SAM #70SBUR26I00000013

USCIS RFI: Remote Document Authentication and Identity Verification Software Solution

USCIS is seeking industry input on enterprise-level, remote document authentication and identity verification tools to enhance its digital services: - Government Buyer: - U.S. Citizenship and Immigration Services (USCIS), Department of Homeland Security - Contracting Office: USCIS CONTRACTING OFFICE(ERBUR), Williston, VT - OEMs and Vendors: - No specific OEMs or vendors are named in this request for information - Products/Services Requested: - 100% software-based solution for remote document authentication and identity verification - Must authenticate both U.S. and foreign identity documents - Real-time extraction of structured data and high-quality images - Integration with USCIS systems via API - Support for biometric chip and RFID, OCR, intelligent document processing, and cross-device workflows - Scalability for at least 10 million transactions annually - Advanced fraud detection, including presentation attack defense - Support services: system upgrades, service calls, technical troubleshooting - Unique or Notable Requirements: - FedRAMP Moderate or equivalent security compliance - FIPS 140-3 validated AES-256 encryption - Compatibility with all major mobile phones and web browsers - Metrics for system performance and accuracy required - Information on pricing structures and technical documentation requested - No specific products, part numbers, or purchase quantities are listed - Place of Performance and Delivery: - USCIS Contracting Office (Williston, VT) - Camp Springs, Maryland (potential place of performance)

Description

Document Authentication and Identity Verification Tools RFI

The guidance provided herein is based on the authorities prescribed by the Revolutionary Federal Acquisition Regulation (FAR) Overhaul (RFO), in response to Executive Order 14275, Restoring Common Sense to Federal Procurement, and applicable Department Homeland Security (DHS) FAR Deviations; therefore, citations in this notice are referenced as RFO.

1. RFI Announcement

This RFI is issued solely for the purpose of conducting preliminary market research in accordance with (RFO) Part 10 and does not constitute an Invitation for Bids, Request for Proposal, or Request for Quotations. No solicitation is being issued at this time, and the Government makes no assertion that a solicitation will be issued.

In accordance with RFO 15.101(c), Requests for Information, responses to this notice are not offers and cannot be accepted by the Government to form a binding contract, nor do they affect a potential vendor’s ability to respond to any future synopsis/solicitation which may or may not follow or restrict the U.S. Government's eventual acquisition approach.

Additionally, the U.S. Government is not obligated to, and will not, provide reimbursement for any information that may be submitted in response to this notice. Respondents are solely responsible for all expenses associated with responding. Respondents will not be notified of any results derived from a review of the information provided.

2. Background

The U.S. Citizen Immigration Services (USCIS) forecasts a requirement for enterprise-level tools and techniques which support document authentication and identity verification when interacting with members of the public.

The objective of Document Authentication and Identity Verification Tools notice is to provide insights into technologies that can be leveraged to support operations that require document authentication and identity verification.

Document authentication and identity verification are essential for maintaining program integrity, supporting federal operations, and ensuring compliance with regulatory requirements. Historically, many USCIS processes have relied on manual, in-person document review, which can present operational challenges and limit access and flexibility, especially for remote or distributed users.

To address these challenges and modernize its operations, USCIS is looking for a remote document authentication and identity verification information technology solution.

The primary purpose of this RFI is to identify sources that currently have capabilities that can meet the technical requirements to deliver document authentication, facial comparison with presentation attack defense, and the ability to extract identity document data for integration to existing USCIS systems and applications. Any solution must be remote and capable of being run on all major mobile phones and web browsers.

A viable solution needs to be able to support multiple USCIS programs and use cases with program‑specific configurations and Application Programming Interface (API)-based integrations performed by USCIS teams. Support services must include system upgrades, allow for service calls, and provide access to technical support for troubleshooting.

3. Preliminary Technical Specification Requirements

A viable solution needs to be able to support multiple USCIS programs and use cases using the same core APIs and verification engine, with program‑specific configurations and integrations performed by USCIS teams. Support services must include system upgrades, allow for service calls, and provide access to technical support for troubleshooting.

More specifically, the solution must provide the following capabilities:

Authenticate U.S. and foreign identity documents, extract structured data and high‑quality images, and provide these outputs to USCIS systems in real time. The same core platform (API-based solution and verification engine) shall be reusable across remote and in‑person contexts, with program‑specific integrations and configurations. The solution shall be 100 percent software based. The solution shall not rely and/or require any hardware. For cloud based solutions, Federal Risk and Authorization Management Program (“FedRAMP”) Authorized at a Moderate level or equivalent security requirements. The solution guides users through the image capture process for both documents and selfies, checks for quality issues such as glare or blur, and allows users to retake images as needed. Authenticate documents (e.g., template matching, rule-based checks, or artificial intelligence, etc.) including barcode and Machine-Readable Zone (MRZ) scanning to detect signs of tampering or counterfeit documents. Support for biometric chip, Radio Frequency Identification (RFID), and mobile integrations should be included where applicable. Use Optical Character Recognition (OCR), intelligent document processing, or computer vision-based text extraction to extract relevant data from documents in a format compatible with USCIS program requirements. Support cross-device workflows, such as initiating a process on one device and completing it on another, using mechanisms like QR codes or tokens. Provide clear error messages and codes to facilitate smooth problem resolution. Demonstrate scalability and reliability to support high transaction volumes of a minimum of 10 million transactions annually. Encrypt data to ensure maximum security for data at rest and in transit. System shall use products that employ Federal Information Processing Standards (FIPS) 197 Advanced Encryption Standard (AES) algorithms with at least 256 bit encryption and have been validated under FIPS 140-3 as specified in DHS Sensitive Systems Policy Directive 4300A.

