2025 FedID Award Finalists

---

Best Technical Advancement

Finalist: Department of Veterans Affairs

Over the past 18 months, the Department of Veterans Affairs (VA), in partnership with credential service providers, ID.me and Login.gov, executed one of the most impactful digital modernization initiatives in federal identity management: the migration and consolidation of over three million My HealtheVet (MHV) sign-in accounts to secure, modern credentials. This migration was designed to streamline user access, bolster cybersecurity, and reduce costs across the VA’s digital platforms, most notably VA.gov and AccessVA.

This effort was led under the direction of the VA Office of the Chief Technology Officer (OCTO), which served as the operational hub for planning, decision-making, and technical execution. OCTO effectively coordinated across multiple branches of the agency, including the Veterans Health Administration (VHA), the Veteran Experience Office (VEO), and the VA’s communications teams, to ensure a unified approach. The program also benefited from meaningful collaboration with local facilities, and Veteran Service Organizations. This seamless cross-functional alignment was key to managing change at scale and ensuring the initiative’s success.

The initiative commenced in late 2023 with a clear objective: reduce the number of disparate login systems veterans encountered when accessing their healthcare and benefits online. Credentials like MHV sign-in accounts had become costly and burdensome to maintain. More critically, they no longer aligned with federal cybersecurity mandates, including Executive Order 14028 and OMB M-22-09, both of which emphasize phishing-resistant multi-factor authentication and modern identity proofing.

In 2024, VA launched a coordinated communications and support campaign to guide veterans through the transition. This included targeted in-app notifications, email and SMS outreach, step-by-step online guides, and human-centered support channels. VA also established dedicated call center operations and on-demand command centers to provide real-time assistance for identity verification and account upgrades, ensuring continuity of care and benefits access for all users.

To further support veterans, VA conducted dozens of in-person enrollment events in high-priority, hard-to-reach areas across the United States. These events focused on engaging rural, elderly, and underserved veteran populations, offering live assistance for identity proofing and credential setup. This deliberate emphasis on equitable outreach helped to ensure that veterans of all backgrounds could securely access digital services without unnecessary barriers. By the first half of 2025, VA had successfully transitioned more than 3 million veterans to modern credentials. The outcome improved access continuity, enhanced security, and significantly reduced the complexity and maintenance burden of managing MHV sign-in credentials.

This initiative stands as a model of operational excellence. It demonstrates how a federal agency can coordinate across complex internal structures, partner effectively with the private sector, and deliver measurable impact at national scale. Through strong leadership, interagency cooperation, and mission-driven innovation, VA has elevated its digital identity infrastructure—making it safer, simpler, and more accessible for the veterans it serves.

Finalist: DOE FSA

The Defense Forensics and Biometrics Agency (DFBA) BISCO Team led by Mr. Ryan Triplett, through its Biometric Interoperability and Standards Compliance Office (BISCO), has made major strides in advancing biometric systems through conformance testing. Over the past year, DFBA formalized and significantly enhanced the conformance capabilities to ensure compliance with DoD EBTS v4.1 and NATO STANAG 4715 Edition 2, both built on ANSI/NIST-ITL 2011 Update: 2015 and NIEM v4.1.

This effort involved establishing Cooperative Research and Development Agreements (CRADA) with industry to improve data quality produced by biometric collection devices currently in operational use by the entire USG both CONUS and OCONUS. The team hosted numerous biometric conformance evaluation events in conjunction with the Joint Interoperability Test Command oversight. Through these evaluations, DFBA identified key non-conformance issues in operational devices—including encoding mismatches, schema violations, and transmission formatting errors—that would have led to interoperability failures across joint, coalition, and interagency systems.

DFBA used these findings to directly improve data quality and biometric collections of operational devices used across USG. These improvements have enabled more accurate biometric collections and automated detection of compliance issues across a wide range of commercial and government biometric platforms.

DFBA also worked with both industry and government biometric collection device developers to resolve identified issues, ensuring that corrected devices could produce quality data that is seamlessly ingested into authoritative biometric repositories across the USG and Foreign Partners. This direct, test-and-correct approach has increased biometric data fidelity across the entire USG, reduced downstream ingestion errors, and supported broader interoperability goals across USG and NATO environments.

By continually evolving the DoD conformance capabilities and applying it across operational systems, DFBA has demonstrated technical leadership in driving standards-based biometric data exchange and improving data quality. Their work ensures that biometric data across the USG remains trusted, validated, and fully interoperable.

