U.S. Department of Agriculture
Office of the Chief Information Officer (OCIO)
OMB Control Number: 0503-0014
USDA eAuthentication Service Customer Registration
Purpose:
The purpose of this request for OMB review is to obtain approval of the information collection contained in the USDA eAuthentication Service. This information collection is necessary to allow USDA customers to securely and confidently conduct business with USDA electronically via the Internet. Authority for obtaining new information from users is included in Section 2, (c), of the Freedom to E-File Act (Pub. L. 106-222), the Government Paperwork Elimination Act (GPEA, Pub. L. 105-277), the Electronic Signatures in Global and National Commerce Act (E-SIGN, Pub. L. 106-229), and the E-Government Act of 2002 (H.R. 2458). New online customers must provide information during the Registration process, which is accessible from the through the USDA eAuthentication Web site, located at www.eauth.egov.usda.gov. This voluntary online self-registration process enables USDA customers, as well as employees, to obtain accounts that will enable them to access USDA Web applications and services via the Internet. The objectives of this self-registration process are to employ standardized methods for verifying the identity of USDA customers/partners and to manage their credentials in support of electronic alternatives to traditional ink signatures. In addition, the centralized approach USDA has taken will prevent the customers from completing additional registrations for additional USDA business.
Background:
The USDA provides services to ranchers and farmers ranging from development and economic assistance and farm loans and subsidies, to land, water, and livestock resource management. In addition, the USDA is responsible for the federal government’s major agricultural procurements and generation and dissemination of natural resource research data. The USDA also leads the Federal anti-hunger effort by providing human nutrition services through the Food Stamp, School Lunch, School Breakfast, and the Women, Infant, and Children (WIC) Program.
Many of these services are provided through face to face transactions either at a central office or at one of approximately 2,500 local USDA Service Centers. In June 2002, USDA developed the capability for Service Center Agencies (SCA), formerly known as County Based Agencies (CBA), to offer the services traditionally available from service centers via the Internet. The USDA enabled SCA’s, which is comprised of the Farm Service Agency (FSA), Natural Resources Conservation Service (NRCS) and Rural Development (RD), to offer agricultural producers the alternative of electronically submitting most of the forms needed to participate in the agencies’ programs and services. Currently, there are hundreds of SCA’s commonly used forms available through the eForms service and many can be electronically submitted to USDA. As users were enabled to electronically submit forms to USDA, there was a need to authenticate and authorize users electronically.
Initially, USDA’s Service Center Agencies developed an online user authentication and authorization system known as the Web Central Authentication and Authorization Facility (WebCAAF). WebCAAF required a one-time registration requirement for each SCA customer desiring access to any online service that required authentication. Form AD-2016, USDA Registration Form to Request Electronic Access Code, was used to collect the minimum information necessary to verify and validate the identity of the customer before issuing user access credentials. Despite providing user authentication and authorization electronically, WebCAAF exhibited limited capabilities in that it serviced only form submissions of the USDA SCAs and required a manual submission process for Form AD-2016.
In January 2003, the USDA initiated the eAuthentication Service, an expanded USDA enterprise wide authentication and authorization service for all USDA Web-based applications. The USDA eAuthentication Service plays a vital role in the Expanded Electronic Government (e-Government), one of the five key initiatives of the President's Management Agenda. It is a strategic component of USDA’s eGovernment vision and USDA’s Enterprise Architecture to provide common authentication and authorization services for Web-based applications.
In October 2003, the USDA eAuthentication Service was launched to service all USDA agencies. The eAuthentication service provides a single point of entry for conducting business online with USDA. Users desiring access to any only service that is protected with eAuthentication are required to complete a one-time electronic self-registration to obtain an eAuthentication account. This supporting statement pertains to customers interacting with the USDA eAuthentication Service, excluding USDA Agency employees. USDA customers can self-register for a Level 1 or Level 2 Access account. A Level 1 Access account provides users with limited access to USDA websites. A Level 2 Access account enables users to conduct official electronic business transactions via the Internet, enter into a contract with the USDA, and submit forms electronically via the Internet to USDA agencies. Due to the increased customer access associated with a Level 2 Access account, customers must be authenticated in person at a USDA Service Center by a local registration authority, in addition to an electronic self-registration. Once an account is activated, customers may use the associated user ID and password that they created to access USDA resources that are protected by eAuthentication. As of May 2005 there are 69,778 eAuthentication customer accounts. We estimate that there will be 38,604 new account registrations in the upcoming year.
