Port of Seattle Biometric Card Access Control A Case StudyBiometric Basics • TWIC is simply one biometric technology implementation. • TWIC is more about standards authentication

Port of SeattlePort of SeattleBiometric Card Access ControlBiometric Card Access ControlA Case StudyA Case Study

American Association of Port AuthoritiesInformation Technology Committee MeetingTacoma, Washington April 19, 2006

American Association of Port Authorities -Tacoma, WA April 19, 2006

Topics for todayTopics for today

•• Introduction.Introduction.•• Brief historical review.Brief historical review.•• The place of the IT Department.The place of the IT Department.•• The impact of 9/11 on our plans.The impact of 9/11 on our plans.•• Biometric project decision overview.Biometric project decision overview.•• Smart Cards 101.Smart Cards 101.•• Q& AQ& A


IntroductionIntroductionBrad Jenson Brad Jenson

[email protected]@PortSeattle.org•• 25+ years with Port of Seattle 25+ years with Port of Seattle

Information TechnologyInformation Technology•• 18+ years supporting airport security 18+ years supporting airport security

systemssystems•• 3+ years supporting seaport security 3+ years supporting seaport security

systemssystems•• 1+ years supporting Police & Fire1+ years supporting Police & Fire


•• SeattleSeattle--Tacoma International Tacoma International Airport (SEA)Airport (SEA)

•• Seattle Seaport HarborSeattle Seaport Harbor•• Fishing and Pleasure Boat Fishing and Pleasure Boat

MoorageMoorage•• Cruise Terminal FacilitiesCruise Terminal Facilities•• Other Commercial OperationsOther Commercial Operations


Seaport Statistics Seaport Statistics -- 20052005

•• Total TEU Containers: Total TEU Containers: 2,087,929 2,087,929

•• Total Cruise Passengers: Total Cruise Passengers: 686,357 686,357

•• Total Vessel Calls:Total Vessel Calls:Container Container –– 898 Cruise 898 Cruise -- 170 170

•• 1,517 Active Cardholders1,517 Active Cardholders•• Access Control deployed March 2004Access Control deployed March 2004


Airport Statistics Airport Statistics -- 20052005

•• Total Air Passengers: Total Air Passengers: 29,289,026 29,289,026

•• Total Aircraft Operations: Total Aircraft Operations: 341,470 341,470

•• Total Air Cargo (metric tons): Total Air Cargo (metric tons): 338,591 338,591

•• 20,026 Active Cardholders20,026 Active Cardholders•• Biometric Cards October 2003Biometric Cards October 2003

Security at the Airport Security at the Airport ––where it all startedwhere it all started

A brief overview of evolving A brief overview of evolving technologies…technologies…


The 1980’s

Instant Camera CardsInstant Camera Cards

Camera

Laminator Die Cutter


Door Access CardDoor Access Card

The late 1980’sThe early 1990’s

(Representative example)


The mid 1990’s

Laminated ID CardsLaminated ID Cards


The late 1990’s and through Y2K

PVC/Composite CardsPVC/Composite Cards

Magnetic Stripe


The intended post Y2K plan…

Dual Technology CardsDual Technology Cards

Magnetic Stripe and 125 KHZ Proximity


Security System Security System Technology ChangesTechnology Changes

•• Proprietary solutions gave way Proprietary solutions gave way to Windows desktop standards.to Windows desktop standards.

•• Use of standard SQL databases Use of standard SQL databases rather than proprietary or rather than proprietary or desktopdesktop--grade file systems.grade file systems.

•• Field devices, door readers may Field devices, door readers may be IP addressable.be IP addressable.

•• Wireless technology.Wireless technology.


The Entrance of IT into The Entrance of IT into Physical Security’s TurfPhysical Security’s Turf

•• Converging network and server Converging network and server requirements and infrastructure.requirements and infrastructure.

•• High reliability servers; no High reliability servers; no longer a PC under the counter.longer a PC under the counter.

•• Complex database, server and Complex database, server and network administration.network administration.

