311 Cannon House Office Building
Good morning Chairman Miller, Ranking Member Jackson Lee, and distinguished Members of the Subcommittee. Thank you for the opportunity to testify today about the Transportation Security Administration’s (TSA) role in the Transportation Worker Identification Credential (TWIC) program.
To fulfill a security mission of such scale, DHS leverages the expertise of its components to evaluate the entities that comprise the maritime domain and design security measures to counter potential threats. TWIC provides a uniform, industry-wide, biometric, tamper-resistant credential that is issued following successful completion of a security threat assessment (STA). Following successful completion of the STA and payment of relevant fees, eligible maritime workers are provided a tamper-resistant biometric credential that permits unescorted access to secure areas of port facilities and vessels regulated by the USCG under MTSA. These security benefits are most fully realized when the credential is used in conjunction with readers that can provide electronic verification.
TSA and the United States Coast Guard (USCG) jointly administer the fee-based TWIC program, which was established under Section 102 of the Maritime Transportation Security Act (MTSA) of 2002. The Act required the Secretary (at the time the Secretary of the Department of Transportation) to issue biometric transportation security cards to prevent unauthorized individuals from entering an area of a vessel or facility designated as a secure area. Currently, TSA is responsible for enrollment, STAs, and systems operations and maintenance related to TWICs while the USCG is responsible for establishing and enforcing access control standards including requirements for TWIC readers at MTSA-regulated facilities and vessels.
TSA began national deployment of the TWIC program on October 16, 2007, with the enrollment of maritime workers at the Port of Wilmington, DE. Since that time, TSA has conducted comprehensive STAs and issued TWIC credentials to over 2.5 million workers while identifying and preventing approximately 50,000 TWIC applicants who did not meet the required security standards from receiving a TWIC.
TWIC: Meeting Industry Needs and Security Requirements
The TWIC program represents an important maritime security measure by allowing facility and vessel security operators to verify that the holder has successfully passed the STA, through possession and visual inspection of the TWIC credential. Workers at the approximately 13,825 vessels and 3,270 maritime facilities that the USCG regulates under MTSA have been required to present their TWIC for unescorted entry to secure areas of those facilities since mid-April 2009. Until TWIC readers are in place, security access personnel are required to visually inspect the TWIC prior to granting unescorted access to secure areas on board regulated vessels and at facilities.
TWIC reader systems are designed to determine whether a card is authentic, valid, and issued by TSA. The readers also check that the card has not expired and, by accessing the cancelled card list, can determine if the card has been revoked or reported lost or stolen. When used in the biometric mode, readers confirm through a fingerprint match that the person using the card is the rightful owner of the card. The TWIC card and reader system can perform these checks virtually anywhere with portable or fixed readers because connectivity to an external database is not required.
A TWIC is valid for five years. The cost is $129.75, unless a worker has a comparable STA and uses it to establish TWIC eligibility, in which case the cost is $105.25. In late August 2012, DHS announced the Extended Expiration Date (EED) initiative under which eligible workers have been able to submit a request to extend the expiration date on their TWIC by three years and pay a $60 card replacement fee. The EED is a one-time initiative through December 31, 2014. The TWIC reader requirements have been proposed by USCG in a Notice of Proposed Rulemaking published on March 22, 2013. The NPRM proposals, if finalized as published, would require TWIC readers for certain high-risk vessels and facilities. Use of readers at these sites would enhance security by verifying the validity of the TWIC card as well as the identity of the card owner.
TSA is committed to partnerships with stakeholders, including the private sector, to carry out its mission. To meet the demands of the TWIC program, the TSA will provide MTSA-regulated facility owners and operators with a list of TWIC readers that meet current TWIC specifications as outlined in current guidance. TSA established the Qualified Technology List (QTL) process on November 1, 2012, with the announcement that three National Voluntary Laboratory Accreditation Program laboratories were accredited to accept readers for compliance testing.
“OneVisit” Initiative and Other Plans to Enhance Customer Service
TSA will soon implement the “OneVisit” initiative to facilitate card issuance to eligible applicants and individuals needing a replacement TWIC. The initiative will enable individuals to apply for and obtain a TWIC with a single visit to an enrollment center and will begin with a pilot in Alaska this summer and expand nationwide in 2014 after TSA carefully evaluates the pilot results. Under “OneVisit,” an applicant will visit an enrollment center to provide identification and biometric information. Upon successful completion of an STA, TSA will directly mail a card to the applicant. “OneVisit” will eliminate the need for the transportation worker to make a follow-up visit to an enrollment center to activate the card and select a Personal Identification Number (PIN). Eliminating this second visit saves the applicant time and travel costs, as well as easing crowding at enrollment centers.
The Coast Guard and Maritime Transportation Act of 2012 mandates that by September 20, 2013, DHS reform the process for TWIC enrollment, activation, issuance and renewal to require no more than one in-person visit to a designated enrollment center, except in cases where extenuating circumstances exist requiring more than one visit. DHS made clear that, while a plan would be initiated within 270 days from the date of enactment to reform the process, it would likely take additional time to fully implement the provision in a manner that preserved the security of the credential.
In addition to “OneVisit,” TSA is committed to providing enhanced customer service in a variety of ways. TSA will expand the number of TWIC enrollment centers from 136 to approximately 300 sites by transitioning Hazardous Materials Endorsement (HME)/TWIC enrollments sites to Universal Enrollment Service Centers. This will permit individuals to apply for a TWIC or HME at the same location, and shorten travel distances for many applicants. TSA is also increasing its oversight of customer service at our enrollment centers and has added call center representatives to reduce call wait times.
The TWIC Reader Pilot
In October 2006, pursuant to the SAFE Port Act, Congress mandated that DHS conduct a TWIC reader pilot to inform reader requirements prior to nationwide implementation and test the viability of selected biometric card readers while examining the technical aspects of connecting TWIC readers to access control systems. Seventeen sites participated in the reader pilot on a voluntary basis. These facilities used readers in conjunction with TWICs starting in August 2008. The pilot faced several constraints, including extreme differences in the nature of operations at participating sites. Additionally, the participating sites had to ensure that the use of the new readers and test protocols did not interfere with the security and daily operations of the facilities. Notwithstanding these challenges, the TWIC reader pilot generated considerable data that proved helpful in evaluating reader performance and assessing the impact of using readers at maritime facilities.
Following analysis of the pilot results, TSA concluded that TWIC reader systems function properly when they are designed, installed, and operated in a manner consistent with the characteristics and business needs of the facility or vessel operation. TSA also found that reader systems can facilitate access decisions efficiently and effectively despite the operational and technological difficulties that affected performance at some pilot locations. While a recent Government Accountability Office (GAO) report evaluating the results of the TWIC reader pilot program concluded that that DHS should not use the analysis of the pilot program as basis for developing the final TWIC reader regulation, the pilot did produce valuable information concerning the environmental, operational, and fiscal impacts of the use of TWIC readers.
Prior to the TWIC program, there was no standard identity verification or background check policy for entrance to a port facility or vessel. This created opportunities for fraud as well as security risks. Today, facility and vessel owners and operators look for one standard identification document that confirms the holder’s identity and verifies that he or she successfully completed an STA. The use of readers and biometric verification will enhance security at MTSA-regulated port facilities and vessels.
TSA and its partners have taken significant steps to add layers of security to protect our nation’s port facilities and vessels. These steps link together information sharing, security, and law enforcement from across TSA, USCG, DHS, and a multitude of partnerships. Each security layer builds upon and complements the others. TWIC is one of those layers. Thank you for the opportunity to discuss the TWIC program. I am available to answer any questions.