DPSAC News Header

September 4, 2013 issue of the DPSAC NEWS

In This Issue
HHS ID Badge/PIV Card Rollout Scorecard
Important! Software Upgrade Required for ALL NIH Lifecycle Workstations
New Access Card Utility (ACU) Software Now Available
Renewing Digital Certificates - A Two Step Process
Helpful Tips
News Briefs



Contact Us


Division of Personnel Security and Access Control (DPSAC),  

Office of Research Services  


Personnel Security 

Helpdesk: 301-402-9755

e-QIP: 301-402-9735

Appointment Line: 301-496-0051

E-mail: orspersonnelsecurity@ 



Access Control

Helpdesk: 301-451-4766

E-mail: facilityaccesscontrol@ 




        HHS logo small Logo Mark NIH Logo Mark    

8-30-13 Excel Table for 9-4-13 DN Border
Here are the most recent NIH badging statistics from HHS as of August 30, 2013:

              Sponsored: 38,376   Enrolled: 37,949   Issued: 37,564*


*This figure represents 97.9% of individuals who have been sponsored.


  8-30-13 Excel Table for 9-4-13-DN Border

Planned Outage of the Department's Smart Card Management System (SCMS)


The Department has announced that beginning on Thursday, September 12, 2013 at 8:00 p.m. and continuing through Tuesday, September 17, 2013 at 4:00 a.m., its Smart Card Management System that serves the entire Department will be taken down in order to perform important updates to the system.  


During this period, SCMS badge issuance and certificate updates will be discontinued department-wide.


According to the HSPD-12 Program Office, individuals will not be able to make enrollment and badge issuance appointments during the outage. In addition to affecting enrollment, badge issuance and certificate renewals activities across all NIH campuses, Lifecycle Work Stations (LWSs) will not be able to perform PIN resets and certificate renewals during the outage.


The system will be brought back up on Tuesday, September 17, at which time all badging and certificate services will resume.


Important! Software Upgrade Required for ALL NIH Lifecycle Work Stations (LWS)  


The HSPD-12 Program Office requests that all Institutes, Centers and Offices review their Lifecycle Work Stations (LWS) to ensure they are all running the most recent software version (version 2.5.1). If your LWS software is not the most current version, you must update it as soon as possible.*  


For assistance with updating your LWS software, contact the HHS Identity Help Desk at HHSIdentityAdmins@deloitte.com.  


Note: LWS operators will not be able to renew certificates for anyone with a newer type of PIV Card (128k cards) if their LWS is using an outdated version of the software.    


* Once you launch the LWS software, you will find the version number in either the top right or top left corner of the screen, depending on which version is being used. To view a sample screen shot, open the LWS training guide on the DPSAC web page at:    



New Access Card Utility (ACU) Software Now Available

The Access Card Utility (ACU) software provides an easy alternative for individuals to renew their certificates from a local Windows computer.  


The newest version of the ACU - version 1.4.2 - is now available on the ISDP website at: http://isdp.nih.gov/isdp/version.action?prodid=198.   


Note: installation of v.1.4.2 requires system administrator privileges.  


Those Institutes, Centers and Offices that have deployed the ACU (or plan to do so) are encouraged to upgrade their ACU software to this latest version to support the coming round of certificate renewals.


Renewing Digital Certificates - A Two Step Process

The Department will notify individuals with the following e-mail when the certificates on their PIV Card [HHS ID Badge] are about to expire.


From: HHSIdentity donotreply@hhs.gov    

Subject: ACTION REQUIRED: Renew the digital certificates on your PIV
              Card (HHS ID Badge)


Dear <NAME>,


You are receiving this important e-mail because it is time for you to renew the digital certificates on your HHS Personal Identify Verification (PIV) Card (sometimes called the HHS ID Badge).


Your digital certificates will expire on <DATE> and MUST BE RENEWED before that date. If you do not take action, you will not be able to log in with your PIV Card after your certificates expire.


Digital certificates may have an earlier expiration date than the date printed on your PIV Card. IMPORTANT: You need to renew your certificates even if your PIV Card is not about to expire.


To avoid issues caused by allowing your certificates to expire, complete the TWO STEPS outlined below.


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

****OPTION A****

Renew your certificates yourself on a Windows computer that has the Access Card Utility (ACU) installed. For instructions on how to renew your certificates using the ACU, please follow the link below:


(You may want to print the instructions on this web page for your reference)


VERY IMPORTANT: Once you start the certificate renewal process using the ACU, *DO NOT* remove your card from the card reader until the process is finished or you may corrupt your certificates. If this happens, you will have to go to a badge issuance station to fix the problem.


****OPTION B****

Visit a Lifecycle Work Station (LWS). Please follow the link below to find an LWS near you:



- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -


- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

After you renew your certificates, please follow the link below for instructions how to update your computer to use the new certificates:



- - - - - - - - - -


- - - - - - - - - -

Please contact the NIH IT Service Desk:

301-496-4357 (HELP)

301-496-8294 (TTY)

866-319-4357 (HELP)



Helpful Tips

Section on 'Renewing an Existing HHS ID Badge' added to the ID Badge website -- The HSPD-12 Program Office has added a section to the ID Badge website titled'Renewing an Existing HHS ID Badge' to assist the many employees, contractors and affiliates whose badges are nearing the end of their lifecycle and will require renewal in the near future.  See: 



ICs that want to add LWS operators to the approved roster -- send a written request to Richie Taffet at: taffetr@mail.nih.gov. Your request should include the new operator's name, their IC, their NED number, as well as the operator's e-mail address, building/room and phone number.  

Once Mr. Taffet has approved the request, he will forward the name(s) to HHSIdentityAdmins@deloitte.com to complete the approval process, add the name to the LWS operator roster and inform the IC that the individual is now approved to operate the LWS.