•• Surveillance: CCTV moving to IPSurveillance: CCTV moving to IP


What IT Can OfferWhat IT Can Offer

•• System integration skills. Was a System integration skills. Was a nonnon--issue in the proprietary era.issue in the proprietary era.

•• Setting technology standards to Setting technology standards to reduce maintenance costs.reduce maintenance costs.

•• Handle data privacy issues. Handle data privacy issues. Systems now require more PPI.Systems now require more PPI.

•• Best practices for cyber security Best practices for cyber security & evaluating vendor compliance.& evaluating vendor compliance.


Our Integration PlanOur Integration Plan


A Few Things IT Gets A Few Things IT Gets From the Deal…From the Deal…

•• Experience and expertise with Experience and expertise with biometrics: Also use for login access biometrics: Also use for login access to enterprise PCs?to enterprise PCs?

•• Exposure to surveillance technology: Exposure to surveillance technology: A voice at the table for future IP A voice at the table for future IP implementations, digitized storage.implementations, digitized storage.

•• Engagement as they start stringing Engagement as they start stringing network and cable everywhere. network and cable everywhere.


And, unless this is you…And, unless this is you…


Need Partnering of IT Need Partnering of IT and Maintenance Dept.and Maintenance Dept.

•• Need to clearly define system Need to clearly define system support roles. It’s critical!support roles. It’s critical!

•• Delineate support roles where Delineate support roles where network meets field devices.network meets field devices.

•• Repair and PM of readers.Repair and PM of readers.•• Surveillance Cameras Surveillance Cameras –– Same Same

story. Does IT climb ladders?story. Does IT climb ladders?•• Consider labor relations issues. Consider labor relations issues.


Typical ImplementationTypical Implementation

September 10, 2001September 10, 2001

The Port of Seattle had plans to The Port of Seattle had plans to construct and implement a new construct and implement a new access control system at Seattleaccess control system at Seattle--Tacoma International Airport using Tacoma International Airport using standard proximity card technology. standard proximity card technology. This new system was critical to This new system was critical to completion of a $587M airport completion of a $587M airport terminal expansion project.terminal expansion project.


But the world changed…But the world changed…


But the world changed…But the world changed…

And so did we.


Following 9/11Following 9/11

•• Increased focus on biometrics.Increased focus on biometrics.•• Emphasis on identification and Emphasis on identification and

authentication of transportation authentication of transportation workers workers –– TWIC emerges on scene.TWIC emerges on scene.

•• Formation of the TSA, DHS, etc.Formation of the TSA, DHS, etc.•• Development of information sharing Development of information sharing

networks and systems.networks and systems.•• Grant funding for Seaport Security.Grant funding for Seaport Security.


Our directives…Our directives…

•• Reevaluate plans in light of 9/11.Reevaluate plans in light of 9/11.•• Install a forward looking solution.Install a forward looking solution.•• Identify and recommend viable, cost Identify and recommend viable, cost

effective biometric technologies.effective biometric technologies.•• Insure that it would not jeopardize Insure that it would not jeopardize

airport terminal construction project.airport terminal construction project.•• Integrate into existing project for Integrate into existing project for

access control system replacement.access control system replacement.


Five Years of TWICFive Years of TWIC

•• In late 2001… TWIC was not In late 2001… TWIC was not ready for prime time in a large ready for prime time in a large access control project like ours.access control project like ours.

•• In early 2006… (insert your In early 2006… (insert your personal views here).personal views here).

•• The Port of Seattle decided to The Port of Seattle decided to go forward and not wait for TSA.go forward and not wait for TSA.


Biometric BasicsBiometric Basics

•• TWIC is simply one biometric TWIC is simply one biometric technology implementation.technology implementation.

•• TWIC is more about standards TWIC is more about standards authentication systems, authentication systems, process, and infrastructure than process, and infrastructure than biometrics alone.biometrics alone.

•• Many biometrics are not TWIC.Many biometrics are not TWIC.

Question: Is the Port of Question: Is the Port of Seattle System TWIC?Seattle System TWIC?

