Transportation workers and seaports go together. While the fresh sea breeze may be refreshing, it represents a special challenge for the electronics in a security system. Salt air is highly corrosive and can drastically shorten the life of contacts and connectors. The designers of the credentials for the TWIC system correctly decided to use a "contactless" RF interface to talk to the card and maximize reliability. Unfortunately, this introduces some challenges. For instance where a PIV card's fingerprint templates are encoded in plain text, the TWIC applet stores the fingerprint in encrypted form to maximize security over the wireless interface. When the fingerprint is transferred to the reader for matching, the reader must decrypt it with the TWIC's unique privacy key (TWIC privacy key, or TPK).
The TPK can be obtained from the magnetic stripe or from the contact interface. PACS registration software designed for use in a TWIC environment should extract TPKs, thus making them available to mobile and fixed TWIC readers.
Solution
The PIVCheck suite of products was designed to support the needs of the TWIC community. Credentials are fully and quickly validated using the contactless interface. In addition, the use of a TSA hotlist is fully supported.