Good morning Chairman Mica, Ranking Member Connolly, and distinguished Members of the Subcommittee. Thank you for the opportunity to testify today about the Transportation Security Administration’s (TSA) role in the Transportation Worker Identification Credential (TWIC) program.
The security of the maritime environment is complicated, and like our land and air borders, a layered approach offers the best defense. To fulfill a security mission of such scale, DHS leverages the expertise of its components to evaluate the entities that comprise the maritime domain and design security measures to counter potential threats. The fee-based TWIC program is mandated by the Maritime Transportation Security Act of 2002 (MTSA, P.L. 107-295) and administered jointly by TSA and the United States Coast Guard (USCG).
The program requires careful planning and consultation with an array of public and private sector partners in addition to agility in responding to the concerns of workers while ensuring national security. Under the program, eligible maritime workers are provided a tamper-resistant biometric credential for unescorted access to secure areas of port facilities and vessels regulated under MTSA. This credential is referred to as the “TWIC card”, or just the “TWIC”. In carrying out the TWIC program, TSA is responsible for enrollment, security threat assessments (STA), and systems operations and maintenance related to TWICs while USCG is responsible for enforcement of regulations governing the use of TWICs at MTSA-regulated facilities and vessels.
As of April 15, 2009, TWICs are required to be presented when requesting unescorted entry to secure areas of MTSA-regulated facilities nationwide, which provides a security benefit by demonstrating to facility and vessel security operators that the TWIC holder has successfully passed the STA. While a TWIC is valid for five years and costs the transportation worker $129.751, on August 30, 2012 DHS announced that eligible workers may submit a request to extend the expiration date on their TWIC by three years and pay a $60 card replacement fee under the Extended Expiration Date (EED) initiative through December 31, 2014. The EED is a one-time initiative to allow workers to extend their TWIC until readers are required. While the TWIC is an important step towards improved security, the security benefits of the TWIC are most fully realized when used with readers that can confirm that the person presenting the card is the person to whom it was issued.
The TWIC Program and National Security
TWIC provides a uniform, industry-wide, biometric, tamper-resistant credential that is issued following successful completion of the STA. TSA began the national deployment of the TWIC program on October 16, 2007, with the enrollment of maritime workers at the Port of Wilmington, DE. To date, TSA has conducted comprehensive STAs for over 2.5 million workers and has prevented approximately 50,000 individuals from obtaining a TWIC because they did not meet the required security standards.
Currently, USCG requires maritime operators to visually inspect the TWIC prior to granting unescorted access to secure areas on board regulated vessels and at facilities. Under MTSA, USCG regulates approximately 13,825 vessels and 3,270 facilities. Use of this common credential enables facility and vessel operators, as well as Federal, state, local, tribal, and territorial law enforcement entities, to verify the identity of individuals and their eligibility to enter secure areas with a higher level of confidence than was feasible prior to TWIC. The TWIC program’s common credential will be critically important as risk-based access control requirements and technical capabilities mature.
TWIC readers determine whether a card is authentic, valid, and issued by TSA. The readers also check that the card has not expired and, by accessing the cancelled card list, can determine if the card has been revoked or reported lost or stolen. When used in the biometric mode, readers confirm through a biometric fingerprint match that the person using the card is the rightful owner of the card. The TWIC card and reader system can perform these checks virtually anywhere with portable or fixed readers because connectivity to an external database is not required. On March 22, 2013, USCG published a notice of proposed rulemaking (NPRM) which would require TWIC readers for certain high-risk vessels and facilities. This is expected to further enhance security at those sites by providing verification of the validity of the TWIC card and of the identity of the owner.
TWIC and Hazardous Materials Endorsement STA Comparability
TWIC is an example of a strategic security partnership among the USCG, TSA, and the private sector. TWIC is one layer, within the array of maritime security measures mentioned above, that enhances port facility and vessel security. Since the beginning of the TWIC program, truck drivers holding a Hazardous Materials Endorsement (HME) have been able to obtain a TWIC based on their HME STA and pay a reduced fee $105.25. Also, beginning in February 2012, TSA made it possible for truck drivers to apply for an HME based on an existing TWIC STA. Through this effort, drivers with valid TWICs in those states that have systems and procedures in place to offer comparability do not have to re-submit fingerprints and can pay a reduced fee for HME enrollment. To date, 24 states have implemented comparability for their HME applicants.2
Instituting New Policies to Meet Ongoing Challenges
TSA and USCG have addressed a number of challenges in implementing the TWIC program over the past year. This included 1) the expiration of 1.5 million TWICs over an 18-month period with the resultant demand for re-enrollments and replacement cards; 2) realignment of the TWIC system to comply with the new congressional mandate to limit enrollment and card issuance to one visit; and 3) transition of the program from the current single-provider contract to separate contracts for enrollment services and system operation. Departmental leadership conducted an analysis of the TWIC program, including port operations, in considering reader requirements and identifying customer service improvements. DHS also initiated a formal DHS Acquisition Review Board (ARB) that met in March 2013. DHS leadership prioritized the program to focus on enhancing customer service and successful transition among contractors.