Answer: Answer:

No. But processes, technologies, No. But processes, technologies, security procedures, databases, security procedures, databases, etc., are TWIC enablers. etc., are TWIC enablers.


Levels of AuthenticationLevels of Authentication

•• What you have (Access Card)What you have (Access Card)•• What you know (PIN number)What you know (PIN number)•• Who you are (Biometric)Who you are (Biometric)

The use of biometrics adds the The use of biometrics adds the third level of security.third level of security.


Biometrics and Identity Biometrics and Identity TheftTheft

•• Biometrics will become more Biometrics will become more prominent in commerceprominent in commerce

•• If it is valuable to a thief, If it is valuable to a thief, biometric identities will be biometric identities will be stolen and misusedstolen and misused

•• Once it’s stolen, the victim has Once it’s stolen, the victim has no wayno way to change the biometric to change the biometric source source –– it is part of their beingit is part of their being

A Source of InformationA Source of Informationwww7.nationalacademies.org/cstb/pub_authentication.htmlwww7.nationalacademies.org/cstb/pub_authentication.html

Who Goes There? Who Goes There? Authentication Through the Authentication Through the Lens of PrivacyLens of Privacy


Biometric Technologies Biometric Technologies Considered by SeattleConsidered by Seattle

•• Finger ScanFinger Scan•• Hand Geometry ScanHand Geometry Scan•• Iris ScanIris Scan

A useful resourceA useful resource

Framework for Evaluating and Framework for Evaluating and Deploying Biometrics in Air Travel Deploying Biometrics in Air Travel Applications: Surveillance, Trusted Applications: Surveillance, Trusted Travel, Access ControlTravel, Access Control

International Biometric Group April 3, 2002International Biometric Group April 3, 2002


Finger Scan Finger Scan -- StrengthsStrengths

•• Proven technology capable of high Proven technology capable of high accuracyaccuracy

•• Ability to enroll multiple fingers Ability to enroll multiple fingers •• Familiar as an identification methodFamiliar as an identification method•• Range of deployment environmentsRange of deployment environments•• Ergonomic, easyErgonomic, easy--toto--use devicesuse devices•• Potential alignment with background Potential alignment with background

checks, derogatory searcheschecks, derogatory searches


Finger Scan Finger Scan -- WeaknessWeakness•• Performance can deteriorate over Performance can deteriorate over

timetime•• Association with forensic Association with forensic

applicationsapplications•• Users can intentionally damage Users can intentionally damage

fingerprintsfingerprints•• Need to deploy specialized Need to deploy specialized

acquisition devicesacquisition devices•• Vendor technologies not typically Vendor technologies not typically

interoperable (at the time)interoperable (at the time)


Hand Scan Hand Scan -- StrengthsStrengths

•• Able to operate in challenging Able to operate in challenging environmentsenvironments

•• Established, reliable core technologyEstablished, reliable core technology•• Long deployment history in air travel Long deployment history in air travel

environmentsenvironments•• Perceived as nonPerceived as non--intrusiveintrusive•• Based on a relatively stable Based on a relatively stable

physiological characteristicphysiological characteristic


Hand Scan Hand Scan -- WeaknessWeakness

•• Not highly resistant to false Not highly resistant to false matchesmatches

•• Design complicates usage by Design complicates usage by certain populations certain populations

•• Large size may limit deployment Large size may limit deployment to access control and kioskto access control and kiosk--type type applicationsapplications


Iris Scan Iris Scan -- StrengthsStrengths

•• Potential for exceptionally high Potential for exceptionally high levels of accuracylevels of accuracy

•• Capable of reliable identification Capable of reliable identification as well as verificationas well as verification

•• High stability of characteristic High stability of characteristic over lifetimeover lifetime

•• HandsHands--free operationfree operation


Iris Scan Iris Scan -- WeaknessWeakness

•• Acquisition of iris image requires Acquisition of iris image requires more training and attentiveness than more training and attentiveness than most biometricsmost biometrics

•• User discomfort with eyeUser discomfort with eye--based based technologytechnology

