Dante B. Fascell Port of Miami-Dade Louis A. Noriega Chief Information Officer Integrating TWIC to Legacy Seaport Security Systems A Hands-on Approach 1
Cargo Restricted Area Ingres Video
Flash Card Compliance Card Imager Card Imager Card imager used for flash access
Vehicular Volume 2008 13,600 Vehicles (2,050 Trucks) In Each Direction Every Day
TWIC ACCESS TWIC Card does not grant access to restricted areas. TWIC card holder must apply for access to the restricted areas. Sponsoring Company must have a valid POM Business Permit, verifiable liability insurance and surety bond on file.
Registration into the POM systems The operator of the Credentialing section must : Verify TWIC as genuine Ensure TWIC belongs to applicant Check the status of the card (e.g. active/in use or suspended / revoked) How to do this?
Registration into Credentialing System Credentialing Section workstation prototype. Camera TWIC Enrollment Reader
Registration into the POM systems 1- The operator inserts the TWIC card into the MSO 350smart reader. TWIC card MSO 350 smart reader. (Connected to each POM Credentialing Section workstation)
Registration into the POM systems 2- The operator asks the applicant to position the index finger (right or left) on the reader s sensor
. (Registration in POM systems) POM uses 2 methods to verify that the TWIC belongs to the applicant: 1- Visual verification of stored picture/ applicant s face versus the one printed on the TWIC card. 2- Fingerprint biometric match (preferred-recommended method) A Business-Process note: - POM discarded PIN verification as most of the time individuals forget it; also, some of the secured doors handle high personnel-traffic flow at peak hours and PIN handling could create bottle necks. - POM in collaboration with SagemMorpho, created a computerized applicationinterface to allow the operator to verifying that the TWIC card belonged to the individual presenting. Said application utilizes an SDK to complete a fingerprint biometric match.
Registration into the POM systems 3- The operator calls the above-mentioned application interface (TWIC Card validation form) from within the POM Credentialing System
Registration into the POM systems Case 1: TWIC card is rejected as the fingerprint does not match. Compares fingerprint image vs fingerprint stored in the card.
Registration into the POM systems Case 2: TWIC card is rejected as the card appears in the Hotlist. TWIC Hotlist The POM customized solution provides for the Hotlist to be automatically updated on our server from the TSA web site on a daily basis.
Registration into the POM systems Case 3: TWIC card is rejected as it has expired. Expiration date.
Registration into the POM systems TWIC card passed the validation tests Validation is OK. What happens next?
Registration into the POM systems POM - TWIC Information database POM Credentialing System 1- TWIC information is stored in the local POM TWIC database:. POM ID Number. Fasc-N (TWIC Unique Identifier). Privacy key (to decode fingerprints). TWIC card number.. POM Proprietary Information API 2- POM ID Badges system:. Updates TWIC information. Grants access to POM restricted Areas (including Parking lots).. Transfers granted access levels to POM Physical Access Control System. POM Physical Access Control System (LENEL) 3- API stores granted access levels to the TWIC card in LENEL system..lenel is the system that manages the physical access to restricted areas.
Registration into the POM systems Why saving the Privacy key locally? Saving the key locally allows the authentication process to occur without the need for a PIN. POM - TWIC Information database Why integrating to our existing Credentialing System? POM has implemented a Credentialing system that enforces Port s, State s, and Federal Security rules and regulations and interfaces with CrossMatch to properly execute the finger printing process. This system also keeps accurate most-current applicant information (i.e.: personal information, picture ID, background check results, etc) Why integrating to LENEL? POM has implemented LENEL to satisfy its access control needs. LENEL is fully integrated to the POM Credentialing system. Access levels are assigned to the TWIC card from the Credentialing system and transferred to LENEL to handle doors and access points. POM Credentialing System POM Physical Access Control System (LENEL)
Granting Access to Restricted Areas Two types of readers have been installed throughout the secured POM facilities: -Why contactless TWIC readers? +. The Port s environment is one characterized by high humidity and dust levels. Contactless readers are less exposed to these elements. SAGEM OMA 521 contactless reader (installed at POM facilities). Extending the lifetime of the cards was a goal ( repeated swiping through Magnetic-Stripe reader results in damaged cards) TWIC POM ID-BADGE HID multiclass contactless reader -Why two kind of readers?. FDLE officers are not required to present TWIC cards to access secured areas. They will be granted access by using a POM ID-Badge
Granting Access to Restricted Areas A view of the authentication process from beginning to end FascN (Unique Person Identifier) + TPK Server Privacy key (to decipher fingerprint) SAGEM OMA 521 contactless reader (installed at POM facilities) POM - TWIC Information database No Person is not authenticated. Access is revoked. Fingerprint matches & TWIC is not in Hotlist Yes TPK server signals LENEL POM-LENEL Access Control System TWIC Hotlist LENEL Controller signals the field panels Field panel Panels open POM facility door/ access point
Over-the-Road Driver that arrives during times the Credentialing Office is closed Smart/Proximity Card Reader Card Imager Magnetic Card Reader Future Biometric Smart Card Reader Card imager used for flash access
Thank You