CAC readers have been required by the Department of Defense to access computer networks for over a decade. The DoD began issuing CAC credentials and CAC readers in 1999, two years before the 9/11 terrorist attacks and they have proven successful in reducing cyber threats to networks, databases and websites. Today, nearly every DoD issued computer has a CAC Reader attached via a USB port.
While CAC readers were being rolled out for network access, little consideration was given to using a CAC reader for facility access. The 9/11 attacks initiated a paradigm shift in identity management when it was learned that 18 of the 19 terrorists possessed false identity documents. Nearly every state in the union had different rules for issuing drivers licenses and no common standard existed. The Federal Government, while responsible for insuring transportation safety, had no control over the identity documents being presented by the travelling public. The Government has not been able to overcome the resistance from States and citizens to have a national ID but the emphasis for a common, secure identity credential had been established.
Shortly after 9/11, a number of Federal agencies, including the DoD, sponsored proof-of-concept test programs to demonstrate the use of CAC readers for building access. Most of these programs were laboratory experiments which resulted in no real world experience.
Fortunately, a very forward thinking LTC in the US Army, Greta Lehman, believed that what was really needed was a real world use installation of CAC readers. In her view, “experiments were great but would a CAC reader work in the real world?” She wanted to know. LTC Lehman was the senior officer for SET-D (Secure Electronic Systems and Devices) under the PEO EIS and was responsible for fielding the CAC to Army personnel worldwide. She set out to provide the DoD with “lessons learned” by installing a proof-of-concept CAC reader system for building access. Armed with funding from the Army biometrics office, LTC Lehman surveyed firms with smart card reader technology that were capable of building a CAC reader that could be integrated with biometrics for building access.
At the same time, BridgePoint Systems had met with executives from the DOD DMDC, both in Monterey CA and Washington DC, to demonstrate the firm’s smart card reader technology. In January of 2002, through an introduction made by DMDC, BridgePoint demonstrated a CAC reader prototype at a meeting attended by LTC Lehman.
In April, 2002, LTC Lehman asked BridgePoint to install an operational CAC reader system that incorporated fingerprint biometrics at the PEO EIS building at Ft. Belvoir, VA. She termed the project “Lead Dog.” The access system was developed and, produced over an 8 month period and was installed at the PEO EIS building on Ft. Belvoir in January 2003. The installation included 8 doors with biometric enabled CAC readers and over 350 enrolled users. The system was designed to utilize CAC + PIN during the day and CAC + PIN + Biometric during “off-duty” hours.
Prior to installation of the BridgePoint CAC reader system, LTC Lehman’s SET-D engineering team performed extensive testing on the readers, controllers and software before allowing the system to be deployed.
LTC Lehman termed the installation at PEO EIS "very successful" and over the next few years the installation was demonstrated to many important Department of Defense members including SES officers, the Army G3 office and the DoD CIO office. This project launched BridgePoint as a mainstream supplier of CAC readers for building access.