TSA set to examine TWIC card readers

Editor's note: This story was updated at 7:15 p.m. June 25, 2008. Please go to Corrections & Clarifications to see what has changed.

The Transportation Security Administration has released details on the process that smart card readers must pass through to be approved for reading the Transportation Worker Identification Credential (TWIC) cards. Maritime workers will soon need those cards for unescorted access to secure areas of U.S port facilities and vessels.

Last week, TSA issued a notification to vendors asking for information on products that could meet the standards that its parent Homeland Security Department has published for biometric card readers to be used in DHS' TWIC program. The Broad Agency Announcement, issued June 20, gives companies a month to submit information on their possible solutions. The solutions will then face a series of tests in a pilot program before TSA publishes a final rule on the card readers.

The readers first will face simple evaluation testing to ensure they can read the TWIC cards in different sirtuations. The readers that make the cut will be added to a list that several ports participating in TSA’s pilot program will then test to see how they fit into infrastructure and business models. Meanwhile, the government will perform testing to see how they perform in various environments. Readers that pass the final reader assessment can be added onto the final completed list.

TSA has been focused on issuing the TWIC cards, about 1.2 million of which will be needed, and thus far has not published the specifics on the card reader.

TSA recently pushed back by seven months—from September 25 to April 15, 2009—the final compliance date by which workers requiring unescorted access to secure areas will need to have their TWIC cards. The TWIC enrollment process began in October 2007 and select port facilities will be required to comply with the TWIC program prior to the April 15 final date.

Some observers have questioned the decision to separate the card reader portion from the actual credential in the final rule. Officials from the Coast Guard and TSA  —  the two agencies that run the program — have cited TWIC's use of previously unused technology as the reason for the delay.

“This is a highly unusual way to deploy a credentialing security system,” said Jeremy Grant, senior vice president and identity solutions analyst at the Stanford Group.

Grant said he has heard from vendors that they are wary of creating new technology without seeing the final standards.