Taking TWIC beyond 'flash pass' status

Even though the TSA doesn't yet mandate it, some TWIC users are moving forward

Another benefit of the TWIC card is that it may be used as a physical access credential that can be read by FIPS 201-approved CHUID (cardholder unique identifier) readers at a door or gate to gain access to a facility. CHUID readers do not employ biometric technology but are able to read and process FIPS 201 credentials like the TWIC.

More Than a Flash Pass

Since the Port of Wilmington, Delaware already had an access control system in place, it was important to identify both software and hardware reader technology that would work with its existing 125kHz proximity cards and readers, equipment that was installed before the port became a pilot site for the TWIC smart card program.

For port officials, it was essential to register TWIC cards with its legacy access control system. Port officials wanted only one card for facility access control instead of having the complex task of managing multiple cards and card technologies.

In addition to selecting a biometric reader, another important aspect of the project involved selecting the software that would bring all the cardholder data together from the TWIC cards and its existing access control system. The port selected PIVCheck Plus software from Codebench, which drives three Datastrip mobile readers as well as resides on a desktop registration workstation in the port's main office.

Together, these systems are able to check TWIC cards against the TSA hot list and re-validate the TWIC card status daily or on a user-defined schedule, so security personnel can see what has changed and react to the status of cardholders. Even though checking the TSA hot list is not a current requirement, many ports, like the Port of Wilmington consider it a necessary step in ensuring the security of its facilities.

Taking the next step

While the industry waits for the TSA to issue specific guidance on how and what to deploy for biometric technology, these organizations, like the Port of Wilmington, recognize that moving ahead with harnessing the information contained on the TWIC card can only prove a boon to their security. Until fully utilized, the framework provided by the TWIC program is a significant improvement to maritime security. However some organizations are ahead of the game by moving beyond flash pass status to take the necessary step in linking their facility access control to real-time threat intelligence that may pose a potential threat to their organization.

Geri Castaldo, CodebenchAbout the author: Geri Castaldo is chief executive officer of Codebench, Inc. She can be reached at geri.castaldo@codebench.com.