The Port of Wilmington, which opened in 1923 and handles nearly 400 vessels and 4 million tons of cargo each year is the busiest port on the Delaware River, and the leading North American importation site for fresh fruit, bananas and juice concentrate. It was also the first seaport to use the Transportation Worker Identification Credential (TWIC) card, beginning with the TWIC Technology Phase pilot program in October 2003. TWIC is designed to add a layer of security at ports by ensuring that workers in secure areas have received a background check and do not pose a national security threat.

As the TWIC program expanded as part of the Maritime Security (MARSEC) criteria, so did the need for a software program that could read and record information from both the existing TWIC protype cards used with the port’s physical access control system and the latest TWIC cards. In addition, it was important to find a solution that would allow the port to access the Transportation Security Administration’s (TSA) ‘TWIC Cancelled Card List’, a real-time database of unauthorised TWIC users, so port security personnel can quickly identify those with revoked rights.

Port officials chose HID Global’s pivCLASS Registration Engine software, which drives the Datastrip mobile readers and also resides on a desktop enrolment workstation in the port’s main office

pivCLASS Registration Engine software

Recognising this need, Port of Wilmington officials began exploring their options for software that could work with their existing Honeywell security management platform, Pro-Watch and work on mobile card readers to deploy the enrolment process throughout the facility.

Port officials chose HID Global’s pivCLASS Registration Engine software, which drives the Datastrip mobile readers and also resides on a desktop enrolment workstation in the port’s main office. An additional license for certificate management allows the port to re-validate TWICs each day, once they are enrolled with the Honeywell system.

Operational with Datastrip’s DSV2+Turbo mobile card readers

Before the Port of Wilmington became a pilot site for the TWIC smart card program, it relied on 125kHz proximity cards and readers for worker identification. With the advent of TWIC compliance standards, port officials needed a way to register TWIC cards with their existing Honeywell Pro-Watch physical access control system and enter cardholder data into their database that would merge both TWIC and existing ID cards. With this merger, the port would need only one card for the access control system.

It was also important to be able to enrol TWIC cardholders at the various access points to the port, which spans 307 acres of land. Therefore, the software needed to be functional with rugged mobile card readers, such as Datastrip’s DSV2+Turbo.

TWIC credentials are required for entry to the port by anyone requiring frequent, unescorted access to the facility that is entirely designated as a secure and restricted area

Finally, Port Security wanted the ability to access the TSA TWIC Cancelled Card List and match it against those being enrolled in the Port’s database as well as those using their TWIC cards. This would allow Security to take the appropriate steps when necessary, such as suspending a card, identifying people who were already enrolled in the Port’s database and not double enrolling them, or spotting a potential terrorist.

TWIC Credentials for entry to the port

By using pivCLASS Registration Engine, which was deployed on mobile Datastrip readers as well as a desktop computer, port officials are now able to register TWIC holders throughout the port and transmit that information to the Pro-Watch system. These cards can then be read at the fixed card readers located at various entrances and access points throughout the port.

TWIC credentials are required for entry to the port by anyone requiring frequent, unescorted access to the facility that is entirely designated as a secure and restricted area. These include longshoremen, truck drivers, surveyors, agents, chandlers, port chaplains and labourers who access secure areas. Tenants who have their offices at the port, such as produce giants Chiquita and Dole, are also required to be enrolled in TWIC.

Integrated with existing access control system

Patrick Hemphill, retired Manager, Port Security and Facility Security Officer at the Port of Wilmington who lead this project said the mobile readers have been taken to local union halls to enrol longshoremen before they arrive at the port.

This saved us a lot of time,” explained Hemphill. “We met with union leaders and set aside two, two-hour periods on pay days. The members were made aware of the need to know their PIN and we were able to enrol the majority of (union) members during those two days without interrupting their work schedule.

