Monday, April 6, 2009

TWIC Reader ANPRM – Reader Use by Risk Groups

This is the second in a series of blogs about the advanced notice of proposed rule making (ANPRM) that the Coast Guard recently published about the potential regulation of transportation worker’s identification credential (TWIC) reading devices. These devices would be used to verify the identity of people working in ships and facilities covered under the Maritime Transportation Security Act (MTSA). The other blogs in this series include: TWIC Reader ANPRM – Identification Techniques TWIC Reader ANPRM – Risk Groups The ANPRM expresses the Coast Guard’s current thinking about what types of requirements will be included in the regulations that will be formally proposed later this year. This post looks at the risk based deployment requirements that might govern the actual use of the TWIC Readers. Validating Identity Generally speaking, each time an individual enters a security area on an MTSA covered facility or vessel, the individual’s identity and authorization to enter such area unescorted will be verified using the TWIC. Whether this will be done by visually checking the card or using a TWIC Reader will depend on facility/vessel risk group rating and the Maritime Security (MARSEC) level at the time of the entry. A summary of the validation requirements that the Coast Guard is currently considering is described below. Risk Group A (highest risk) at all MARSEC levels. The individual’s identity will be verified by biometric match of fingerprint to the template stored in the TWIC. The TWIC will be authenticated by a successful challenge/response with the TWIC Reader. The TWIC FASC-N will be validated against the TSA supplied Hotlist. Under MARSEC Level 1 the Hotlist will be updated weekly; it will be updated daily at MARSEC Levels 2 and 3. Risk Group B (middle risk) at MARSEC Level 1. The individual’s identity will be verified by biometric match of fingerprint to the template stored in the TWIC on one randomly selected day each month. On all other days the picture printed on the TWIC will be compared to the holder’s appearance. At MARSEC Levels 2 and 3 the individual’s identity will be verified by biometric match of fingerprint to the template stored in the TWIC every day. At all MARSEC Levels the TWIC will be authenticated by a successful challenge/response with the TWIC Reader. The TWIC FASC-N will be validated against the TSA supplied Hotlist. Under MARSEC Level 1 the Hotlist will be updated weekly; it will be updated daily at MARSEC Levels 2 and 3. Risk Group C (lowest risk) at all MARSEC Levels. The individual’s identity will be verified by comparing the picture printed on the TWIC with the holder’s appearance. The TWIC will be authenticated by visually checking security features upon entry with electronic verification by a successful challenge and response during annual inspections and random spot checks by the Coast Guard. The TWIC validation will be done by checking the expiration date at each entry. The Coast Guard will perform electronic spot checks.

No comments:

 
/* Use this with templates/template-twocol.html */