Finalist: DFBA BISCO

The U.S. Department of Education’s Office of Federal Student Aid (FSA) has identified critical limitations in federal student aid identity verification processes, significantly advancing efforts to combat fraud. These initiatives, detailed in two press releases: Press Release #1 and Press Release #2, address a surge in identity theft and fraudulent disbursements, uncovering $90 million in improper payments, including $30 million to deceased individuals and $46 million to ineligible recipients.

The FSA team’s analysis revealed systemic vulnerabilities, particularly in the Free Application for Federal Student Aid (FAFSA) process, where 150,000 suspect identities were flagged in the 2025-26 cycle. Key limitations included inadequate real-time data-sharing with the Social Security Administration (SSA) and the Department of Homeland Security (DHS), which allowed disbursements to deceased or ineligible individuals, and relaxed verification safeguards during the COVID-19 pandemic. These gaps enabled technologically advanced fraud rings to exploit the system, costing millions and diverting aid from eligible students.

To address these, FSA reinstated critical tools like the National Student Loan Data System (NSLDS) post-screening to flag ineligible applicants and resumed flagging suspected identity fraud in March 2025. Starting summer 2025, approximately 125,000 first-time applicants must present valid government-issued photo ID in person or via live video, replacing outdated documentation like the Statement of Educational Purpose. A permanent screening process for all FAFSA applicants is planned for fall 2025, leveraging advanced data models and partnerships with SSA, DHS, and potentially Login.gov to enhance real-time verification.

These measures address the award’s focus on discovering limitations with profound impact. By identifying and tackling fraud vulnerabilities, FSA’s actions protect taxpayer funds and ensure aid reaches legitimate students. The planned automation of verification processes will reduce administrative burdens on institutions, enhancing federal identity system efficiency and security, with potential to influence other agencies combating identity fraud.

 

Best Operational Success

Finalist: Department of State’s Bureau of Consular Affairs

In a landmark leap for the U.S. government’s digital services, the Department of State’s Bureau of Consular Affairs (State/CA) transformed a cornerstone of American identity – passport renewal – into a streamlined, secure, and entirely online experience, setting a new operational benchmark for federal identity service delivery. Beyond technical innovation, they helped rebuild public trust in the U.S. government and met surging demand for international travel. The U.S. passport is more than a travel document. Positioned at the nexus of travel, financial transactions, and identity verification, it functions as a form of ID, citizenship, and globally recognized credential. Demand has skyrocketed. The Congressional Research Service reported the Bureau’s passport issuance more than doubled from over 5.5 million passports in Fiscal Year (FY) 1996 to over 12 million by FY2006 and marked a new annual record of 24.5 million passports in FY2024.

Yet, this soaring demand, especially after the COVID-19 travel hiatus, further exposed outdated processes: long wait times, manual forms, and limited transparency. Cognizant of the immense operational challenges, Bureau innovators piloted and then launched a fully online renewal platform. They oversaw interagency integrations, agile development, identity-verification systems, payment infrastructure, accessibility compliance, and rollout management, while also upholding the highest standards of security and data privacy. It wasn’t always smooth sailing, but the Bureau learned lessons along the way and persevered. In the end, by removing friction in this high-volume identity service, State/CA now provides a way for eligible U.S. citizens to upload their photo, pay securely, and track progress – from submission to delivery – without paper, postage, or office visits. This shift marked a profound operational modernization.

State/CA’s success demonstrates that the U.S. government can provide digital service delivery at scale, even amid public skepticism. According to Pew Research, only 22% of Americans said in spring 2024 they trust the federal government to do the right thing always or most of the time, which is a far cry from the 70% in the late 1950s. State/CA’s new service delivery touches tens of millions annually and helps rebuild that bond.

Too often, news headlines focus on public frustration with government failure and poor service. Indicative of the low expectations, Condé Nast Traveler published an article entitled Passport Renewal Will Be Far Less Miserable in 2024. However, on July 4 this year the Wall Street Journal’s celebrated the opposite: America Has Pulled Off the Impossible. It Made Getting a Passport Simple. Journalist Ben Cohen recounted the challenges State/CA faced and his own surprise at the successful results. He cited survey findings that 86% said that renewing their passports online increased their trust in the government. These days, that’s not merely impressive. It sounds almost impossible.

The Bureau reimagined identity service delivery for a modern America. The online passport renewal platform is a model of federal innovation, proving that with vision, collaboration, and user-centering, government can meet citizens where they are – digitally, securely, and efficiently.