4. Questions to Industry

Please answer the below yes/no questions only with “yes” or “no” responses. Information is requested detailing your company’s capabilities and experience delivering document authentication, facial comparison with presentation attack defense, and identity document data extraction. Please answer the following questions, answering yes/no questions only with “yes” or “no” responses.

Can your solution(s) be run from USCIS controlled Amazon Web Services (AWS) cloud environments? If only hosted externally, and are FedRAMP Ready or Authorized at a Moderate level, do you have an anticipated timeline for getting FedRAMP approval? Does your solution allow for the remote photo capture of identity documents and selfies? (Yes/No) In instances of limited Wi-Fi or connectivity, does your solution allow for the offline capture of document and facial photos for later authentication and upload to USCIS systems after connection is (re)established? (Yes/No) In what format(s) do you provide document images, face crops and extracted data? (provide in list form) How fast are results returned for each function (document authentication, facial comparison)? What volume of transactions can be supported? Does your solution leverage Artificial Intelligence and/or machine learning models? If so, how? Are models trained using customer data? How is training data sourced and governed? Are you currently offering Agentic models?

7. Can you provide comprehensive technical documentation for the API-based solution for integration into existing government systems? Is the solution flexible and configurable for different workflows and integrations? (Yes/No)

8. What is the pricing structure/information for your technology? Please provide general information, such as whether it is on a license, subscription, term, perpetual, or transaction basis, as well as specific dollar amount estimates.

9. Can your solution extract images and data from a document presented? (Yes/No)

10. What identity documents are covered by your document authentication tool? Please list any and all covered documents, both domestic and foreign.

11. How do you ensure your libraries or models are up to date and how regularly are they updated?

12. How does your tool perform document authentication? Is it rules based, template-based, or machine learning-based? Is your solution 100% proprietary?

13. Can your tool authenticate via e-chips (e.g. for passports) and barcodes (e.g. for driver’s licenses)? (Yes/No)

14. If available, provide rates for the metrics listed below. Provide definitions and test conditions for each metric, including whether evaluations were independent (third-party testing) or internal. Please define your calculation methodology and any relevant test conditions or standards used (National Institute of Standards and Technology (NIST)-style definitions of applicable).

System Error Failure to Extract Document False Rejection Document False Acceptance Field level accuracy Character Error Field Completeness

15. Does your solution enable controlled capture of selfies and matching to the identity photo on the submitted document? (Yes/No)

16. Does your solution include advanced fraud detection capabilities, such as presentation attack detection (PAD), to identify and prevent spoofing attempts? (Yes/No)

17. If available, provide rates for the metrics listed below related to face-to-face matching as well as document authentication. Provide definitions and test conditions for each metric, including whether evaluations were independent (i.e. third-party testing) or internal.

Failure to Extract False Non-Match False Match Bonafide Presentation Classification Error Attack Presentation Classification Error

18. Have you participated in any DHS S&T testing? Would you be willing to participate in testing by providing APIs and allowing the government to test capabilities?

5. Response Instructions

Vendor Profile: Responses to this RFI shall include a one page cover letter, five pages of question responses, and up to five additional pages of technical specifications, metrics, or example architectures.

The cover letter shall, at a minimum, include the following information:

RFI Reference Number Vendor’s Company Name, Unique Entity Identifier, Address, Contact Person Information (including telephone number and email address) Whether you would provide document authentication solution(s) directly to the Government or through an authorized reseller If applicable, all contract vehicles you currently have, and the contract numbers associated with those vehicles (ex: GSA Schedule 874GS-00X-1234Z). Please provide company products, add-ons, and packaged solutions to include part numbers and descriptions. If applicable, Name(s) of Authorized resellers.

All responses shall be in Adobe Portable Document Format (PDF) via email only to the Senior Contract Specialist listed in Section 6 and should include in the title of the emailed response “Document Authentication and Identity Verification Response – Company Name, LLC.” Responses are due no later than Tuesday, April 14, 2026 at 2:30 PM ET.

Proprietary information should not be included in the responses. To the maximum extent possible, submit Non-Proprietary Information. All information received in this RFI that is appropriately marked "Proprietary" will be handled accordingly. Please be advised that all submissions become Government property and will not be returned nor will receipt be confirmed.

6. Submission of Responses

Responses submitted in response to this notice must be submitted electronically (via email) to the following:

Name: Nicholas Barrett, Senior Contract Specialist Email: Nicholas.p.barrett@uscis.dhs.gov

Telephonic and mail/courier responses will not be accepted.

View original listing