Toronto’s SecureKey lands $15 million U.S. contract

Toronto-based authentication specialist SecureKey Inc. has won a $15 million contract to help the United States Postal Service (USPS) build a cloud-based authentication service that would allow people to use their existing online credentials to access government services through the Internet.

Work on what the USPS calls the Federal Cloud Credential Exchange (FCCX) is still in the early stages and the choices of what third-party credential should be used has not yet been decided. The main idea is to facilitate open government initiatives by allowing people to use credentials they already have for other services such as Google or PayPal in order to securely log on to the Web sites of multiple U.S. federal agencies without the using of passwords or other digital identification for each service.

“This first of its kind in the U.S., the service is expected to spur broader federal acceptance of approved third-party credentials of varying strengths and types, from simple user names and passwords to Personal Identity Verification (PIV) cards,” a statement from SecureKey said.

The Canadian government has been operating a similar system developed by SecureKey for almost a year.

RELATED CONTENT

Privacy czar pans anti-password ‘media gimmick’
Slideshow: Beyond passwords – attitudes towards authentication

The SecureKey Concierge was launched in November last year and has logged more than one million transactions. It allowed Canadians to use their bank authentication credentials to access online services from the Canadian government. Three of the country’s’ largest banks, BMO Financial Group, Scotiabank and TD Bank Group were the initial trusted sign-in partners.

The service is part of Canada’s Cyber Authentication Renewal initiative. Users do not need passwords on personal information such as name, address and birth dates to use the exchange. A special feature of the program prevents the trusted sign-in partners from knowing which government service is being accessed by the user and the government is not aware which sign-in partner is being used in the transaction.

The FCCX is an integral component President Barack Obama’s National Strategy for Trusted Identities in Cyberspace (NSTIC) and the federal government’s policies and procedures under its Identity, Credential and Access Management (ICAM) program.

SecureKey was chose for the project because of its innovative federated authentication platform, the SecureKey bridge.net Exchange, according to Andre Boysen, chief marketing officer of the firm. This cloud-based system service enables the credential exchange to “cost-effectively broker user credential management capabilities” with the need to build an authentication infrastructure.

The USPS said the FCCX pilot project will begin this fall. Other agencies such as the Veterans Administration, the Social Security Administration and the Department of Education are also involved in the developing requirements for the pilot.

 



Related Download
Improving the State of Affairs With Analytics Sponsor: SAS
Improving the State of Affairs With Analytics
Download this case study-rich white paper to learn why data management and analytics are so crucial in the public sector, and how to put it to work in your organization.
Register Now