After seeing a demo of the software, and its ability to read TWIC card information, Floyd-Kennard recognised it as a possible solution that could be integrated with the port’s existing access control system

pivCLASS Registration Engine first came to the attention of Port of Wilmington’s Director of Human Resources, Sylvia Floyd-Kennard during an American Association of Port Authorities conference. After seeing a demo of the software, and its ability to read TWIC card information, Floyd-Kennard recognised it as a possible solution that could be integrated with the port’s existing access control system.

Testing the software in-house

Eric Schaeffer, President of Advantech Inc., the port’s systems integrator on the TWIC project, said one of the deciding factors in using this software was the ability to test the software in-house before making a commitment. He wanted to ensure that it would integrate with the existing Pro-Watch system. “Some companies have reservations about testing before buying,” Schaeffer noted, “but HID Global was confident in their product and were comfortable with us testing it.

Since this was one of the first implementations of pivCLASS Registration Engine software integrated with the Honeywell Pro-Watch system, Schaeffer said HID Global worked alongside Advantech to make sure everything worked as planned.

Registering TWIC FASC-N number and expiration date

For a major facility such as the Port of Wilmington, being able to enrol TWIC holders and verify their information anywhere using a mobile card reader results in a savings of security personnel, time and effort. Personnel can go where the enrolees are, rather than requiring everyone to come to a central location. The port is also able to continue to leverage its legacy physical access control system while adding in the important TWIC component.

The pivCLASS Registration Engine software allows the port to register TWIC information, such as the TWIC FASC-N number and expiration date, into the existing PACS cardholder record"

The pivCLASS Registration Engine software allows the port to register TWIC information, such as the TWIC FASC-N number and expiration date, into the existing PACS cardholder record,” said Geri Castaldo, vice president of Business Development, Federal Identity with HID Global. “If a new person is added, Pro-Watch automatically creates a brand-new cardholder record using the information from the TWIC such as first name, last name, FASC-N, expiration date and photo.

pivCLASS Certificate Manager

Checking against the TSA TWIC Cancelled Card List is a key benefit with the addition of HID Global’s pivCLASS Certificate Manager. The pivCLASS Certificate Manager goes out to the TSA list and re-validates the TWIC card status daily or on a user-defined schedule, so security personnel can see what has changed and react to the status of cardholders.

In the case of an elevated threat level, HID Global’s software is able to provide the additional authentication piece that would be required. If the threat level at the port is raised under the three-level MARSEC system, it can the use required use of a fixed readers with a biometric component.

Download PDF version

In case you missed it

Smart home access control growth and the future of door security
Smart home access control growth and the future of door security

