On February 27, 2012, DHS issued the SAFEPort Act Final Report on the TWIC Reader Pilot Program. Below are selected quotes from the summary of findings of the report. The purpose of this report is to convey the findings of the Reader Pilot as per the SAFE Port Act.
“The TWIC Reader Pilot was conducted through the combined efforts of a number of DHS offices and components. The Transportation Security Administration (TSA) conducted the pilot and was responsible for overall execution of the TWIC Pilot Test and Evaluation Master Plan (TEMP) developed by the DHS Science & Technology (S&T) Directorate. The DHS Screening Coordination Office (SCO) provided policy guidance regarding the use of biometric credentials. The Federal Emergency Management Administration (FEMA) awarded and administered the Port Security Grants that provided funding to ports and individual facility operators to procure and install the readers and reader infrastructure used in the Reader Pilot….The U.S. Coast Guard (USCG), which is the agency responsible for promulgating the future regulation specifying the use of TWIC readers, participated in all aspects of the Reader Pilot. The USCG will consider the results of the pilot in preparing a Notice of Proposed Rulemaking and subsequent Final TWIC Reader Rule.
To provide independent verification of test procedures and data gathering, DHS S&T arranged for the U.S. Navy Space and Naval Warfare Systems Center Atlantic in Charleston, SC to serve as the Independent Test Agent (ITA) for the Reader Pilot....”
Despite a number of challenges, the TWIC Reader Pilot obtained sufficient data to evaluate reader performance and assess the impact of using readers at ports and maritime facilities. The lessons learned during the Reader Pilot will provide valuable information regarding readers and access control systems to maritime users.
It was determined that TWIC reader systems function properly when they are designed, installed, and operated in a manner consistent with the characteristics and business needs of the facility or vessel operation.
It also found that reader systems can make access decisions efficiently and effectively.
A number of operational and technological difficulties were documented that affected overall success at many pilot locations….(including) challenges such as complex complexity of biometric credential and reader technology, equipment performance and reliability, operator and user training, card stock durability, and the reluctance of some workers and facilities to use the readers..."
"Business Impact, Throughput without Biometric Identity Verification - …despite having slower throughput times, contact readers proved to have fewer incomplete reader transactions than contactless readers as long as they were protected from debris and moisture and not subjected to excessive wear from use in high-volume situations.
Business Impact, Throughput with Biometric Identity Verification-…the extent of the delay for processing an individual at an access point was sometimes compounded by user unfamiliarity with the TWIC authentication process. It is important to note that when a user is properly trained and acclimated to interface with the card reader, transaction times decrease considerably. TSA plans to issue future documentation of lessons learned to address these and other findings. “
“Training -In general, training requirements were underestimated by the pilot participants. Workers who reported to the same facility daily learned to use the readers quickly. However, when workers were required to access multiple facilities, individuals had to become familiar with site-specific business processes and requirements. Acclimation was further compounded by various reader ergonomics found at different port access points. Readers placed at heights ordistances awkward for drivers to reach slowed access and, in some cases, created a danger to drivers trying to reach misplaced readers. There was also difficulty reading messages on the screens of readers not shielded from direct sunlight, which prevented users from determining the cause of access denial.
In addition to proper training for worker populations, facilities and security personnel required training on how to use the TWIC system. Successful reader and access control system operations require an understanding of the reader and system operation appropriate to the role of the user. Some access control system operators and their security personnel were unfamiliar with the messaging provided by their readers and access control systems, resulting in incorrect assumptions as to the cause of an incomplete read of a card or access denial. In some cases, workers were told there was a problem with their TWIC card when it was actually functioning properly. In addition, many of these access denial problems were traced to individuals not being registered in the access control system.
This unfamiliarity with reader technology also extended to portable TWIC readers. Without sufficient training, security personnel encountered problems operating portable readers-shifting from one reader mode to another or rebooting readers if they "freeze" or "lock up". At facilities where workers are required to enter and exit secure areas multiple times over short periods, biometric identity verification upon every entry is difficult to maintain, especially using portable readers. In some cases portable readers malfunctioned when used carelessly in wet conditions not aligned with vendor guidance.”
Reader Performance- The Reader Pilot provided one of the first opportunities to gain knowledge regarding the performance of cards and readers in an actual long-term application. Reader performance in this pilot varied widely. Some readers performed well throughout the TWIC Reader Pilot; some readers were not as mature technologically; others required adjustments; and in one case, the readers initially installed at a facility repeatedly failed and were replaced by readers from another vendor.
Card Stock Durability and Electronic Maturity - TWIC card stock is the same as that used for Personal Identity Verification (PIV) cards issued to all federal employees and contractors as well as members of the military. However, through the Reader Pilot, TSA discovered that an unexpectedly high number of TWIC cards had malfunctioned electronically and could not be read with readers.4 Most TWIC cards that failed could not transmit information to a contactless reader despite the fact that the integrated circuit chip (ICC) could be read by a contact reader.”
More to come…Thanks to my friend Don Bruce for sending this report to me. The Houston-Galveston AMSC Facility Security Working Group (http://www.fswg.org) is the best place to go for the best and latest on TWIC.