to a fingerprint image captured real-time. These fingerprint scanners can be attached to a door or to a computer to control access

If the real-time image matches one of the fingerprint images stored on the badge, your identity is authenticated.

Fingerprints stored on badge

Computer matches fingerprints when

accessing computers/buildings

Access granted if fingerprint matches

Finger scanned via fingerprint scanner

16

New user process to get a PIV-II badge

The following steps are necessary to complete the PIV-II process

17

Step 1 – Sponsorship

Complete OF-306 Complete Background Investigation documents Collect PKI Certificate from Sponsor

18

Step 2 – Enrollment Report to Enrollment

Station for Identity Document Verification Fingerprinting Photographing

Bring Employment identity documents to first day at DOL

19

Step 3 – Registration

DOL sends fingerprints to OPM

Background Investigation Initiated

DOL Receives FBI and Background Investigation results*

*PIV-II badge may be issued on the basis of FBI Fingerprint Check; the PIV-II badge may be revoked if further investigation makes you ineligible to receive a PIV-II badge.

20

Step 4 – PIV-II Badge Issuance Visit Issuance Station Verify Fingerprints Receive new PIV-II

badge

21

Timeline: HSPD-12 at DOL

Release 1

Release 3

Release 2

Frances Perkins Building & Postal Square Building

DC Field Offices

Additional DOL Sites

October 27, 2005

October 27, 2006

New Employees & Contractors

April 1, 2007

New Employees & Contractors

8/04 10/05 10/06 4/07

PIV I Process

End of FY07

65% Employees & Contractors

PIV-IIPIV I

22

Questions

1. HSPD-12 applies to?A. All Federal Employees and long-term contractorsB. All Department of Labor EmployeesC. Federal ContractorsD. None of the Above

23

Questions

2. What is the first stage in the PIV-II process? A. IssuanceB. RegistrationC. EnrollmentD. Sponsorship

24

Questions

3. What is an advantage of implementing HSPD-12?

A. Enhance securityB. Reduce identity fraudC. Provide secure and reliable forms of identificationD. All of the above

25

Questions

4. What does HSPD-12 stand for?A. Highly Secretive Presence Detector 12B. High Speed Physical Disk 12 C. Home Station Pass Document 12D. Homeland Security Presidential Directive 12

D. Homeland Security Presidential Directive 12

26

More Information

More information about HSPD-12 can be found here:

Find more online: www.labornet.dol.gov/html/DOL-Policy-for-PIV-Card-Issuance.htm

Email the help desk: HSPD12info@dol.gov Contact your Sponsor or

Enrollment/Issuance Office