Login.gov, the federal single sign-on project based out of the General Services Administration’s Technology Transformation Service, needs help verifying legitimate users within the U.S. population.
To that end, it has posted a blanket purchase agreement for a multi-award contract “to provide a broad base of contractors who the government can work with to have the highest proofing rate for an agency population.”
According to director Joel Minton, four government apps currently use login.gov and the software is ramping up users “very very quickly.” The goal for login.gov, of course, is to have it used across the federal government.
So in preparation for that, the team is looking for contractors who can provide identity resolution, address verification, account verification, behavioral analytics and government ID verification. These need not come in the same package — through the BPA, GSA is vetting services for further selection, down the road, based on agency needs. The contract welcomes companies with a solution in at least one of the aforementioned areas to submit an offer.
Identity resolution solutions should use “the smallest set of attributes necessary to resolve to a unique individual.” Whatever the method, contractors should be able to proof at least 50 percent of the U.S. population.
For address verification, login.gov is looking for solutions that can confirm, “at a minimum,” the phone number, address or email address of 10 percent of the U.S. population. Similarly, account verification ties a user using information like utility payments, rent payments and more. Government ID verification, meanwhile, is the process of matching government-issued identification documents like IDs, passports or marriage licenses with another version that confirms the document is genuine. For example, this could mean cross-checking a state-issued ID with the state that issued it. Again, solutions should be able to do this for at least 10 percent of the U.S. population.
Finally, the contract calls for behavior analytics offers that “monitor identities over multiple dimensions such as time, geolocation, pattern of use, attribute changes for indicators of potential fraud and provide that back to login.gov as indicators.”
There is a slate of other requirements for would-be contractors laid out in the statement of work, including technical support, maintenance, security and more.
The contract states an ordering period of 12 months from the date of award, with the option of four additional years. Offers are due to GSA by Jan. 18, 2018. “There is no dollar limitation to the amount of orders placed under these BPAs,” the solicitation says.
“As login.gov grows, there is the need to have the mix of methods/data sources that can most effectively proof login.gov’s partner agencies populations,” the statement of work states.