•• Glasses can impact performanceGlasses can impact performance•• Propensity for false nonPropensity for false non--matching matching


Biometric ComparisonBiometric Comparison

Finger Hand IrisEase HighHigh HighHigh MediumMediumAccuracy HighHigh HighHigh HighHigh

User Accept

MediumMedium MediumMedium HighHigh

Long Term

HighHigh MediumMedium HighHigh


Biometric ComparisonBiometric Comparison

Finger Hand IrisDecision Time

5 sec5 sec 33--5 sec5 sec 1 sec1 sec

Security Level

HighHigh MediumMedium Very Very HighHigh

Fraud MediumMedium MediumMedium LowLow

Data Size 90 90 bytesbytes

9 bytes9 bytes 512 512 bytesbytes


Reasons for Our Reasons for Our Biometric SuccessBiometric Success

•• Stakeholder involvementStakeholder involvement•• Scheduled/Managed ReScheduled/Managed Re--issuanceissuance•• FAQ’s provided to cardholdersFAQ’s provided to cardholders•• Running in parallel with old ACSRunning in parallel with old ACS•• Cardholder used test reader firstCardholder used test reader first•• Skilled and dedicated teamSkilled and dedicated team


Seattle’s Card Reader:Seattle’s Card Reader:BIO, PIN, LCD, MIFAREBIO, PIN, LCD, MIFARE


NonNon--Bio Card Reader:Bio Card Reader:Card Only, or Card + PIN Card Only, or Card + PIN

Less ExpensiveLess ExpensiveCompatible withCompatible with

same ID cardsame ID cardNonNon--critical usescritical usesBe sure to planBe sure to plan

for both bio and nofor both bio and no--bio readerbio reader


The Airport TSA The Airport TSA Biometric GuidelinesBiometric Guidelines

In my opinion, these airport TSA In my opinion, these airport TSA guidelines seem to lean towards guidelines seem to lean towards a networked centralized a networked centralized authentication without using authentication without using smartcards; and adding a smartcards; and adding a separate biometric subsystem.separate biometric subsystem.


The Seaport TWIC The Seaport TWIC Guidelines, Plans, Etc.Guidelines, Plans, Etc.

Due to the increased focus on Due to the increased focus on seaport security after 9/11, seaport security after 9/11, these environments (unlike these environments (unlike airports) may be installing their airports) may be installing their very very first first access control access control systems in a post TWIC world.systems in a post TWIC world.


One TSA TWIC DesignOne TSA TWIC Design


““Why TWIC”, says TSAWhy TWIC”, says TSAImproves SecurityImproves Security•• Reduces risk of fraudulent or altered Reduces risk of fraudulent or altered

credentials;credentials;•• Employs biometrics for secure, positive Employs biometrics for secure, positive

match of individual to authorized facility match of individual to authorized facility access points;access points;

•• Supports ability to interface and Supports ability to interface and communicate with other agencies; andcommunicate with other agencies; and

•• Provides timely systemProvides timely system--wide revocation.wide revocation.

Source: www.tsa.gov/interweb/assetlibrary/TWIC_Brief.pdf


““Why TWIC”, says TSAWhy TWIC”, says TSAEnhances CommerceEnhances Commerce•• Eliminates need for multiple Eliminates need for multiple

credentials and background checks;credentials and background checks;•• Leverages current security Leverages current security

investment and existing systems;investment and existing systems;•• Maintains process speed and Maintains process speed and

efficiency;efficiency;•• Expands eExpands e--government potential; andgovernment potential; and•• Enables publicEnables public--private partnership.private partnership.


Two Views of TWICTwo Views of TWIC

•• TWIC is:TWIC is:–– Applicant authentication, vetting.Applicant authentication, vetting.–– Visual Display ID CardVisual Display ID Card–– Access Control DeviceAccess Control Device

•• TWIC is:TWIC is:–– Applicant authentication, vetting.Applicant authentication, vetting.

•• #1 assumes national standards.#1 assumes national standards.


