This bill establishes a VA pilot program to modernize digital identity verification for veterans using high-assurance, risk-tiered authentication systems.
Michael Lawler
Representative
NY-17
The Veterans Electronic Trust and Records Authentication Act (VETRA Act) establishes a Department of Veterans Affairs pilot program to modernize digital identity verification. This pilot will replace outdated security methods with modern, multi-layered authentication on high-volume VA platforms to reduce fraud and improve secure access. The program must use commercially available, certified solutions and will be subject to rigorous reporting and evaluation by both the VA and the GAO before any potential expansion.
VA to Launch $25 Million Digital Identity Pilot: Modernizing Veteran Logins for Disability and Health Benefits
The Department of Veterans Affairs is moving away from the old-school security questions that ask for your first pet’s name. Under the Veterans Electronic Trust and Records Authentication Act (VETRA Act), the VA is launching a two-year pilot program to overhaul how veterans prove who they are online. Instead of relying on easily hackable single-factor passwords, the bill mandates a shift to high-assurance digital identity technology. The goal is simple: make it harder for fraudsters to steal benefits while making it easier for actual veterans to access their disability claims, healthcare portals, and home loan systems. This isn’t just a tech upgrade; it’s a focused effort to protect the billions of dollars flowing through VA systems from identity-related fraud and improper payments.
Upgrading the Digital Gatekeeper
The pilot program targets up to three high-volume platforms, such as the disability compensation claims system or the veterans healthcare enrollment portal. According to Section 2, the VA must use commercially available technology that meets strict federal standards—specifically Identity Assurance Level 2 (IAL2) and Multi-Factor Authentication (MFA). For a veteran, this means instead of just a password, you might use a more secure combination of a physical device, biometric scan, or a verified ID document. The bill also introduces a 'risk-tiered' approach. This is like a smart security system for your house: it might let you check your basic info with a simple login, but if you try to change where your monthly benefit check is deposited, the system will trigger a more rigorous verification process to ensure it’s really you.
Accountability and Real-World Testing
Congress is keeping this on a tight leash with a $25 million spending cap pulled from existing IT budgets, meaning no new tax dollars are being authorized for this specific test. To ensure this doesn’t become a bureaucratic headache, the VA has to report back within a year on 'abandonment rates'—basically tracking if the new security is so annoying that veterans give up trying to log in. This is a crucial metric for a 35-year-old veteran managing a busy work schedule or a 70-year-old veteran who might not be a tech expert. Section 2 specifically tasks the GAO with checking if the system creates barriers for people in rural areas or those with limited digital literacy, ensuring that higher security doesn't accidentally lock out the very people it’s meant to serve.
The Long-Term Play
This pilot is a trial run for the future of government services. By the end of the two-year period, the GAO will evaluate if the reduced fraud and administrative savings actually outweigh the cost of the tech. If you’re a veteran who has ever struggled with a locked account or worried about identity theft, this bill aims to provide a smoother, more secure middle ground. The final report, due 90 days before the pilot ends, will determine if this high-tech identity proofing becomes the standard for all VA services, potentially setting the blueprint for how we interact with all federal agencies in the digital age.