The eAuthentication system architecture is a major expansion from the previous WebCAAF system architecture. In addition, eAuthentication is consistent with the USDA Web Style Guide, which was developed after the implementation of the WebCAAF system. The eAuthentication system is developed and managed by the Office of the Chief Information Officer (OCIO). eAuthentication collects customer information under OMB Control Number 0503-0014, which pertains to WebCAAF and expires on October 31, 2005. We are therefore, requesting a 3-year approval for the revision of this currently approved collection.
National Institute of Standards and Technology (NIST) requirements dictate the need for strong authentication to protect more sensitive applications. In order to provide Level 3 and Level 4 Access accounts eAuthentication must develop public key infrastructure to support strong authentication.
Supporting Statement
Justification
Explain the circumstances that make the collection of information necessary.
The Freedom to E-File Act, Government Paperwork Elimination Act, and the President’s Management Agenda prescribe eGovernment functions as alternatives to traditional paper-based processes. Conducting online transactions necessitates processes for authenticating and authorizing online users and completing transactions with an electronic equivalent to traditional ink signatures. The information collected from the eAuthentication Web site enables the electronic authentication and authorization of users to USDA Web-based applications.
Indicate how, by whom, how frequently, and for what purpose the information is to be used.
The USDA eAuthentication Service provides public and government businesses single sign-on capability for USDA applications, management of user credentials, and verification of identity, authorization, and electronic signatures. USDA eAuthentication obtains customer information through an electronic self-registration process provided through the eAuthentication Web site. This voluntary online self-registration process applies to USDA Agency customers, as well as employees, who request access to protected USDA Web applications and services via the Internet. Registrants are able to self-register online from the eAuthentication Web site, located at www.eauth.egov.usda.gov, for a Level 1 or Level 2 Access eAuthentication account. An eAuthentication account has an associated user ID and password which enables the electronic authentication of users. A user will then have access to authorized resources without needing to reauthenticate within the context of a single internet session. The user ID and password and permissions associated with an account are what authenticates and authorizes a user to access a requested USDA resource.
A customer eAuthentication Level 1 Access webusers account provides limited access to USDA Web site portals and applications that have minimal security requirements. Level 1 Access does not allow you to conduct official business transactions with the USDA via the Internet. A Level 1 Access account may be used to customize a web portal page, obtain general information about a specific USDA agency, and participate in public surveys for a USDA agency. A registrant can apply for a Level 1 Access account directly from the USDA eAuthentication Web site, located at www.eauth.egov.usda.gov. After accessing the eAuthentication Web site the registrant must click on the Create an account tab located on the left-hand navigation bar and subsequently click on the Level 1 Access link located within the context of the web page. The registrant must then complete and submit the registration form. Once the Level 1 Access self-registration form is submitted, a Level 1 Access account is created in the eAuthentication system and an email is sent to the registrant confirming their registration for a Level 1 Access account. In order to activate the account the registrant must click on the ACTIVATE MY ACCOUNT link in the email message. The user is now able to provide their eAuthentication account credentials to access protected USDA resources requiring a Level 1 Access.
A customer eAuthentication Level 2 Access webusers account provides access to all the portals and applications that are covered by an account with Level 2 Access, and also provides the ability to conduct official electronic business transactions with the USDA via the Internet. A Level 2 account also enables customers to enter into a contract with the USDA and submit forms electronically via the Internet with a USDA agency. Similarly, a registrant can apply for an eAuthentication Level 2 Access account directly from the USDA eAuthentication web site. After the registrant clicks on the appropriate Level 2 Access links, completes and submits the Level 2 Access self-registration form, and responds to the confirmation email, a Level 1 Access account is created in the system. An activated Level 2 Access account is not provided until the registrant is identity proofed. The registrant must then present their government issued photo ID at their local USDA Service Center. The USDA Service Center employee, a trained local registration authority, confirms the registrant’s identity and activates their Level 2 Access account. Approximately one hour after the Level 2 Access has been activated by the USDA Service Center employee, the registrant will have access to USDA applications and services that require an account with Level 2 Access.
Informational data that must be reported through the online self-registration form in order to obtain a Level 1 Access account are: User ID, Password, First Name, Last Name, Country Name, and Email address. Although not required, the registrant may also provide their Middle Name, and Zip Code. Due to the increased level of access to USDA applications, users must provide additional informational items to obtain a Level 2 Access account. in order to obtain a Level 2 Access account the registrant must also provide their: Home Address, City, State, Mother’s Maiden Name, 4 digit PIN number, and Date of Birth, in addition to the information that must be provided to obtain a Level 1 Access account. The registrant also has the option to provide their Home Phone number or International Home Phone number (if applicable), and an Alternate Phone number or International Alternate Home Phone number (if applicable).
The online self-registration process to obtain an eAuthentication account is a one-time information collection process. The account information can be modified without the need of the user to re-register.
