On August 27, 2004, President Bush issued Homeland Security Presidential Directive 12 (HSPD-12), Policy for a Common Identification Standard for Federal Employees and Contractors. The goal of HSPD-12 is to create a unified standard for all federal government IDs so that they can be used at all physical and online access points. HSPD-12 called upon the National Institute of Standards and Technology (NIST) to develop the actual technical standard, and the Office of Management and Budget (OMB) to manage implementation of the credentials. HSPD-12 calls for all federal employees and contractors to use a standard smart credential to verify their identity for secure access to federal buildings and information systems. The directive set October 2008 as the deadline for compliance.
How is SNL responding to the HSPD-12 Directive?
In response to Homeland Security Presidential Directive-12 (HSPD-12) all L- and Q-cleared Members of the Workforce (MOWs) of Sandia National Laboratories are issued HSPD-12 Federal Credentials. This badge is designed to provide access to facilities and security areas throughout the federal government.
What program is responsible for this implementing HSPD-12 across the DOE complex?
The USAccess program is a government-wide initiative to issue common, federal ID credentials to all federal employees and contractors. These credentials provide federal employees and contractors with an easily recognizable way to identify themselves as well as trust the identity of other USAccess credential holders.
Why do federal credentials need to be standardized?
The two most important reasons for standardized badging are:
- It eliminates the wide variations in quality and security of the various forms of identification currently used to control access to federal facilities and information.
- It reflects the policy of the United States to enhance security, increase government efficiency, reduce identity fraud, and protect personal privacy.
Why did I get an email requiring me to update my digital certificates on my HSPD-12 credential, the expiration date on my credential is still more than 2 years away?
Although your credential is good for 5 years from the day it was printed, the security certificates embedded on the chip are only good for 3 years. They must be updated to ensure that your credential remains active in the USAccess system. Failure to update the security certificates results in the credential being terminated in the system and re-enrollment will then be required.
Note: Emails of this type will be received from HSPD-12 Admin. You may need to check your Spam folder occasionally and/or revise your Spam settings to ensure these legitimate messages reach you.
Do I have to make an appointment to update the digital certificates on my credential?
The best way to ensure that a computer station will be available to perform the required updates is to make an appointment using the GSA Online Scheduling System. However, updating the certificates only takes about 6 or 7 minutes and it is possible to walk in to the badge offices at NM or CA and conduct the update without an appointment.
At SNL/NM: Once the certificate update process is complete, proceed to the Kirtland Air Force Base (KAFB) DBIDS office to register your credential. See the section below titled: “Defense Biometric Identification System (DBIDS) at Kirtland Air Force Base (KAFB).”
Is help available during the certificate update process?
Although the certificate update process can be completed without assistance, help is available if needed.
Use on Travel
You MAY show your HSPD-12 federal credential for these purposes when on Sandia-sponsored business travel:
- As identification to pass through airport security for domestic travel.
- If necessary to indicate association with the U.S. Government (e.g., to establish eligibility for special hotel rates).
You MAY NOT:
- Use your HSPD-12 federal credential as identification for unofficial purposes (e.g., cashing a check).
- Allow your HSPD-12 federal credential to be photocopied, reproduced, or photographed at close range.
- Take your HSPD-12 federal credential out of the U.S. unless you are on official business travel and it is required by sponsors for identification purposes.
Note: HSPD-12 badges, PIV-C cards, and cryptocards are considered export-controlled items. When taking any of these items on business or personal international travel, each of the items must be listed on the traveler’s International Hand Carry application prior to leaving he United States. Questions to the International Export & Trade Compliance Helpline at 845-7000 or firstname.lastname@example.org.
HSPD-12 Holders Responsibilities
Basic Information About Your HSPD-12 Badge
HSPD-12 badges are also known as Personal Identity Verification (PIV) cards and are a type of DOE security badge. The information embedded in each credential includes Personally Identifiable Information (PII) such as badge-holder’s name and biometric data. Thus, your badge/credential should be protected accordingly.
Federal Requirement Regarding Your Badge Holder
Federal publication FIPS PUB 201-2 requires the use of electromagnetically opaque holders or other technology to protect against unauthorized contactless access to information stored on an HSPD-12 federal credential. (Approved holders can be found on the “FIPS 201 Approved Products List.”)
Badge holders issued by Sandia Badge Offices comply with FIPS PUB 201-2, and replacement badge holders are readily available when needed.
SPECIAL NOTE on the Proper Use of Badge Holders Issued by Sandia Badge Offices
The side-loading slot on badge holders can cause damage to the magnetic swipe on the back of a credential. Thus, to prevent damaging your credential, only the top-loading card slot should be used.
If you choose to obtain your own badge holder for your HSPD-12 federal credential, you must ensure it is FIPS-201 approved (i.e., it employs an electromagnetically opaque sleeve). Ultimately, you are responsible for protecting the information embedded on your badge/credential.
Questions regarding this or aspects of your HSPD-12 federal credential may be emailed to: email@example.com.