TSA Press Office
U.S. DEPARTMENT OF HOMELAND SECURITY
Transportation Security Administration
FOR IMMEDIATE RELEASE - January 20, 2006
Smart Card Technology to be Used to Store Fingerprint Biometrics
WASHINGTON, D.C. – The Transportation Security Administration (TSA) today announced several parameters for a nationwide private sector Registered Traveler (RT) program, including the biometrics to be used for identification purposes and the redress process for individuals who are denied access to the program. The Registered Traveler program is envisioned as a means to accelerate the screening process at participating airports for passengers who voluntarily choose to enroll in the program.
As the recently announced Rice-Chertoff vision for developing new solutions that ensure the best use of new technologies and more efficient processes to improve security and facilitate travel across U.S. borders moves forward, TSA will work with the private sector providers of Registered Traveler programs to harmonize technologies and business processes with government-sponsored travel facilitation programs. Moving forward, the program will be harmonized with the DHS-State Department PASS System (People, Access, Security, Service), the credentialing effort announced earlier this week by Secretaries Rice and Chertoff.
“Security is and will continue to be TSA’s number one priority. We are receptive to innovative private sector ideas to develop a market-based nationwide program that enhances security and offers a more appealing travel experience to program participants,” said TSA Administrator Kip Hawley.
In order to give industry the opportunity to begin offering Registered Traveler programs later this year, TSA is directing RT program providers to collect 10 fingerprint images from each applicant. This biometric information will be used to verify participant identity at RT checkpoints. These biometrics, which are in widespread use today, provide exceptionally high levels of accuracy. With 10 fingerprints on the participant’s smart card, the likelihood that identity can be accurately confirmed is improved.
To store biometric data for identity confirmation, RT programs will utilize Smart Card technology that conforms to current Federal Technical Implementation Guidance (see http://smart.gov), and biometrics will be stored consistent with biometric standards established by the American National Standards Institute/InterNational Committee for Information Technology Standards (ANSI/INCITS). All Registered Traveler data will be handled in compliance with the Federal Privacy Act.
Registered Traveler applicants who believe that a determination has been made in error that they are ineligible to participate in the program, or participants who have had their eligibility revoked, will have the opportunity to seek redress. While the consolidated traveler screening redress process envisioned by the Rice-Chertoff initiative is being developed, TSA will utilize its current Office of Redress to handle Registered Traveler redress matters. Registered Traveler redress procedures will mirror those now utilized to resolve watch list issues. To facilitate the Registered Traveler redress process, an individual may be asked to furnish additional information and/or documents; the information requested will be limited to that which is necessary to resolve the particular matter. Individuals will be notified of the results of their appeal in writing.
The Registered Traveler programs will be market-driven and offered by the private sector. Individual participation in a Registered Traveler program will be entirely voluntary, with prices established by private sector providers. TSA will mandate a core RT security assessment for each applicant to a Registered Traveler program. If RT providers undertake more in-depth security background checks (e.g., by using commercial data specifically authorized by customers, or by other voluntary means), TSA will offer a variety of enhanced or time-saving participant benefits at passenger screening checkpoints. Participants may receive significant efficiency benefits over what exists today, if additional security is added by a more thorough background check.
We know that terrorists may seek to exploit the Registered Traveler program, and the program must be designed to thwart those efforts. Therefore, program benefits will change from time to time in order to make it more difficult for terrorists to anticipate our security activities. Further, TSA will not exempt Registered Traveler participants from random additional screening.
If the RT businesses wish to make investments in approved screening equipment, fund additional screeners, and/or obtain space for separate RT screening, then TSA is prepared to authorize the use of dedicated screening lanes or alternative screening locations for RT participants.
Today’s announcement is the latest progress point in a plan announced by Hawley last fall that is expected to lead to TSA approval of qualified RT programs by June of this year.
On December 15, 2005, TSA issued a Request for Information to assist in the identification of one or more business models for the program that can meet the requirement for nationwide interoperability, be sustained solely through user fees, and provide scalable and sustainable operations. Responses to the Request for Information are due to the agency on January 20, 2006.
Respondents were asked to describe business process options for the following functions:
- Enrollment and biometric capture
- Identity/document validation at enrollment
- Card issuance and revocation
- Data transfer and storage throughout the system
- Interface technology for the smart card and verification system
- Audit processes and procedures
- Compensation for participating entities
- Identification verification at the security checkpoint
- Membership renewal
Respondents were also asked to:
- Define and estimate the applicant volume necessary to support any capital/infrastructure investments that would be required, operational costs, and pricing assumptions in their business model;
- Define the fee structure and flow of funds to participating entities under their business model; and
- Identify the roles of service providers and any possible contractual relationship.
By late April, TSA expects to (1) select an entity to certify service providers and manage compliance, (2) issue recommended amendments to Airport Security Plans (ASPs) establishing requirements for airport checkpoint verification providers; and (3) receive plans from interested parties for achieving interoperability among Registered Traveler programs.