Your existing Access Your existing Access Control SystemControl System

•• Can it be upgraded to utilize Can it be upgraded to utilize biometric technologies?biometric technologies?

•• Is this this the mandate you Is this this the mandate you always wanted to replace a always wanted to replace a legacy system?legacy system?

•• Can the ID badge enrollment Can the ID badge enrollment system be biometrically system be biometrically empowered?empowered?


Interoperability and Interoperability and TransitionTransition

•• Can your legacy access control Can your legacy access control system be run in parallel with a system be run in parallel with a new system during installation?new system during installation?

•• Would a multi technology card Would a multi technology card assist in this process?assist in this process?

•• Can your ID badge production Can your ID badge production software system produce a multi software system produce a multi technology card?technology card?


Keep Legacy Access Keep Legacy Access Control System or Not?Control System or Not?

•• Wiring and PowerWiring and Power•• Administration of Smart ReadersAdministration of Smart Readers•• Proprietary or Open SystemProprietary or Open System•• Enables Information SharingEnables Information Sharing•• ID Badge SystemID Badge System


Biometric Readers: Biometric Readers: Wiring and Power IssuesWiring and Power Issues

•• Smart Card readers are like Smart Card readers are like small computerssmall computers

•• Higher power requirementsHigher power requirements•• Infrastructure must support Infrastructure must support

required UPS/Battery backuprequired UPS/Battery backup•• New readers New readers maymay require more require more

wire strands than you have now wire strands than you have now or maybe wire is OK as isor maybe wire is OK as is


Administration of Smart Administration of Smart Card ReadersCard Readers

•• Central admin may require data Central admin may require data network cable installed to doornetwork cable installed to door

•• Local admin with a configuration Local admin with a configuration card more labor intensivecard more labor intensive

•• Network monitoring tools can Network monitoring tools can impact networked readersimpact networked readers

•• Networking of readers builds for Networking of readers builds for the future but at a price the future but at a price


ID Badge SystemID Badge System

•• Can your existing ID badge Can your existing ID badge system enroll biometrics?system enroll biometrics?

•• Does the existing system meet Does the existing system meet current computing standards?current computing standards?

•• Are your able to quickly adapt Are your able to quickly adapt the system to a changing world?the system to a changing world?

•• Does it capture required data?Does it capture required data?


Another decision is how to do Another decision is how to do biometric validation…biometric validation…


Local or Central Local or Central Biometric Validation?Biometric Validation?

•• Local compares biometric on Local compares biometric on card to body part at readercard to body part at reader

•• Centralized authentication Centralized authentication compares body part at reader to compares body part at reader to stored biometric info; may be stored biometric info; may be dependant upon networkdependant upon network

•• Differing costs, security, and Differing costs, security, and legacy conversion tradeoffslegacy conversion tradeoffs


Why Consider Local Why Consider Local Validation at Reader?Validation at Reader?

•• Cost Cost –– no data network requiredno data network required•• Does not require access control Does not require access control

system to be “biometrically system to be “biometrically enabled” (but the ID enrollment enabled” (but the ID enrollment and production system does)and production system does)

•• Granting biometric door access Granting biometric door access is not network dependantis not network dependant


The smart card options The smart card options Seattle examinedSeattle examined

•• Contact Cards (ISO 7816)Contact Cards (ISO 7816)•• ContactlessContactless Cards (ISO 14443A)Cards (ISO 14443A)

Seattle uses MIFARE 4K Seattle uses MIFARE 4K ContactlessContactless Cards (ISO 14443A)Cards (ISO 14443A)


Contact Smart Card Contact Smart Card ––Current US Current US Gov’tGov’t IssueIssue


Contact Smart CardContact Smart Card

•• Chip takes up real estate where Chip takes up real estate where information could be printed.information could be printed.

•• Card requires contact to reader.Card requires contact to reader.

•• Possible limitations on card Possible limitations on card display: armbands, pouches, etc.display: armbands, pouches, etc.


With either ¢With either ¢ardard type type your ¢your ¢o$to$t$ will $ will ri$eri$e !!!!

