TSA set to issue smart-card IDs to port workers

Computerworld - The Transportation Security Administration (TSA) is apparently moving ahead with plans to start issuing new smart-card identity credentials to more than 750,000 port workers starting in March, despite earlier concerns by another government agency about its readiness to do so.

Last week, the Department of Homeland Security (DHS) published the final rule for the Transportation Worker Identification Credential (TWIC) program put in place after the terrorist attacks of Sept. 11, 2001. The move is designed to boost security at an estimated 4,000 transportation facilities in the country.

Under the program, all workers at the nation's transportation facilities will be required to undergo criminal background checks and carry DHS-issued smart-card credentials that include their photographs and a fingerprint template. The credentials will be required for unescorted access to secure areas of ports and vessels.

The TSA is an agency in the DHS.

The final rules published last week spell out the enrollment process for TWIC, as well as disqualifying crimes, usage procedures, fees and other requirements for workers, port owners and operators. Enrollment for the program will start in March "at a small number of ports" and be phased in throughout the remainder of the year at ports around the country, a DHS statement said.

Workers will be notified when and where to apply for the IDs before the program begins. Once the TWIC cards are issued, DHS will then set a deadline by which the workers will be required to carry the cards with them for unescorted access. The final rules incorporate suggestions from four public meetings held around the country by the TSA and the U.S. Coast Guard in 2006, according to the DHS.

The decision to move ahead with the TWIC implementation comes in the wake of a report from the U.S. Government Accountability Office (GAO) in October recommending that the TSA do more testing of both technology and processes before rolling out the smart card program.

In that report, GAO auditors expressed concern that earlier tests by the TSA -- between August 2004 and June 2005 -- had been far too limited in scope and did not fully represent the true scale of the deployment. For instance, when testing the program, the TSA issued cards to just 1,700 workers -- not the 75,000 it had originally planned. The TSA also failed to gather sufficient data about the "operational effectiveness" of biometric card readers in "harsh" maritime conditions, the GAO said.

As a result, the GAO had recommended that the TSA take more time to test the technology and strengthen its contract planning and oversight processes.

In a response, the DHS concurred with the GAO's findings but did not give any indication that it would perform the additional testing. It stressed that it would be using a contractor experienced with large projects to implement the TWIC initiative. The DHS also noted that it would implement the project in two phases to give port and vessel owners and operators more time to install biometric and other access control components.