18 June, 2008
TSA considers biometric ACIS program but airports are not convinced
By Zack Martin, Editor
The Transportation Security Administration wants airports across the country to use and issue an interoperable credential. If a flight attendant at Chicago O’Hare International Airport was on a crew flying in and out of Atlanta’s Hartsfield Airport the ID card and information stored on it would be able to be read at both locations while the attendant only had to register at one location.
The vetting process would also be standardized for all airports, said Chris Runde, with the Transportation Threat Assessment and Credentialing Office at the TSA. Runde gave a presentation on the proposed new Airport Credential Interoperability Specification (ACIS) at the Interagency Advisory Board meeting in Washington earlier in June.
But airports have yet to get on board with the idea of a standard ID. The American Association of Airport Executives has created the Biometric Airport Security Identification Consortium. The purpose of this group is to work with the TSA on biometric access control in airports. When the AAAE announced this group though, the organization also made it clear that they weren’t in favor of an interoperable credential.
Some education may alleviate their trepidations though, says Roger Roehr, manager for the government vertical at Tyco Fire & Security. “Just because you have an interoperable ID doesn’t mean you have to accept it,” he says. Roehr is also chairman of the physical access council at the Smart Card Alliance.
An airport workers credential potentially could be issued to around 1.5 million airport workers and hundreds of thousands of airline workers, Runde says. The card would use a modified FIPS 201 specification. ACIS would want to use contactless biometric verification and PIV currently doesn’t support that. Runde said the TSA is looking at the TWIC program to learn from it as well.
Linking the credential to the individual is the primary purpose behind ACIS. The proposed credential would have airport and airline workers electronically verify their identity when entering a secure area instead of using the flash pass, which is typical at most airports today. “Now there’s little assurance that the person holding the card is who it was issued to,” Runde says.
An interoperable ID also would eliminate the need for airline workers to carry around a stack of different ID cards depending on what airports they are working at, Runde says. Airline workers also wouldn’t have to register at each individual airport. “Do the vetting once and do it perpetually until you are out of our population,” Runde says.
ACIS is still in the early stages, Runde says. A specification has been routed to industry for comment, but the initiative doesn’t have any funding yet so it’s unclear how far it will get.
Though using biometrics for airport workers may have some support from Congress. Rep. Bennie G. Thompson (D-Miss.), chairman of the Committee on Homeland Security introduced H.R. 5982, The Biometric Enhancement and Airport-Risk Reduction (BEAR) Act of 2008 earlier this year. The legislation enhances previous aviation security efforts by ensuring proper introduction of biometric identification credentials to airport workers.
The bill would require the Transportation Security Administration to study existing and proposed biometric security programs at airports, and to see how airports can transition to standards-based interoperable biometric systems and to submit to Congress a breakdown on best practices for issuing biometric credentials for airport employees.