FSA and PPS InfoTech Launch FSA ID for FSA's 80+ Million Borrower Users

PPS has partnered with Federal Student Aid to launch the FSA ID system at Federal Student Aid for access and identity management of FSA's 80+ million borrower users. The FSA ID replaces the existing PIN system and will support the borrower community without relying on PII data during authentication.

Overview

On May 10th 2015, Federal Student Aid (FSA) launched a new FSA ID access and identity management site, FSAID.ed.gov to support FSA's 80+ million borrower community users. PPS InfoTech designed and developed FSAID.ed.gov to allow students, borrowers, and parents to create an account for access to several FSA systems. Their FSA ID and password has replaced the prior PIN authentication model that was used by FSA's borrower community sites. The FSAID.ed.gov credentials allow users to access all of FSA's websites for student loan borrowers including NSLDS.ed.gov, FAFSA.ed.gov, StudentLoans.gov, StudentAid.gov, and Teach-ats.ed.gov. With the new FSA ID system, users are no longer required to provide their personally identifiable information (PII) when logging in to applications.

As more and more Americans pursue postsecondary education, FSA's borrower community has grown to over 80 million users and will continue to grow each year. The FSA ID system supports both new users as well as providing access to historical data to all existing borrowers. New users will create an FSA ID profile and can access FSA's borrower applications with a single username and password. For existing users with a PIN, users can link their PIN accounts with their FSA ID to use a single account to access all their loan information. For users without an existing PIN account, the user's SSN, date of birth, and name will be matched with the Social Security Administration. After this information is confirmed, the user's historical loan information and access to all of FSA's borrower-facing websites will be available.

Easy Registration and PIN Linkage

FSA ID Registration Diagram

The FSA ID provides a single account for all borrower community FSA websites. Users can create an FSA ID even if they are not applying for financial aid or do not have existing student loans. For users with existing PIN accounts, the FSA ID system will walk the users through the process of linking their PIN account to their FSA ID to provide access to all their existing loan information. For users who have more than one PIN, they can link all their PINs to a single FSA ID to make managing their student loan data easier and faster.

Enhanced and Simplified User Experience

FSA ID User Experience Diagram

The FSA ID provides users significantly more secure and easy-to-use account access method. No longer are users required to remember an assigned PIN - they use an FSA ID and password that they choose themselves, consistent with today's industry standards. Users are not required to use their PII during authentication to FSA systems - just their FSA ID and password. If users forget their password or FSA ID, they will be able to use the self-service capabilities of the system by answering challenge questions and their verified email address to retrieve their credentials. If users need to update their name, email address, phone number or other information, the FSA ID self-service screens make it simple and walk them through the process. The FSA ID registration system is designed to support modern browsers and mobile devices to allow students access to FSA systems from the devices they use most.

Scalable Robust Architecture

PPS and FSA designed the FSA ID system to utilize best-of-breed technologies and to scale to meet the peak demand of the student loan cycle. The FSA ID system utilizes the IBM Security Access Manager (ISAM) COTS product as the core security configuration tool and extended this base architecture with custom J2EE JSF 2.2 application extensions.

One of the key challenges in architecting a security system for FSA's borrower community is the extreme peaks of the loan application and loan delivery cycle. The FAFSA peak early in the year and StudentLoans.gov peaks after schools are in session require significant architecture flexibility. The FSA ID architecture design and COTS tools allow FSA to horizontally scale to meet the extreme peaks of the FAFSA.ed.gov and StudentLoans applications while decreasing capacity during off-peak times to reduce costs. The ISAM architecture provides centralized security settings and single sign-on capabilities for users accessing multiple FSA applications.

FSA ID Architecture Diagram

In addition to developing the FSA ID registration application and system architecture, PPS developed an administrative reporting architecture and application to review and track user access. FSA defined security audit events are captured and logged to the reporting system to allow FSA administrators access to them. The reporting architecture allows FSA to efficiently review users activity on the system, users account history, and other administrative reports to support security investigations or questions about user activity.

About PPS InfoTech

PPS InfoTech is a CMMI Level 3 for Development and CMMI Level 2 for Services small business based in Rockville, Md., with expertise in application development, access and identity management, and enterprise architecture design and development. With the FSA ID system, PPS has designed and implemented the access and identity management solutions for both FSA's borrower community and the partner community of school users, financial partners, and other partner users. PPS has also developed FSA'senterprise service bus (ESB) architecture to manage system-to-system data communications, and their Access and Identity Management System (AIMS) to manage user access to FSA systems serving over 60,000 partner users.