Federal Cloud Credential Exchange (FCCX)

United States Digital Services™ is a suite of services within the United States Postal Service® that focuses on raising the standard of protection across digital platforms for consumers and businesses. One of these services is the Federal Cloud Credential Exchange (FCCX), a credential exchange, also known as a hub, that allows individuals to access participating government agencies with their existing commercially-issued, verified digital identities.

Because USPS operates one of the world’s largest computer networks, it is well positioned to be a part of this transformational pilot project to develop a credential exchange program offering the public secure, private and efficient access to federal government online services.

Frequently asked questions

What is a credential exchange?

A credential exchange allows the public to securely access online services at multiple agencies without the need for multiple passwords and other digital identification for each service.

What is the Federal Cloud Credential Exchange (FCCX)?

Today, individuals logging into federal websites to get government services usually have to get a digital credential from each separate agency. FCCX is a software “middleman” that will make it simpler for individuals to bring their own credentials from an approved external credential service provider and use them to log in to federal websites. By streamlining digital authentication, FCCX will reduce government agency costs, while providing a secure, privacy-enhancing, easy-to-use-solution.

How many and which agencies will participate in the pilot?

The following agencies are actively integrating or have already integrated with FCCX, with more to be added soon: Veteran Affairs (VA), U.S. Department of Agriculture (USDA), National Institute of Standards and Technology (NIST) and General Services Administration (GSA).

Who is the target user for the FCCX pilot?

Likely participants in the FCCX pilot project are government agencies that currently require individuals to provide credentials to use their external-facing federal government web applications, and, in turn, the citizens who use the agencies’ websites and applications.

Why the need for FCCX?

The cost to government agencies to manage credentialing systems has grown significantly in recent years at the same time the agencies are being required to move their services online, and when the number of people needing to use public online services is growing. However, requiring users to get individual digital credentials for each federal agency they interact with is burdensome for them and not a good use of government resources. This is driving the need for a more integrated, easier-to-use federal services log-in system.

Why was the U.S. Postal Service chosen as the provider?

USPS runs one of the world's largest computer networks, and one of the largest email systems, handling more than four billion communications annually, with more than 13 million external email messages scanned for viruses every month. When you combine that computer savvy with the unique law enforcement resources of the Postal Inspection Service, the Postal Service is ideally suited to support the FCCX pilot project and the development of a secure credential exchange for the federal government.

How is the General Services Administration (GSA) involved in the FCCX pilot?

GSA will serve as the FCCX program management office and will be responsible for oversight and policy guidance during the FCCX pilot implementation.

How is the National Institute of Standards and Technology (NIST) involved in the FCCX pilot?

NIST maintains the national program office that facilitates implementation of the President’s National Strategy for Trusted Identities in Cyberspace (NSTIC). This strategy calls for the federal government to be an early adopter of an “identity ecosystem.” FCCX supports that goal by being a gateway for federal agencies to accept digital credentials from approved third-party providers.

What is the National Institute of Standards and Technology “identity ecosystem?”

The National Strategy for Trusted Identities in Cyberspace will set up an "identity ecosystem," a marketplace of digital websites with enhanced security and privacy that would eliminate the need for individuals to manage multiple user names and passwords.

How will the credentialing work?

The Postal Service will work with various government agencies that have public-facing websites requiring credentials for access. When citizens visit one of these websites, they can choose from a list of approved credential providers and use that credential to log into the agency website. The Postal Service will host the technology service that enables the credential issued by the approved provider to be used at the federal agency.

How will FCCX protect an individual’s privacy?

FCCX is being developed with privacy-enhancing technologies that will prevent FCCX from having access to an individual’s identity, or to store personal information about the individual. It will be designed simply to pass the credentials between the approved provider and the federal agency. FCCX also will provide other safeguards around the relationships between a federal agency and its individual customers, such as preventing credential providers from knowing what federal government websites the individuals are accessing using their credentials.