DoDM 5200.08 V3, January 2, 2019
SECTION 5: ACCEPTABLE FORMS OF IDENTIFICATION 29
Table 3. Verification Methods
Method Verify the Credential Verify the Cardholder
A
(high
risk)
Visually. By comparing the individual presenting the
credential with the photo printed on the card.
B1
(medium
risk)
By reading an identifier from a barcode and
verifying that identifier against a local
authoritative system capable of tracking
revocations at the installation level, such as the
local ePACS.
By comparing the individual presenting the
credential with the photo stored in an
authoritative system, such as the local ePACS
or Defense Enrollment Eligibility Reporting
System (DEERS).
B2
(low risk)
By reading an identifier from a barcode and
verifying that identifier against an
interconnected authoritative system capable of
tracking revocations at the enterprise level,
such as DEERS.
By comparing the individual presenting the
credential with the photo stored in an
authoritative system, such as the local ePACS
or DEERS.
C
(low risk)
By performing a full public key infrastructure
authentication against either the Card
Authentication function or the PIV
Authentication function, including verifying
including the signature, trust chain, expiration
dates, policy under which it was issued, and
continued validity of the certificate against a
certificate revocation list or Open Certificate
Status Protocol responder.
By comparing the individual presenting the
credential with the photo stored in an
authoritative system, such as the local ePACS
or DEERS.
D
(low risk)
By performing a full public key infrastructure
authentication against either the Card
Authentication function or the PIV
Authentication function, including verifying
including the signature, trust chain, expiration
dates, policy under which it was issued, and
continued validity of the certificate against a
certificate revocation list or Open Certificate
Status Protocol responder.
By using a credential verification process that
requires card activation (such as PIV
Authentication); comparing the individual
presenting the credential against the signed
digital photo stored on the card provided the
signature on the digital photo is verified; or
comparing the individual against the signed
biometric object stored on the card provided
the signature on the biometric object is
verified.
E1
(medium
risk)
By reading an identifier such as the Card
Holder Unique Identifier or Globally Unique
Identifier, and verifying that identifier against a
local authoritative system capable of tracking
revocations at the installation level, such as the
local ePACS.
By comparing the individual presenting the
credential with the photo stored in an
authoritative system, such as the local ePACS
or DEERS.
E2
(low risk)
By reading an identifier such as the Card
Holder Unique Identifier or Globally Unique
Identifier and verifying that identifier against
an interconnected authoritative system capable
of tracking revocations at the enterprise level,
such as the Federal Bridge.
By comparing the individual presenting the
credential with the photo stored in an
authoritative system, such as the local ePACS
or DEERS.