Finalist: DISA

The DISA Department of Defense Enterprise Identity, Credential, and Access Management (DoD E-ICAM) team has achieved significant operational success by modernizing identity security for approximately 4 million DoD users across unclassified and classified networks. Detailed in a Federal News Network article and supported by DefenseScoop and GovCon Wire, the initiative addresses critical vulnerabilities like access and permission creep and aligns with the 2026 DoD-wide ICAM deadline and 2027 zero-trust goals.

The team eliminated outdated processes, such as the DD 2875 form, introducing automated workflows backed up by non-repudiated approvals and a REST-based API catalog for modern authentication. This has reduced administrative burdens, enhanced security, improved audit compliance, and saved costs by enabling real-time access recertification.

The initiative’s federation hub was established in late 2024 and eliminates identity duplications and supports international collaboration. By June 2025, DISA, Army, Navy-Marine Corps were all federated in a DoD Federation Hub. Air and Space Forces will be federated in September 2025 achieving DoD-wide federation by FY 2025’s end. Additional federation at the agency level, such as DMDC myAuth and Defense Logistics Agency, will continue into FY 2026. Federation will continue to expand with initial federation with international allies, like Canada with plans for Five Eyes and NATO partners.

These advancements have delivered measurable outcomes: reduced security incidents, streamlined access management, and enhanced interoperability. The DISA ICAM Team’s innovative practices and scalable solutions set a precedent for federal identity management, meeting the FedID Award’s criteria for operational success.

 

Best Educational Effort

Finalist: NIST – Ryan Galluzzo

Ryan Galluzzo, as the Digital Identity Program Lead for the Applied Cybersecurity Division at the National Institute of Standards and Technology (NIST), has significantly advanced the federal identity community's knowledge and capabilities through exceptional educational efforts. His leadership and efforts to educate the identity community on NIST Special Publication (SP) 800-63-4, finalized in July 2025, has provided the federal identity community with comprehensive, updated guidelines for digital identity management. This revision incorporates nearly 6,000 public comments collected across drafts (initial draft in December 2023, second draft in August 2024, and final refinements). These guidelines cover the identity proofing, authentication, and federation of users (e.g., employees, contractors, or private individuals) who interact with government information systems over networks. Galluzzo's role as a key author and coordinator of stakeholder feedback, combined with his presentations at events like RSA, FedID, Authenticate, Gartner IAM, has equipped federal agencies with accessible, actionable guidance to strengthen identity proofing, authentication, and federation while enhancing user experience. By distilling complex technical requirements into clear, practical resources, he has empowered the federal identity community to combat identity theft, unauthorized access, and emerging cyber risks effectively.

Galluzzo has further excelled in educating both the federal identity community and broader stakeholders about federal identity applications through his leadership in the NIST National Cybersecurity Center of Excellence (NCCoE) Mobile Driver’s License (mDL) project, co-led with security engineer Bill Fisher. Over the past 18 months, this initiative has driven the advancement of standards, best practices, and protocols for mDLs and verifiable digital credentials. Key educational efforts include hosting webinars (e.g., April 2025 project update), organizing the July 2025 Federal mDL Industry Day to engage regulators and vendors, and releasing draft guidance and project requirements through Cooperative Research and Development Agreements (CRADAs) with partners like IDEMIA, Mattr, and SpruceID. Galluzzo’s contributions to interoperability demonstrations, such collaboration with OpenID Foundation for interoperability events in 2025, have provided the federal community and public stakeholders with practical insights into mDL use cases, such as "Know Your Customer" onboarding for financial services. These efforts address critical challenges like data privacy and seamless online transactions, positioning mDLs and verifiable digital credentials as a transformative tool for federal identity applications.

Galluzzo’s ability to convey complex technical concepts to diverse audiences—policymakers, industry partners, and agency implementers—has fostered widespread understanding and adoption. His presentations to audiences on NIST’s role in identity standards, have clarified the benefits and implementation pathways for secure digital identity solutions. Galluzzo’s educational contributions have cultivated professional growth within the federal identity community, equipping agencies with the knowledge and tools to implement robust, identity systems. His work exemplifies the FedID 2025 Best Educational Effort award criteria by delivering timely, impactful information to both the federal identity community and public stakeholders, advancing secure identity management across the nation.

Finalist: IDManagement.gov

The IDManagement.gov Team, a joint effort of the Federal CISO Council and the General Services Administration (GSA), has demonstrated tremendous leadership in educating the federal identity and cybersecurity community. They have achieved this through a multitude of experiments and resources, all meticulously aligned with key directives such as OMB Memo 19-17, NIST Special Publication 800-63-4, White House Priorities, and in response to evolving security and identity threats.

