BiometricsSagem Morpho shows TWIC-compliant biometric reader

Published 15 July 2008

Card is designed to read encrypted biometric data, such as a digital fingerprint, perform the match to the card holder, and perform an active card authentication across a contactless interface

Alexandria, Virginia-based Sagem Morpho (SMI) yesterday introduced the MorphoAccess 521 TWIC-compliant biometric reader, the first smart card access device to meet Transportation Security Administration (TSA) implementation requirements for the Transportation Worker Identification Credential (TWIC) program. The MA521 TWIC is designed to read encrypted biometric data, such as a digital fingerprint, perform the match to the card holder, and perform an active card authentication across a contactless interface. SMI has initiated the process of submitting the MA521 TWIC compliant device and technical documentation to TSA for an Initial Capability Evaluation (ICE). TSA will formally begin the TWIC biometric reader evaluations on 21 July with completion expected by January 2009. “Once the MA521 TWIC is fully certified and deployed, it will serve on the frontline of security at U.S. maritime ports from coast to coast,” said Consuelo Bangs, senior program manager at SMI. “This reader will ensure that port or vessel access is provided only to workers with authentic TWIC smart cards containing their own unique biometric identification information.”

Mandated by the Maritime Transportation Security Act, the TWIC program is jointly administered by TSA and the U.S. Coast Guard. The goal of the program is to issue biometric credentials in the form of tamper-resistant smart cards to the nearly one million longshoremen, sailors, truck drivers, and other laborers who need access to secure areas in U.S. port facilities and vessels. TWIC cards and readers must meet Federal Information Processing Standard 201 (FIPS 201), which requires nationwide interoperability to guarantee that biometric identification data can be recognized and verified at any maritime port. TSA has already begun issuing TWIC cards. Each contains a Card Holder Unique Identifier (CHUID), personal information (name, address, employer, etc.), and a Federal Agency Smart Credential Number (FASC-N). Encrypted into the card is a unique digital biometric identifier. This information can only be unlocked, or decrypted, with a privacy key uniquely associated with each individual card. To gain access to a secure port facility, the worker will hold his or her TWIC card up to the contactless interface on the MA521 TWIC. As security levels increase the device can be configured to augment authentication requirements. At the lowest security level the MA521 TWIC will first read the CHUID to verify that the card is authentic, unaltered and active. At a higher level of security after the card has been authenticated, the MA521 TWIC passes the FASC-N to a secure server where the privacy key for that cardholder is retrieved and loaded onto the biometric reader. The MA521 TWIC then uses the privacy key to unlock the biometric information stored on the card and proceed with live verification of the cardholder. At the highest level of security, in addition to the biometric authentication, the reader performs a challenge/response dialogue between the MA521 TWIC and the TWIC card presented to perform an active card to reader authentication. In unattended situations the MA521 TWIC is capable of implementing a technology called liveness detection to identify the presentation of a fake finger. At the highest level of security the entire procedure takes less than two seconds. At the lowest level of security the process takes less than a second. “The MA521 TWIC is the only TWIC-compliant biometric reader that can validate the card’s authenticity and verify the cardholder’s identity using decryption, across a contactless interface,” said Bangs, explaining that a no-contact interface was required for the TWIC program due to harsh port environments where damp weather can interfere with a traditional magnetic contact strip reader.