•• ¢¢ardard $tock i$ more $tock i$ more expen$iveexpen$ive•• Slightly longer time to enrollSlightly longer time to enroll•• Print time Print time in¢rea$ein¢rea$e$$•• More ¢More ¢han¢ehan¢e of of me¢hani¢alme¢hani¢al / /

produ¢tionprodu¢tion failurefailure•• In¢rea$edIn¢rea$ed operator error rate$operator error rate$•• More way$ to break a ¢More way$ to break a ¢ardard


A new realm of card A new realm of card damagedamage

•• ID office induced problemsID office induced problems

•• Cardholder actionsCardholder actions

•• Biometric deteriorationBiometric deterioration


Badge Failure pointsBadge Failure points


ID Office InducedID Office Induced

•• Be sure card design allows for a Be sure card design allows for a hole punch that misses antennahole punch that misses antenna

•• Don’t use manual hole punch Don’t use manual hole punch ––too inconsistenttoo inconsistent

•• Do use electronic hole punchDo use electronic hole punch•• Choose card friendly lanyards, Choose card friendly lanyards,

pouches, etc.pouches, etc.


Cardholder ActionsCardholder Actions

•• Inform cardholder that punching Inform cardholder that punching holes in a card will damage itholes in a card will damage it

•• Educate cardholder that certain Educate cardholder that certain lanyards with metal clasps lanyards with metal clasps could damage card.could damage card.


Biometric DeteriorationBiometric Deterioration

•• Deteriorating finger quality due Deteriorating finger quality due to abrasion, injury, hobbies, etc.to abrasion, injury, hobbies, etc.

•• If the finger (and the spare) no If the finger (and the spare) no longer match, the cardholder longer match, the cardholder will be denied accesswill be denied access

•• May require reproducing cardMay require reproducing card


Ways to reduce smart Ways to reduce smart card costscard costs

•• No smart cards for public area No smart cards for public area badgesbadges

•• Solid ID office operator Solid ID office operator proceduresprocedures


Option for photoOption for photo--only only cards for public accesscards for public access

•• ID Badge software discerns ID Badge software discerns whether the badge type requires whether the badge type requires smart card featuressmart card features

•• Public area badges print on Public area badges print on common inexpensive card stockcommon inexpensive card stock


Operator and Office Operator and Office ProceduresProcedures

•• Operators thoroughly educate Operators thoroughly educate cardholder on proper usagecardholder on proper usage

•• Foster awareness on the expense of Foster awareness on the expense of unnecessary reprintsunnecessary reprints

•• Require proper card handling and Require proper card handling and printer maintenance proceduresprinter maintenance procedures

•• Cardholder validates card on test Cardholder validates card on test reader prior to leaving officereader prior to leaving office


Approximate Airport Approximate Airport Stats; Excluding SeaportStats; Excluding Seaport•• Badges per month: 900Badges per month: 900•• Total time to enroll: 35 minutesTotal time to enroll: 35 minutes•• Biometric enrollment: 30 Biometric enrollment: 30 secssecs•• Deteriorated biometrics: 2 / mo*Deteriorated biometrics: 2 / mo*•• Approximately 500+ readersApproximately 500+ readers

* * Smart card program < 3 years oldSmart card program < 3 years old


The enrollment processThe enrollment process






Failure to EnrollFailure to Enroll

•• Certain cardholders will be Certain cardholders will be physically unable to render a physically unable to render a biometricbiometric

•• Our failure rate is 0.42%Our failure rate is 0.42%•• Not tied to any demographic Not tied to any demographic •• An alternative to biometrics An alternative to biometrics

must be providedmust be provided


Require biometrics and Require biometrics and PIN code for access?PIN code for access?