The team has significantly advanced cybersecurity by conducting experiments and publishing findings on Post-Quantum Cryptography for both physical and logical access, preparing agencies to detect and defect against future cyber threats. They have also published research on Mobile PIV (mPIV) technology, demonstrating the secure issuance, storage, and use of PIV credentials on mobile devices via mobile wallets.

In collaboration with the DARPA SemaFor program team, they developed and published the Identity Fraud Detection Playbook, a crucial tool for detecting digital forgeries (deepfakes) in audio, video, and images. Additionally, the team spearheaded an interagency initiative, developing several best practices guides for public and citizen identity management. These contributions offer a unique and improved approach to securely managing and safeguarding public identity against various threats.

Furthermore, the team contributed to the understanding of Content Delivery Networks (CDNs) by authoring numerous papers. These publications provide in-depth analyses of attack methods and system vulnerabilities, thereby helping agencies enhance the performance, scalability, and security of their web infrastructure.

The IDManagement.gov team's extensive experimentation and knowledge sharing demonstrate their dedication to delivering timely, relevant educational tools aligned with federal government objectives and priorities. They have done all of this while maintaining the highest rated user-experience in the federal system, which is a testament to their operational excellence.

Taken as a whole, these exceptional resources have cultivated professional growth within the federal identity community, empowering agencies to efficiently and effectively implement strong identity and security management practices and minimize vulnerabilities. For a full list of contributions, visit IDManagement.gov.

Finalist: DHS S&T

Department of Homeland Security (DHS) Science and Technology’s (S&T) Biometrics and Identity Technology Center has led foundational work applicable to multiple sectors on assessing the useability and accuracy of biometric systems for various government and critical infrastructure use cases. Most recently, the efforts DHS S&T has led are the Remote Identity Validation Technology Demonstration (RIVTD) and Remote Identity Validation Rally (RIVR). Both RIVTD and RIVR have been recognized as invaluable to the federal identity community. The goal of these initiatives is to foster industry engagement for the development of more secure, accurate, and easy to use remote identity validation (RIV) technologies and objectively measure performance against realistic and sophisticated attacks. As part of this effort, DHS S&T established Cooperative Research and Development Agreements with dozens of innovative solution developers and tested RIV subsystems to evaluate overall performance and answer questions on the risks, useability, and accuracy of RIV technologies for use in commercial or government applications. Outputs from these efforts are enabling Federal agencies, critical infrastructure providers, and commercial industry to gain a stronger and more nuanced understanding of risks and challenges associated with some RIV technologies as well as options to select solutions to help combat identity theft, human trafficking, and financial fraud.

FedID Service and Leadership

Finalist: DFBA Standards

The Defense Forensics and Biometrics Agency (DFBA) Standards Team led by Mr. Ryan Triplett has played a key role in Federal Identity efforts through his service and leadership in various organizations, both nationally and internationally.

At the national level, the DFBA standards team provides identity-based leadership roles in both forensics and biometrics through its contributions and leadership to NIEMOpen (formerly known as the National Information Exchange Model).

DFBA recently recognized the need for a unified forensics data exchange framework to link individuals to events and spearheaded the establishment of the NIEM Forensics Subcommittee Domain. DFBA serves in a leadership role as chair for this recently established subcommittee, which develops and governs forensic data standards across the USG which enables all government agencies to share forensic attribute data seamlessly. Additionally, DFBA continues its leadership role as the DoD co-chair for the NIEM Biometrics Subcommittee since its establishment in 2012, contributing to the interoperability of biometric systems and harmonization of biometric standards.

DFBA is also a co-chair of the DoD Forensics and Biometrics Standards Working Group (FBSWG), the only DoD-wide forensics and biometrics forum focused on advocating for and serving DoD wide interests during the standards development process. DFBA serves as the DoD affiliate role to the National Science Foundation Center for Identification Technology Research (CITeR) to address research challenges related to securing individual identity in a global society.

DFBA standards team serves on the Intelligence Advanced Research Project Activity’s Government Advisory Panel to provide technical and programmatic guidance on projects such as Biometric Recognition and Identification at Altitude and Range (BRIAR). Additionally, the DFBA team facilitates the transition of capabilities such as BRIAR to operational components within the DOD.

At the international level, DFBA serves a leadership role to the North Atlantic Treaty Organization (NATO) Custodial Support Team which builds a coalition of member nations to agree on the exchange of biometric and identity related information across NATO allies.