An eAuthentication account enables customers to access eAuthentication-protected USDA Web-based applications. These resources have been integrated with the eAuthentication Service to enable electronic authentication and authorization of users. Certain personal information collected through the online self-registration process is conditionally shared with USDA Agencies in order to integrate USDA resources with the eAuthentication service. Sensitive data such as Date of Birth, Mother’s Maiden Name, Password, and other security related data is not shared. The eAuthentication Service ensures that shared data is transmitted to a system that has an approved and valid Certification and Accreditation (C&A) Authority to Operate (ATO) in effect. In addition, the eAuthentication Service ensures that shared data is securely managed by requiring a Privacy Impact Assessment (PIA) and Memorandum of Understanding (MOI) with the target system.
Use of information technology.
All technology used in the eAuthentication System is compliant with NIST Special Publication 800-63: Electronic Authentication Guideline. Users can obtain an eAuthentication Level 1 or Level 2 Access account solely through the online self-registration forms in the USDA eAuthentication Web site, located at www.eauth.egov.usda.gov. There is not a paper based form available to register for an eAuthentication account. Users must access the eAuthentication Web site and complete and submit the self-registration forms electronically over the Internet. There are separate online self-registration forms for a Level 1 and Level 2 Access account. The self-registration form for a Level 2 Access account requires additional user data due to the increased level of access. The self-registration forms can be access directly from the following links:
Level 1 Access - https://eauth.sc.egov.usda.gov/eAuth/selfRegistration/selfRegLevel1Step1.jsp
Level 2 Access - https://eauth.sc.egov.usda.gov/eAuth/selfRegistration/selfRegLevel2Step1.jsp
Each eAuthentication account contains an associated user ID and password that was created by the user. In addition, each account contains associated roles or permissions, given by administrators, which allow the user to access requested applications. The user ID and password and permissions associated with an account are what authenticates and authorizes a user to access a requested USDA resource.
The eAuthentication Service complies with the Government Paperwork Elimination Act (GPEA) by eliminating the need for traditional paper-based forms. In addition, eAuthentication provides full electronic reporting capabilities as required in the GPEA. However, obtaining an active Level 2 Access account electronically is not feasible since the higher level of access requires manual validation of a user’s identity. Once the user is authenticated in-person by a trained local registration authority at a USDA Service Center it is recorded in the eAuthentication system which can then be accessed for auditing purposes.
Describe efforts to identify duplication.
USDA has built the eAuthentication Service with the elimination of duplication in mind. eAuthentication prevents users from creating and/or maintaining multiple online accounts with USDA. All eAuthentication accounts have a unique user ID. Once a registrant submits an account application the system automatically searches for pre-existing user IDs and prevents duplication of an account’s key identifier. Not all USDA customers need an eAuthentication account, only those who are requesting access to USDA resources that are protected by eAuthentication. Therefore, the eAuthentication Service can not obtain customer information from other systems. There is also no alternate USDA enterprise service for authenticating and authorizing users electronically.
Methods used to minimize burden on small businesses or other small entities.
The reporting requirements in this information collection package will not affect small businesses. The online self-registration form is identical for all applicants irrespective to their volume or business. Therefore, no additional burden is being placed on businesses of any particular size.
Consequence if the information collection is not conducted or is conducted less frequently.
The information collected through the online eAuthentication self-registration form will only need to be collected once. If the information is not ever collected, the user must continue to conduct business with USDA through the existing paper-based processes.
Special Circumstances.
The information collected is consistent with provisions of the Paperwork Reduction Act of 1995 (PRA, 44 U.S.C. chapter 35), set forth in 5 CFR 1320.6.
Federal Register notice, summarization of comments, and consultation with persons outside the agency.
A request for public comment notice was published in the Federal Register on July 11, 2005 (Page No. 39715 Volume 70, Number 131). Comments were not received in response to this notice and therefore no action was taken by the agency based upon public comment via the Federal Register.
The following individuals were consulted to review the eAuthentication information collection process:
Steve Timchak, U.S. General Services Administration, [email protected], 703-872-8604.
Carol Coren, Oregon State University, Member of the USDA Technology and eGovernment Advisory Council, [email protected], 503-872-6657
Johnny Shin, J.P. Morgan, 201-592-8610
These individuals were requested to review the eAuthentication information collection process as detailed in the eAuthentication website and the customer registration job aid document. They provided opinions about the information collection process including the clarity of the registration instructions, the usefulness to the government of the information requested, and the accuracy of the Department’s estimate of the time for someone to provide the information requested.
As a result of these consultations we have decided to increase the Department’s estimates of the time for someone to register for an eAuthentication Level 2 Access account. This increase is due to the travel time required for a customer to be manually identify proofed. Initially, we estimated the time required to obtain an activated Level 2 Access account at 1.17 hours. Based on our consultations this time estimate will increase to 1.67 hours.