•• Airport also uses PIN w/ Airport also uses PIN w/ biometric; Seaport does notbiometric; Seaport does not

•• All three levels of securityAll three levels of security•• Counteracts “fake finger”Counteracts “fake finger”•• Keeps PIN in person’s mind Keeps PIN in person’s mind ––

“use it or lose it”“use it or lose it”•• Provides future proofing for PIN Provides future proofing for PIN

enabled devices and functions enabled devices and functions


Perceived cardholder Perceived cardholder comfort level w/ readerscomfort level w/ readers

(Per ID Office Mgr)


Typical Reader Typical Reader Problems We’ve SeenProblems We’ve Seen

•• Ambient light on outdoor readerAmbient light on outdoor reader•• Dirty fingers or dirty read Dirty fingers or dirty read

surface surface •• Rain in Seattle !!Rain in Seattle !!•• Occasional failure of MIFARE Occasional failure of MIFARE

read unitread unit•• User error and impatienceUser error and impatience•• Broken card antennaBroken card antenna


Other biometric reader Other biometric reader ““gotchasgotchas””

•• Be sure to examine reader Be sure to examine reader programming tools providedprogramming tools provided

•• Be sure to specify how to handle Be sure to specify how to handle “collisions” with other smart “collisions” with other smart cards presented simultaneouslycards presented simultaneously

•• Anticipate biometric gate Anticipate biometric gate access on varying vehicle access on varying vehicle heights heights –– biometric adds a twistbiometric adds a twist


The Supermarket LineThe Supermarket Line

•• What will you will do to avoid What will you will do to avoid the “the “being in the wrong linebeing in the wrong line” at ” at the supermarket scenario?the supermarket scenario?

•• How will you handle problems, How will you handle problems, exceptions at the reader?exceptions at the reader?

•• Biometric smart cards are NOT Biometric smart cards are NOT the old “swipe and go” worldthe old “swipe and go” world


Possible Exception Possible Exception Handling TechniquesHandling Techniques

•• Very short time out periodsVery short time out periods•• A “cancel” button on readerA “cancel” button on reader•• Corrective prompts on LCDCorrective prompts on LCD•• Design authentication process Design authentication process

to allow alternate entry to allow alternate entry sequences (i.e., PIN then sequences (i.e., PIN then biometric, or biometric then PIN)biometric, or biometric then PIN)


Other IT IssuesOther IT Issues

•• Design and install a fully operational Design and install a fully operational test environment; stockpile spares.test environment; stockpile spares.

•• Consider portConsider port--wide ID compatibility.wide ID compatibility.•• Include cost recovery, point of sale Include cost recovery, point of sale

solutions if needed.solutions if needed.•• Do a thorough review of change Do a thorough review of change

management and planned management and planned maintenance; Impact on Security.maintenance; Impact on Security.


Our Primary ID/Access Our Primary ID/Access Technology vendorsTechnology vendors


Prime was responsible Prime was responsible for entire installationfor entire installation

•• Access Control SystemAccess Control System•• Smart Card ReadersSmart Card Readers•• Smart Card PrintersSmart Card Printers•• ID Badge software changesID Badge software changes•• Card StockCard Stock•• Lamination, FilmLamination, Film


Access Control SystemAccess Control System

Johnson Controls1757 Tapo Canyon RoadSimi Valley, CA 93063Tel: (805) 522-5555Fax: (805) 582-7888


ID Badge SystemID Badge System

WinBadge® AviationGoddard Technology Corporation7001-A Pelham RoadGreenville, SC 29615Phone: (864) 272-0065Fax: (864) 272-0066


Biometric ReadersBiometric Readers

1145 Broadway PlazaSuite 200

Tacoma, WashingtonU.S.A. 98402

Toll-Free:(800) 346-2674Phone: (253) 383-3617

Fax: (253) 591-8856


NonNon--Biometric ReadersBiometric Readers

Integrated Engineering – USAPO Box 32 Carmel Valley, CA 93924 Phone: 831 659 3218 Fax: 831 659 1009


Smart Card PrintersSmart Card Printers

FARGO Electronics, Inc.6533 Flying Cloud DriveEden Prairie, MN 55344USA


Q&A Q&A ––

Documents

Port of Seattle Biometric Card Access Control A Case StudyBiometric Basics • TWIC is simply one biometric technology implementation. • TWIC is more about standards authentication