GSA awards $177 million contract to modernize federal identity system

The General Services Administration (GSA) has awarded a contract worth up to $177.2 million to XTec Inc. for the modernization and management of the federal government’s shared credentialing service, USAccess.

The award, made this week, following a competition that attracted four offers. The initial funding obligated at the time of the award is approximately $9 million.

USAccess serves more than 100 federal agencies and currently supports issuance and lifecycle management of approximately 600,000 Personal Identity Verification (PIV) cards under the framework of Homeland Security Presidential Directive-12 (HSPD-12), the directive mandating secure, standardized identification for federal employees and contractors.

The new contract is designed to evolve the service into a next-generation, modular architecture enabling identity proofing, credentialing and authentication, including alternatives to the traditional smart-card token, under modern standards such as SAML 2.0, OpenID Connect, OAuth 2.0 and REST APIs.

XTec will succeed the incumbent provider, Peraton (which inherited the role via its acquisition of Perspecta) whose contract is set to expire on September 28, 2027. Peraton’s order, to date, has seen obligations of approximately $151 million.

The transition between providers will need to accommodate steady-state operations across the credential-overseeing ecosystem of agencies while migrating to the new service environment.

GSA’s solicitation and award reflect a shift toward greater maturity, scalability, and shared infrastructure in federal identity, credential, and access-management systems.

By adopting a multi-tenant platform with API-first capabilities, the government intends to streamline issuance, lifecycle management, and authentication workflows across disparate agencies.

The emphasis on alternatives to physical smart cards signals growing recognition of mobile, password-less or derived credentials as viable complements within certain approved federal use cases.

For XTec, the contract expands upon its existing portfolio of federal identity work. The company markets its AuthentX credential- and identity-management platform and describes itself as servicing more than 70 federal agencies.

Industry watchers note the award displaces a long-standing incumbent and is a signal of procurement emphasis on modern, service-oriented identity platforms rather than tightly coupled legacy systems.

Operationally, agencies should expect minimal disruption in credential issuance during the transition but should prepare for phased integration into the new system architecture. The move also echoes broader policy imperatives around identity security, authentication resilience and agency interoperability.

Since HSPD-12 was issued in 2004 and USAccess was launched in 2007 to fulfill that standard, the government now appears ready to modernize the system in line with evolving threat models and technology options.

The contract underscores the government’s commitment to secure, standardized identity across its workforce and clarifies that the next decade of federal PIV issuance and management will rely on a service built for scale and agility rather than point-solutions.

The GSA-XTec partnership now sets the stage for what the agency describes as a “HSPD-12 Core Service Next Generation” strategy, positioning USAccess as the backbone credential-service offering for the federal enterprise.

Article Topics

biometric authentication  |  biometrics  |  government purchasing  |  GSA  |  identity access management (IAM)  |  identity management  |  identity proofing  |  PIV cards  |  procurement  |  U.S. Government  |  XTec