The ARB will continue to meet periodically to gather additional information on challenges facing the TWIC enterprise and to find solutions to those challenges. In addition, an Executive Steering Committee, co-chaired by the TSA and USCG leadership, has been established to address TWIC concerns and issues.
Customer Service Improvements Include “OneVisit”
TSA will soon implement the “OneVisit” initiative designed to ease the burden on eligible applicants and individuals needing a replacement TWIC. The first phase of the initiative to enable individuals to apply for and obtain a TWIC with one visit to an enrollment center will begin with a test in Alaska this summer and is expected to expand nationwide in 2014. Under OneVisit, applicants will visit an enrollment center to enroll and, upon completion of a satisfactory security threat assessment, a card will be produced and mailed directly to the applicant. OneVisit will ease crowding at enrollment centers by eliminating the visit currently required to activate the card and select a PIN.
In addition to OneVisit, we are planning additional customer service improvements including expanding the number of TWIC enrollment centers from 136 to over 300 sites. We are also implementing a robust oversight effort to gauge sustained customer service at our enrollment centers and will be increasing call center representatives in order to reduce call wait times. DHS is developing a web-based process to apply for EED TWICs or replacement cards to increase convenience for TWIC holders and also plans to increase mobile enrollment opportunities.
The Qualified Technology List Process
TSA is committed to partnerships with stakeholders, including the private sector, to carry out its mission. To meet the demands of the TWIC program, TSA will soon provide MTSA-regulated facility owners and operators with a list of TWIC readers that meet current TWIC specifications. TSA established the Qualified Technology List (QTL) process on November 1, 2012, with the announcement that three National Voluntary Laboratory Accreditation Program laboratories were accredited to accept readers for compliance testing.
Prior to the announcement, TSA worked with the National Institute of Standards and Technology as well as independent laboratories and industry to provide QTL workshops and test cards to all interested parties. The QTL process also provides industry with a formal, repeatable, and standardized approach for certifying readers and reporting the results to TSA. Once each reader is certified, TSA will update the publicly available QTL with information on the new reader.
The TWIC Reader Pilot Program
In October 2006, Congress mandated that DHS conduct a TWIC reader pilot to inform its approach to implementing reader requirements. The Department delegated responsibility for conducting the pilot to TSA. The TWIC reader pilot obtained considerable data that has been helpful in evaluating reader performance and assessing the impact of using readers at maritime facilities. TSA’s analysis concludes that TWIC reader systems function properly when they are designed, installed, and operated in a manner consistent with the characteristics and business needs of the facility or vessel operation. The analysis also finds that reader systems can facilitate access decisions efficiently and effectively, though there were operational and technological difficulties that affected performance at some pilot locations. These conclusions and other information in the pilot report are some of the many sources used by the USCG in drafting the aforementioned TWIC reader NPRM. Additionally, the USCG will use pertinent information received during the rulemaking process from affected parties to further evaluate the use and performance of the reader program.
Prior to the TWIC Program, there was no standard identity verification or background check policy for entrance to a port facility or vessel. This created vast opportunities for fraud and risk. Today, facility and vessel owners and operators look for one standard identification document that confirms the holder’s identity, and verifies that he or she successfully completed an STA. TWIC cards contain security features that make the card highly resistant to counterfeiting. When biometric verification becomes a requirement and readers are in use, we expect this will further enhance security at port facilities and vessels regulated by MTSA.
TSA and its partners have taken significant steps to add layers of security to protect our nation’s port facilities and vessels. These steps link together information sharing, security, and law enforcement from across TSA, USCG, DHS and a multitude of partnerships. Each security layer builds upon and complements the others. TWIC is one of those layers. Thank you for the opportunity to discuss the TWIC program. I am available to answer any questions.
1 The fee is reduced to $105.25 if the worker uses a comparable STA to establish TWIC eligibility.
2 Other states have not been able to offer comparability due to state regulatory and/or system constraints.