There’s growing noise around smart homes and smarter security. You’ve probably heard it. But there is a place where access control and more have been smart for decades: the workplace. Home automation and IoT are still playing catch-up with the commercial sector. A new insights report from ASSA ABLOY and IFSEC Global — “The Smart Door Locks Report 2018” — measures just how fast consumer smart technology is running. According to a survey conducted for the report, 61% of households now claim to own at least one smart home device or system. Energy monitors, home CCTV cameras, intruder alarms and smart door locks are the most popular, according to the report. All these functions, of course, have been available to businesses for years.61% of households now claim to own at least one smart home device or system Educating the smart home consumer Paradoxically, report data also questions how much consumers really know about their smarter home. A surprising 42% of those surveyed, for example, were unaware they could control a smart door lock from their phone. In fact, many leading smart door lock models offer this feature, delivered by Wi-Fi or Bluetooth and an app. Despite a wealth of features offered by the latest smart door locks — remote and location-based locking/unlocking; voice activation; timed access; emailed entry alerts; and integration with smart camera and lighting systems — most people still have limited knowledge of their capabilities.  Smart technology is increasingly becoming the new norm in terms of home security  Only 14% of survey respondents described themselves as “very familiar” with what a smart lock can do. Even though most of them probably use smart access control solutions at their workplace. Secure homes through smart technology Monitoring and security are not the only drivers for smart home adoption. We humans also love convenience, and modern living presents us with problems that smart home technology can solve. Ironically, given the report’s findings, it takes a smartphone to really unlock the convenient possibilities of smarter living. The device that’s “always to hand” is central to the newest generation of smart door locks.A smart door lock is a convenient way for a landlord or agency to offer round-the-clock check-in and check-out If homeowners wish to remotely manage property access for friends and family, many smart door locks oblige. You let in guests remotely, send them a virtual digital key, or provide a temporary or single-use PIN to unlock the door. It is just as easy to revoke a digital key, if you don’t want its owner to come around anymore. This is a significant improvement over sharing physical keys — or hiding one under the doormat. We cannot be totally sure where a metal key ends up and have no way to track or cancel it once it’s “out in the wild”. Commercial access control offers such functionality as standard, of course.  In addition, smart door locks offer more than just stand-alone operation and clever functions. In a domestic setting, magic happens when locks work in harmony with a home automation system, connected by protocols like Z-Wave, ZigBee or Wi-Fi. "Smart" security on the move  The smartphone is becoming a remote control for managing a connected life beyond just home (and even workplace) security. According to Accenture, the parcel delivery services market will grow by $343 billion by 2020. Just like home security, convenience is a major driver of change. Homeowners can send guests a virtual digital key to their phones, or provide a temporary or single-use PIN to unlock the door A recent PostNord pilot in Sweden aimed to remove the inconvenience of waiting home for a postal delivery. Selected customers of some major Scandinavian e-retailers could choose to have parcels delivered inside their front door, if it was equipped with a Yale smart door lock.  Home delivery is among potential smart services covered in “The Smart Door Locks Report 2018 ”. When asked whether the ability to receive parcels securely in a porch or lobby would make them more likely to invest in a smart door lock, 79% said it would.It is easy to revoke a digital key, if you don’t want its owner to come around anymore Holiday rentals and smart home tech ASSA ABLOY research published in 2017 forecasts continued growth in the European holiday rentals sector (at 5.8% CAGR). Smart door locks are also making an impact here, at both ends of the market: for service providers — agents and homeowners — and for travellers. A smart door lock is a convenient way for a landlord or agency to offer round-the-clock check-in and check-out, without creating extra work or staff costs. Both Intersoft, in Croatia, and Hoomvip in Spain have built holiday rentals management systems around an app and the ENTR® smart door lock. Agents issue, revoke, track and manage virtual keys for all their guests, saving everyone time and hassle. Travellers use their phones and an app to unlock their apartment. For these visitors the smartphone is already an essential travel accessory. It is a boarding pass, a credit card, a travel guide, and a postcard home... why not a door key, too? And if this key is backed by a trusted home security brand — and a company with vast experience in the mature market for commercial “smart” security — better still.

Bosch startup SAST addresses need for evolved solutions in security industry
Bosch startup SAST addresses need for evolved solutions in security industry