DFBA regularly contributes to the International Organization for Standardization (ISO) standards in both biometric and forensic enterprises through ISO/IEC Subcommittee 37 – Biometrics and ISO Technical Committee 272 – Forensics. As a contributing member of both committees DFBA serves as the liaison to ensure equities on both sides are represented. DFBA’s plays key leadership roles within the Federal Identity space and serves the community by providing valuable contributions at both the national and international levels. DFBA’s leadership, professionalism and service to the federal identity provides a welcome consistency in a continuously changing environment.

Finalist: Kevin Pratt - NARA

Kevin Pratt embodies the spirit of transformative federal identity innovation. Kevin was instrumental in delivering a critical modernization milestone: enabling veterans to access their military records through the eVetRecs portal with greater ease, speed, and security. Kevin consistently prioritized underserved veteran populations, advocating for features such as in-person verification pathways and multilingual access. His leadership helped ensure that the solution was not only secure and efficient, but inclusive. His deep understanding of interagency dynamics, commitment to digital equity, and tireless drive for mission outcomes helped turn a complex vision into operational reality. Kevin’s leadership is a model for public-private collaboration at scale—and makes him an ideal candidate for recognition at the FedID conference.

Finalist: NIST Digital Identity Program

For efforts to revise and improve NIST Special Publication 800-63 Digital Identity Guidelines with revision 4 being released in August 2025. SP 800-63-4 is a set of guidelines designed to ensure the security and privacy of people using government services. The new guidelines explain the process and technical requirements for meeting digital identity assurance levels for identity proofing, authentication, and federation—including requirements for security and privacy, as well as considerations for improved customer experience of digital identity solutions and technology. The update brings new technology options and considerations to the table that were not available at the time of the last revision in 2017.

Career Achievement and Recognition

Finalist: William Graves – DHS OBIM

As the title of a 2018 army.mil article declared, “Everybody Knows Will” - a sentiment that continues to resonate throughout the federal identity and biometric communities. William Graves has been a driving force in this field since 2005, with a distinguished 20-year career in federal service across the Department of Homeland Security (DHS) and the Department of Defense (DoD).

In his current role as Deputy Assistant Director at DHS’s Office of Biometric Identity Management (OBIM), Will sets the strategic direction for technology development, biometric innovation, and identity services. He leads the Futures Identity group, where his vision and deep technical insight have fueled the development of pioneering solutions to meet critical mission needs across DHS and its interagency partners. Will’s ability to identify and cultivate emerging technologies, paired with his strong commitment to collaboration continues to elevate OBIM’s leadership in biometric innovation.

Will has been a lifelong advocate and architect of technical innovation, standards development and biometric interoperability. He began his DHS tenure spearheading biometric innovation projects leading the deployment of the initial interoperability project with the FBI (Secure Communities), and first international biometric sharing project with the United Kingdom’s Border Agency (UK Visas). Additionally, he has chaired numerous standards bodies, representing the United States at ISO/IEC SC37 meetings, and founded the National Information Exchange Model (NIEM) Biometrics Domain. Today, he continues to serve as OBIM’s lead subject matter expert on standards and interoperability, playing a vital role in advancing ISO/IEC, INCITS, and ANSI/NIST frameworks, as well as supporting the emerging domain of artificial intelligence.

While at DoD Biometrics, he led the deployment of DoD Automated Biometric Information System (ABIS) 1.2 in his capacity of Chief Engineer. He established and led the Biometric Interoperability Conformance Office (BISCO), which tested biometric equipment for compliance with the DoD Electronic Biometric Transmission Specification (EBTS), ensuring interoperability across the DoD enterprise. Simultaneously, he served as Chair of the NATO Architecture Sub-Working Group responsible for creating technical solutions for biometric systems interoperability and cross organization standardization. Will was the technical lead for Foreign Military Sales and oversaw the development of biometrically enabled national identification systems in Afghanistan and Iraq, as well as a multi-modal border management system in Bulgaria.

Beyond his technical accomplishments, Will is a dedicated mentor and leader who actively invests in the growth of others, sharing opportunities, providing guidance, and fostering both technical expertise and professional development. His influence is reflected not only in the systems and standards he has helped shape, but also in the careers of those he has mentored throughout the biometric and identity communities.

Will’s contributions have earned him numerous accolades, including the prestigious Federal 100 Award, which recognizes government and industry leaders who drive innovation and advance federal IT. That army.mil article and its enduring title remain a testament to Will’s reach, reputation, and impact.