By Corey Ranslem
The Department of Homeland Security has been working on a common port-access credential since 2003. That credential — the Transportation Workers Identification Card (TWIC) — is a biometric ID card that allows authorized personnel access to the secure and restricted areas of a port, regulated facility, or regulated vessel.
Development of a common-access ID for port workers was required by the Maritime Transportation Security Act (MTSA) of 2002. The MTSA regulations establish responsibility for the overall program as well as enforcement and application requirements. The Transportation Security Administration (TSA) was given the authority, and responsibility, both for establishing the program and for the overall enrollment process — including the background checks required and distribution of the TWIC.
The U.S. Coast Guard has the responsibility for enforcement. The over-arching objective of the TWIC program is to improve security in U.S. ports through use of a common ID card and background checks valid for entry into any U.S. port. The TWIC does not automatically grant the user access to any specific port, facility, or vessel. The card holder must have access permission granted from the facility itself or from a vessel security officer.
Unforeseen Delays in Compliance, Implementation
The program was scheduled to be implemented in ports across the United States last summer. However, unforeseen delays pushed the compliance dates into 2009. The first ports actually came online, though – as did enforcement of the program — in late 2008. The majority of ports along the east coast of the United States are now actively participating in the TWIC program — this means that anyone seeking unescorted access to secure areas of those ports must possess the TWIC credentials. If a person seeks access and he or she does not possess a TWIC, that person can be escorted by a TWIC holder.
The Coast Guard has reported that TWIC implementation has continued with very few problems encountered in ports and terminals around the country. Two terminals on the Miami River in Miami, Florida, were closed for a brief period of time, but the problems leading to the closure were quickly resolved.
The TWIC program has met resistance, though, from at least some trucking companies and from the longshoremen’s unions. The Co-Chair of the Longshore Workers Coalition, Leonard Riley, said he is concerned about transportation workers being denied access to the piers they are working. “We are concerned about the implementation of the TWIC program,” he said. “The Longshore workers and truck drivers don’t feel like they have been included as … stake holders in this process. Several people have lost their opportunity to work in the ports because of the TWIC. The Longshore workers feel like they are being treated as terrorists rather than partners.”
TSA officials reported that 34,240 disqualification letters had been issued as of 15 March, but also pointed out that, when the agency’s adjudication process had been completed, there was a total of only 125 final disqualifications. TSA has issued close to one million cards to date and expects that number to double in the next couple of years.
A Broad Range of Mandatory Participants
There are a number of people who will be required to possess a TWIC. Anyone who requires unescorted access to the secure areas of ports and port facilities is required to possess a TWIC. The TWIC program also is expected to have a substantial impact on the recreational boating, yachting, commercial fishing, and diving communities. All credentialed U.S. merchant mariners will be required to obtain a TWIC, whether or not they access a port. The TWIC implementation rules apply to anyone holding a Coast Guard-issued merchant mariners license, merchant mariner document, or certificate of registry. All ship security officers (SSOs) on MTSA-regulated vessels also will be required to obtain TWIC credentials.
There are a number of federal, state, and local agency personnel who are exempt from the TWIC program while they are acting in an official capacity. The largest exemption covers law-enforcement and public-safety agencies, including police departments and fire departments. However, a public-safety employee is not exempt if he or she holds a captain’s license as part of his/her official duties. The full list of exempted personnel and agencies is posted on the TSA website.
More Than a Few Simple Bits of Complexity
Enforcement of the TWIC program is carried out primarily by biometric readers specifically designed to permit law-enforcement and security personnel to positively identify and match the card with the holder. The National Maritime Security Advisory Council (NMSAC), working with TSA, invited key security-technology industry personnel to meet and work with government officials on the TWIC program and help them define the technological requirements for the biometric readers.
The requirements for the TWIC are in fact significantly different from those used for most other proximity-type cards, primarily because the government is dealing with personnel data. The TWIC “isn’t a simple flash-pass,” said Consuelo Bangs, Senior Program Manager at Sagem Morpho Inc. (one of several companies involved in development of the biometric-reader technology). “It has the ability to pass over 27,000 bits of data securely between the card and the reader, while normal proximity cards pass [only] 26 bits of data. Most of the [TWIC] data … [consists of] the security encryption key and digital security that make it almost impossible to counterfeit and pirate information from the card.”
The biometric-reader technology companies are operating in accordance with the federal information processing standard (FIPS) 201. The FIPS 201 standard defines not only how the card and readers are designed but also how the information can be passed between them. There are several pilot study programs ongoing at various ports around the country focusing on, among other things, the effect the TWIC program has on throughput and commerce. There is still a lot of other work continuing with the biometric-reader program. The Coast Guard has not yet set a firm date when the biometric readers will be fully ready, but is continuing to work with the companies already involved in development of the biometric-reader technology.