Security and Safety Things GmbH (SAST) is a new company that has announced its vision for an Internet of Things (IoT) platform for the next generation of security cameras. The Bosch startup plans to build a global ecosystem for the development of innovative security camera applications. Based on the Android Open Source Project (AOSP), SAST provides libraries, an API framework, and codecs for developers to work with. The SAST App Store will allow developers to build and market new applications, similar to today’s app stores for smartphone applications. We presented some questions to Nikolas Mangold-Takao, VP Product Management and Marketing, about the new venture, and here are his responses: Q: Why a new company now? What technology innovations have made this a good time to launch this company? The time is right to bring market needs and technological innovations together on one platform"Mangold-Takao: From a technical perspective we see two main drivers: increasing computing power at the edge and increasing internet connectivity, which will enable devices to directly communicate with each other and bring new technologies such as artificial intelligence also to the security and safety industry. At the same time, we see that this industry and its users are hungry for more innovative solutions – addressing new security needs while at the same leveraging the possibility to improve business operations for specific verticals, e.g. retail and transportation. The time is right to bring market needs and technological innovations together on one platform for this industry. Q: Why does SAST need to be a separate entity from Bosch? Mangold-Takao: SAST is setup as a wholly owned subsidiary of the Bosch Group. We wanted to make sure that SAST is able to underline its role as an industry standard platform across multiple players. SAST is open to get additional investors and is being setup as a startup in its own offices in Munich to foster the environment where speed and innovation can more easily take place. Having said that, several entities of the Bosch Group are very interesting partners for SAST. The SAST App Store will allow developers to build and market new applications, similar to today’s app stores for smartphone applications Q: Please explain your "value proposition" to the industry. Mangold-Takao: We will bring new innovations and possibilities to the security and safety industry by providing an open, secure and standardised Operating System for video security cameras, to also address pressing issues such as cyber security and data privacy concerns. Devices that run then with the SAST operating system will work with an application marketplace provided and operated by SAST. Integrators and users can then use these apps from this marketplace to deploy additional functionality on these devices. With our platform we will be able to build up a community of app developers, including the ones not yet developing for this industry who have expertise in computer vision and artificial intelligence. Q: It seems what you are doing has parallels with the Apple and Android "app" stores. How is your approach the same (and how is it different) than those approaches? We are setting up SAST as a user-centric company and involve selected users very early on in the process"Mangold-Takao: The approach is similar in the way that we plan to generate revenue by operating the application marketplace and thus participate in the app revenue. The difference is that there is much more needed than apps and cameras to create a complete working solution addressing a user problem in this industry – we need to make sure that our own platform as well as the new applications being created will work as a part of an end-to-end solution. Q: "Critical mass" and wide industry participation seem to be requirements for your success. How will you achieve those goals? Will you involve integrators, consultants, or other parties in addition to manufacturers (to drive awareness)? How? Mangold-Takao: SAST is in close exchange with device manufacturers, integrators and consultants, as well as application developers and large end-users at the moment to ensure that we are building the right platform and ecosystem for this industry. We are setting up SAST as a user-centric company and involve selected users very early on in the process. We will run dedicated programs and hackathons to attract app developers, already active and new to our industry. We will also run selected pilots with end-users throughout 2019 to ensure we have all partners involved early on. SAST sees the industry is hungry for more innovative solutions – with the retail vertical market a target for these solutions Q: What timeline do you foresee in terms of implementing these initiatives? Mangold-Takao: While we start with first app development programs and plan our first pilots already for this year, we are planning our commercial launch for end of 2019. Q: How does your new company relate to the new Open Security & Safety Alliance (OSSA)? Mangold-Takao: The Open Security and Safety Alliance has been working very closely with SAST over the past year, defining some important concepts and elements required. One of the most important elements is an open and standardised Operating System, specific to this industry, which will then bring forward new innovative technologies and solutions. SAST is actively working on this Operating System, based on Android Open Source Project (ASOP), but is evolved and hardened with industry-specific features. Q: What's the biggest thing you want the security industry to understand about SAST? What is your "message" to the industry? Mangold-Takao: Our message is simple: let’s build better security and safety systems – together! But for real, innovating an industry is a joint effort, we can only bring new innovation to this industry with partners who share our vision and are excited about new technology. At the same time, we strongly believe that our platform allows every partner to bring forward what they do best but also invite new partners to our industry.

What is the value of remotely monitoring a system's health and operation?
What is the value of remotely monitoring a system's health and operation?

When is it too late to learn that a video camera isn’t working properly? As any security professional will tell you, it’s too late when you find that the system has failed to capture critical video. And yet, for many years, system administrators “didn’t know what they didn’t know.” And when they found out, it was too late, and the system failed to perform as intended. Fortunately, in today’s technology-driven networked environment, monitoring a system’s health is much easier, and a variety of systems can be deployed to ensure the integrity of a system’s operation. We asked this week’s Expert Panel Roundtable: How can remote monitoring of a security system’s health and operation impact integrators and end users?