Explain any decision to provide any payment or gift to respondents.
The agency does not provide any payments or gifts to respondents for information collected through the USDA eAuthentication Web site.
Confidentiality provided to respondents.
All information collected will be treated as confidential in compliance with the Privacy Act and Freedom of Information Act.
Questions of a sensitive nature.
The information requested through the eAuthentication Web site is not considered of a sensitive nature (such as religious beliefs, sexual behavior and attitude, etc.).
Estimate of burden.
Refer to the attached burden grid for a breakdown of the burden estimate for the online eAuthentication account registration form.
USDA Agency customers can register for an eAuthentication Level 1 and Level 2 Access account. Registrants must submit a one-time online self-registration form and respond to a confirmation email to obtain an activated account. In order to obtain an active Level 2 Access account, the registrant’s identity must be manually validated at a USDA Service Center.
The USDA eAuthentication Service has been operating since October 2003. From October 2003 – May 2005 there has been an average of 2,104 new Level 1 Access and 1,113 new Level 2 Access account registrations each month. During this time period the number of integrated USDA applications with eAuthentication has increased from 40 applications to over 110 applications. The eAuthentication Service estimates that there will be a similar rate of expected new registrations annually. Therefore, eAuthentication estimates that there will be 25,248 (2,104 registrants * 12 months) new Level 1 Access account registrations annually. Similarly, there will be an estimated 13,356 (1,113 registrants * 12 months) new Level 2 Access account registrations annually. Collectively, eAuthentication estimates 38,604 (25,248 Level 1 + 13,356 Level 2) new account registrations annually. There are no entries on the online form that requires any applicant to develop new information not already known by the applicant.
For a Level 1 Access account it is estimated to take 8 minutes (0.13 hours) to read, understand, and complete the online self-registration form. The estimated annual cost to the public is $30,096, which is based on the annual burden of 3,282 hours (25,248 responses * 0.13 hours) times an average hourly wage of $9.17 per customer. The average hourly wage is based on the mean hourly rate of Farming, Fishing, and Forestry Occupations in the Agriculture, Forestry, Fishing and Hunting sector of the May 2004 National Industry-Specific Occupational Employment and Wage Estimates. This estimate is provided through the Bureau of Labor Statistics and can be directly accessed at
http://www.bls.gov/oes/current/naics2_11.htm#b45-0000.
For a Level 2 Access account it is estimated to take 10 minutes (0.17 hours) to read, understand, and complete the online self-registration form. This amounts to an estimated annual cost to the public of $20,825, which is based on the annual burden of 2,271 hours (13,356 responses * 0.17 hours) times an hourly wage of $9.17 per customer. In addition, there is a cost associated with the travel time to the USDA Service Center for a customer’s identity to be manually validated. The estimated time of travel for manual authentication is 1.0 hour. This amounts to an estimated annual cost to the public of $122,475, which is based on the annual burden of 13,356 hours (13,356 responses * 1.0 hour) times an hourly wage of $9.17 per customer. Collectively, there is an estimated annual cost to the public of $143,300 ($20,825 online form + $122,475 travel time).
Total annual cost burden to respondents.
The information collection and reporting burden does not impose any capital or start-up costs to respondents. The information requested is already available to respondents and there are no ongoing or follow-up reporting requirements that impose any costs but for the one-time collection.
Provide estimates of annualized cost to the Federal government.
The estimated cost to the Federal government is $100,821. This estimate is based on the cost of gathering, maintaining, retrieving, and disseminating the data. Despite fully supporting electronic information collection, additional time is sometimes needed to assist customers who are having difficulties. The estimated cost is based on requiring at least 10 minutes per response (38,604 annual responses) times the average of the GS-5 (step 5) through GS-7 (step 5) salary income of $32,598 per year or $15.67 per hour ($32,598/2080 hours per year).
Reasons for changes in burden.
This information collection request represents a revision to a currently approved information collection; this is an overall decrease of 773,147 hours. This is due to a decrease in the number of respondents and responses.
Outline plans for tabulation and publication.
The information collected is not planned for publication. It will only be used to provide the customer authorized access to applications.
Reasons display of expiration date for OMB approval of the information collection is inappropriate.
The USDA eAuthentication Service requests permission from OMB to not post the expiration date. The self-registration form will be used for a one-time registration process.
Exceptions to the certification statement identified in Item 19 of the OMB 83-I form.
There are no exceptions to the certification statement.
| File Type | application/msword |
| Author | rbrown |
| Last Modified By | rbrown |
| File Modified | 2006-09-14 |
| File Created | 2006-09-14 |