Fingerprint biometrics secure access at air terminals
Security is soaring at Canadian airports with the rollout of a dual biometric-based airport identification card program by the Canadian Air Transport Security Authority (CATSA).
The Restricted Area Identity Card (RAIC) program, implemented across 29 Canadian airports, was an initiative by the Ministry of Transport that began in 2002 in a bid to beef up security at Canada’s airports.
To date, some 100,000 Canadian airport workers are enrolled in the RAIC program, which involves a two-factor biometric-based authentication system. The program uses chip-based smart cards, issued to all airport personnel, and biometric readers for fingerprint or iris verification, according to Peter Burden, RAIC program manager at CATSA in Ottawa.
The current RAIC deployment is the result of thorough research by Burden’s team to determine the best technology architecture to serve the program’s objectives. In the end, biometrics proved to be the right course of action.
CATSA chose fingerprint biometric technology from Markham, Ont.-based Bioscrypt Inc. Leveraging the existing chip-based smart cards used by airport employees for identification and authentication, CATSA added on Bioscrypt’s fingerprint matching algorithm to provide a two-factor authentication platform for airport employees.
Each airport is responsible for enrolling airport personnel, including airline employees, cargo and baggage handlers, and others. Upon enrolment, the employee’s pertinent information, such as name, employee ID and employer, is encoded on the chip of the smart card issued to the employee. The person’s biometric information – digital image or template of one’s fingerprint and iris – is also captured and stored on the smart card chip.
The biometric reader then authenticates an employee by matching the data on the smart card with the employee’s biometric prints. The RAIC technology has also been integrated into each airport’s access control system that defines a particular employee’s access privileges, according to Burden.
“Once that (biometric) information is encoded onto the card (upon enrolment), it’s deleted from the local system so there is no biometric template (stored) on any airport database,” he added.
Storing the employee’s identification data on his or her smart card, instead of in a central database, was ideal for an extensive rollout such as that of RAIC, explained Matt Bogart, director of corporate development for Bioscrypt.
In addition, Bogart said, it eliminates the need to invest in additional infrastructure that would have been necessary for maintaining a centralized system.
Prior to full deployment, CATSA pilot tested the technology in four airports, namely Vancouver, Montreal, Kelowna, B.C., and Charlottetown, P.E.I.
“We chose four airports of different sizes and makeup. We developed a concept of operations and we implemented that (in those airports). And then we extracted the lessons learned from those trials, improved the program, and then started actual implementation in April 2005,” explained Burden.
In addition to Bioscrypt, CATSA also uses hardware from Quebec-based Labcal Technologies Inc. called Be.U Mobile, which serves as handheld biometric readers complementing the existing fixed readers already installed at the airports.
There are currently 150 handheld readers deployed in all 29 airports, and CATSA is expected to deploy an additional 200 devices with wireless capability. This would facilitate phase two of the RAIC program that will expand the authentication capability outside of the airport terminal buildings, according to Greg McConnell, Labcal’s director of business development for the Americas region.
Technology integration and testing between Bioscrypt and Labcal began in the fall of 2005, a year-long process that included field testing and optimization at the airports to ensure that the technologies are working according to CATSA’s requirements, said McConnell.