Need to make changes to the LWS operator directories? -- drop an e-mail to Lanny Newman, newmanl@mail.nih.gov, and let him know what needs changing (e.g., adding new operators or LWS locations, removing operators, etc.). Remember, before a new operator can be added to the LWS directory, s/he must first be approved by Richie Taffet (see preceding Helpful Tip).  


If an LWS is not available in your IC or your immediate area, and you work in the greater Bethesda or Rockville area -- please call 301-451-4766 or 301-402-9755 to schedule an appointment with the Division of Personnel Security and Access Control located in Building 31, Room B1A26 or in Building 10, South Lobby, Room 1C52.    


If you work outside the Bethesda/Rockville area, contact your local badge issuance office.  




Q. I'm an AO and I have a question regarding the Forced Renewals that appear in my Inbox.  Am I supposed to verify the information and approve it to start the process?  


A. Yes. Nothing will happen until you run the task.   



Q. My badge says it's good till Nov 09, 2014, but I just received notification that I need to renew it. Can this be accurate?  


A. Yes. This notice is accurate. You have been selected to participate in an accelerated HHS ID Badge (PIV Card) renewal program.  


The Division of Personnel Security and Access Control (DPSAC) projects that nearly 15,000 employees, contractors and affiliates across the NIH will need their HHS ID Badges renewed beginning in 2014 and extending into 2015.  


To avoid the expected high volume of badge requests that would occur during this period, DPSAC will be renewing HHS ID badges well before their expiration date to spread out the demand for enrollment and badge issuance appointments.  


This action will ensure that DPSAC staff can provide you with the best possible customer service and that your badge request will be processed as quickly as possible.


The new badges, with the more robust 128k computer chip, provide stronger authentication and enhanced storage capabilities. Additionally, you will be able to make appointments at a location, date and time that are convenient to you.


Early renewal will mean reduced waiting times at enrollment and badge issuance stations and a badge expiration date that extends beyond the current expiration date.


To make sure that these renewals are carried out in an orderly fashion, your participation will be mandatory.


You just received an e-mail from NIH (DPSACScheduler@mail.nih.gov)  asking you to log on to the appointment scheduling system (a link will be supplied) to make an appointment to pick up your new badge, or make an enrollment appointment (if necessary).  

Please note that Lifecycle Work Stations are not equipped to renew your HHS ID Badge (PIV Card).


Should you have questions about this process, please don't hesitate to contact the NIH HSPD-12 Program Office (HSPD12@mail.nih.gov).


News Briefs


A tipping point for biometrics?  

Excerpts from an article that appeared in FCW.com on August 15, 2013 by Mark Rockwell.  The article can be read in its entirety at: http://fcw.com/Articles/2013/08/15/tipping-point-biometrics.aspx?s= fcwdaily _1608 13&Page=3.  


The Department of Homeland Security is about to embark on an ambitious project to add biometrics to its smart card identification system. Other government efforts have demonstrated that such projects can go horribly awry, but it also has the potential to profoundly change DHS for the better.


The exact path the agency takes, analysts say, depends on how well it prepares itself and possibly on how well it incorporates some new technical guidance.


In May, DHS issued a request for proposals to add facial, fingerprint and iris recognition capabilities to its ID system as part of a $102 million upgrade. The agency is seeking a new contractor to take over the ID management project currently overseen by XTec and establish a new biometric-based card system that complies with Homeland Security Presidential Directive 12 (HSPD-12).  


The contractor would replace 161,924 personal identity verification (PIV) cards by the end of 2013 and another 116,172 in 2014, DHS officials said.


According to the agency, the winning contractor would also install enrollment and issuance stations at as many as 300 DHS locations to manage at least 300,000 PIV cards. Those locations could include sites outside the United States.


Biometric challenges

Many agencies are meeting HSPD-12's requirement for physical and logical access to their buildings and computer systems, but few have been adequately incorporating biometric capabilities. DHS's project takes that bull by the horns, but not without risk.


Heidi Shey, an analyst at Forrester Research who covers security and risk markets, said the relatively short timeline for completing such a large project could lead to big problems if sound planning is not done upfront. For the agency to avoid trouble down the road, it should be working on - or, better yet, completing - programs that establish enrollment processes for employees, define what kind of information each employee needs embedded in his or her card, and create backup plans in case of failure, she added... . 


The New Smart Card

Today's smart cards might look like the laminated flash passes of old, but they now go far beyond name, address and photo. On-board computer chips can carry complete identification records and other documentation, including digitized fingerprint or facial recognition images... .  


A model for other agencies

DHS's plans got a boost from the National Institute of Standards and Technology in mid-July. After a long delay, NIST released specifications for iris recognition capabilities under Federal Information Processing Standard 201-2 - the latest installment in a series of NIST publications that provide technical guidance for complying with HSPD-12.


By consulting the FIPS 201-2 publication, federal agencies can implement standards-based biometrics and identity management solutions that are accurate and interoperable, said Charles Romine, director of NIST's Information Technology Laboratory.


The recently released guidelines include specifications for federal agencies to use iris recognition as an optional add-on for authentication of their PIV cardholders, Romine said.  


(According to) agency spokeswoman Marsha Catron, DHS continues to implement HSPD-12, which works to improve the secure, reliable identification of federal employees and contractors. If DHS is successful in implementing its biometric ID program, it could provide a model for other agencies.  


A biweekly e-newsletter from the Office of Research Services, Division of Personnel Security and Access Control (ORS/DPSAC) to keep you informed as NIH rolls out "Homeland Security Presidential Directive 12" (HSPD-12) establishing a common identification standard to better safeguard NIH and its workforce.