Cyber, ASA(ALT), Phase I

Biometrics for Multi-Factor Authentication

Release Date: 02/01/2024
Solicitation: 24.4
Open Date: 02/15/2024
Topic Number: A244-008
Application Due Date: 03/20/2024
Duration: 6 month
Close Date: 03/20/2024
Amount Up To: $250,000

Objective

To supplement the DoD’s Identity Credential and Access Management (ICAM)  strategy, and to enable alignment with Zero Trust principles, the Army needs innovative approaches and solutions to use biometrics as one of several factors in multi-factor authentication (MFA).

Description

The use of biometrics, such as fingerprint and facial recognition, is popular in commercial applications because of its ease of use for the end user. While these technologies continue to gain popularity in the commercial space, the use of biometrics in Army tactical remains a significant challenge due to the environment and constraints under which the Army must operate.

Depending on the constraints, a Soldier may not be able to expose their fingers, face, eyes, or voice for recognition. This device should encrypt an authentication token or password that is only exposed when end users meet one of several biometric criteria.

A hardened, small form-factor biometric authentication device would reduce authentication latency and resolve common issues associated with single-factor authentication, such as password reuse and shared credentials. This solution should support multiple biometric authentication mechanisms, including fingerprints, facial, retina and voice recognition.

It should also support common authentication protocols and standards. Firms must design the authentication method to operate under the following conditions: Denied, Disrupted, Intermittent or Limited. Current authentication methods require the end user to have a token or key and to remember specific information, such as a complex password.

Phase I

The Army seeks a proof of concept, in the form of a whitepaper, detailing the feasibility of developing a small form factor device, or using existing hardware capabilities (i.e., camera on laptop) in the current Program Executive Office Command, Control and Communications-Tactical (PEO C3T) portfolio, which utilizes a single biometric factor such as, but not limited to, fingerprint or facial recognition.

 The proof of concept must consider the limiting factors of a tactical Denied, Degraded, Intermittent, or Limited (DDIL) environment where the device cannot reach enterprise/centralized services to perform the authentication verification.

  • The proof of concept must also consider other environmental and operation factors such as sand, heat/cold, water and Soldier protective gear that could limit the device’s ability to capture biometric factors.

Phase II

The prototype can be a vendor-developed device or utilize a PEO C3T system like the Mounted Family of Computer Systems (MFOCS). The device must demonstrate the ability to authenticate to both a centrally managed service and in a disconnected state. If feasible, the vendor will demonstrate the solution in a government facility lab. If that is not possible, the firm can demonstration the technology in a vendor provided facility.

  • The vendor will detail the methods in which the device is able to authenticate in disconnected state. The capability could include authenticating to a local cache, defaulting to another form of biometric, or by other means. The future capability must tie into an Army Identity, Credential and Access Management (ICAM) implementation.

Phase III

  • Bankingand Financing:Enhancing secure transactions and customer authentication. 
  • Personal identification:Facial recognition softwarefor userauthentication is considered the gold standard for major U.S. telecom companies,including Apple and Google. 
  • Weapon safety:Ensures authorized use of firearms. 
  • Database access:Providing secure, efficient access control to sensitive information. 
  • Voter registration:Safeguarding electoral integrity by verifying voter identity. 
  • Workplace security:Fortifies access control and employee verification systems.

Submission Information

Fingerprint

References:

 

Objective

To supplement the DoD’s Identity Credential and Access Management (ICAM)  strategy, and to enable alignment with Zero Trust principles, the Army needs innovative approaches and solutions to use biometrics as one of several factors in multi-factor authentication (MFA).

Description

The use of biometrics, such as fingerprint and facial recognition, is popular in commercial applications because of its ease of use for the end user. While these technologies continue to gain popularity in the commercial space, the use of biometrics in Army tactical remains a significant challenge due to the environment and constraints under which the Army must operate.

Depending on the constraints, a Soldier may not be able to expose their fingers, face, eyes, or voice for recognition. This device should encrypt an authentication token or password that is only exposed when end users meet one of several biometric criteria.

A hardened, small form-factor biometric authentication device would reduce authentication latency and resolve common issues associated with single-factor authentication, such as password reuse and shared credentials. This solution should support multiple biometric authentication mechanisms, including fingerprints, facial, retina and voice recognition.

It should also support common authentication protocols and standards. Firms must design the authentication method to operate under the following conditions: Denied, Disrupted, Intermittent or Limited. Current authentication methods require the end user to have a token or key and to remember specific information, such as a complex password.

Phase I

The Army seeks a proof of concept, in the form of a whitepaper, detailing the feasibility of developing a small form factor device, or using existing hardware capabilities (i.e., camera on laptop) in the current Program Executive Office Command, Control and Communications-Tactical (PEO C3T) portfolio, which utilizes a single biometric factor such as, but not limited to, fingerprint or facial recognition.

 The proof of concept must consider the limiting factors of a tactical Denied, Degraded, Intermittent, or Limited (DDIL) environment where the device cannot reach enterprise/centralized services to perform the authentication verification.

  • The proof of concept must also consider other environmental and operation factors such as sand, heat/cold, water and Soldier protective gear that could limit the device’s ability to capture biometric factors.

Phase II

The prototype can be a vendor-developed device or utilize a PEO C3T system like the Mounted Family of Computer Systems (MFOCS). The device must demonstrate the ability to authenticate to both a centrally managed service and in a disconnected state. If feasible, the vendor will demonstrate the solution in a government facility lab. If that is not possible, the firm can demonstration the technology in a vendor provided facility.

  • The vendor will detail the methods in which the device is able to authenticate in disconnected state. The capability could include authenticating to a local cache, defaulting to another form of biometric, or by other means. The future capability must tie into an Army Identity, Credential and Access Management (ICAM) implementation.

Phase III

  • Bankingand Financing:Enhancing secure transactions and customer authentication. 
  • Personal identification:Facial recognition softwarefor userauthentication is considered the gold standard for major U.S. telecom companies,including Apple and Google. 
  • Weapon safety:Ensures authorized use of firearms. 
  • Database access:Providing secure, efficient access control to sensitive information. 
  • Voter registration:Safeguarding electoral integrity by verifying voter identity. 
  • Workplace security:Fortifies access control and employee verification systems.

Submission Information

References:

 

Fingerprint

Biometrics for Multi-Factor Authentication

Scroll to Top