Canada’s Restricted Area Identification Card Program
Posted: 7 June 2007 | Rob Durward, Director, Technical Programs. Canadian Air Transport Security Authority (CATSA) | No comments yet
On April 11, 2002, the Canadian Air Transport Security Authority (CATSA) was created as a Crown Corporation to assume a more direct role in Canada’s aviation security. One aspect of this new security role was to develop a secure biometric enrolment and identity verification program to prevent unauthorised individuals from gaining access to restricted areas of airports, such as maintenance hangers, refueling stations and baggage ramps.
Prior to CATSA’s formation, all non-passengers requiring access to restricted airport areas were required to present a Restricted Area Pass (RAP). To better fulfill its security mandate, CATSA began working with Transport Canada to replace RAP with a Restricted Area Identification Card (RAIC) in 2004. This program was designed to enhance security at Canada’s airports with the use of individual biometrics (fingerprints and iris) stored on a secure credential for individuals (non-passengers) accessing restricted airport areas. Under this new program, biometric technology is being incorporated into identification cards to validate the identity of the cardholder attempting to access a restricted area. In addition, a centralised database is used for identity access management to track in real-time the issuance, verification and cancellation of any and all RAIC cards.
In Canada, access control to restricted areas is the responsibility of each individual airport. The success of the RAIC program was therefore dependent upon the cooperation and commitment of all parties. CATSA saw this as an opportunity to not only meet federal mandates but also build an architecture that can become a standard for the entire government security community and be leveraged by other agencies. As a result, CATSA worked with Transport Canada, airports, unions, air carriers and other aviation industry stakeholders to develop and implement a restricted area pass credentialing system. CATSA formed diverse working groups, such as Enhanced Restricted Area Pass Working Group, to determine technical and security requirements and identify specific objectives and how to assess performance.
Airport authorities are solely responsible for the issuance, tracking and verification of all RAICs, while CATSA provides the technology for the airport authorities to not only enrol the people who work there, but also to verify their identity and clearance status in real time at designated access points. All airport workers, pilots and other designated personnel with access to baggage, ramp areas or aircraft must undergo strong identification and background checks before being issued a RAIC.
CATSA mandated a third party to develop a proprietary identity verification software solution, while using existing technologies from Bioscrypt Inc (fingerprint verification), Cross Match Technologies (fingerprint imaging), HID (contactless cards and readers) and LG Electronics (iris verification). Operational trials began in 2004 and were initiated at four airports: Vancouver International (which was replaced by Calgary International), Montreal’s Pierre Elliott Trudeau International, Kelowna International, and Charlottetown.
Once hired by an associated company or organisation and upon issuance by Transport Canada of a Document Control Number (DCN) with valid security clearance status, a new airport worker is directed to the Pass Control Office (PCO) to apply for a RAIC.
Although both biometric templates are used for operational purposes, the fingerprint template is the reference biometric and is checked against the CATSA Identification Database (CID), which is the central RAIC database. The fingerprint templates captured during enrolment are used in a “one to many” search against the CID to ensure that the person enrolling is unique. If no duplicate exists, the applicant is accepted and a record is created in the RAIC Airport Database (RAD) with “waiting for airport DCN” status. If a duplicate exists and the applicant has an active RAIC, the applicant is rejected and further investigation takes place. At the time of enrolment a unique identifier is automatically created in the application called the CATSA Identification Number (CIN). Renewal enrolment follows the same process as a new enrolment in that a new DCN is required when a security clearance expires and is reissued.
After a successful enrolment in the RAIC software application, the applicant must wait for the security clearance confirmation to come back from Transport Canada, which will allow the creation of the RAIC.
If an individual receives security clearance, Transport Canada emails files containing the security clearances to the individual airports and CATSA. The transmission contains the DCNs, status, expiry date, and airport of issuance. This information is then imported into the RAIC system, which automatically populates the DCN data in the individual applicant files using his or her name and birth date when the file is being created.
Requests are then made to the CID for necessary permissions, and to the RAD for the required personalisation data. When the DCN data in the CID and RAD are matched, a RAIC Identification Number (RIN) is created.
The final step in the personalisation function involves printing information, such as biographical data, photo, employer, identifier, and so on, onto the surfaces of the card. The output of this function is the production of a RAIC that is prepared for issuance to the applicant.
Once a card has been personalised, it is prepared for issuance. Applicants must present themselves to the PCO in order to receive their RAICs. Upon arrival, the RAIC is checked to ensure that the photograph and other data elements are accurate. Once confirmed, the RAIC is encoded (stored) with the RIN and biometric templates (2 fingerprints and 1 iris) onto the smart card chip. The applicant’s fingerprint and iris biometrics are then verified using readers, to ensure that the live sample matches the data encoded on the card.
If the verification is positive, the card is issued to the applicant and the RAD is updated to activate the card within the RAIC system. The RAD disseminates that information to the CID. If the verification is negative, the applicant is rejected and further investigation is conducted.
Once the RAIC is activated, the PCO officer enters data into the Access Control Database (ACD) where access privileges are established. Assigning privileges is the sole responsibility of the airport authority and outside the scope of the RAIC system.
The system architecture varies from one airport to the next, due to the different access control systems at the 29 Class 1 and 2 airports across the country. The classification system and the elements and criteria that go into the designation of an airport as a class 1, 2 or other is managed by Transport Canada. The following table lists all Class 1 and 2 airports:
Please note that Class 2 airports do not have a RAIC Airport Server, or a Pass Control Server. Cabling goes directly from the Airport Firewall to the RAIC Enrolment Station, and the interface is done between the Enrolment Station PC and the Access Control Server.
Access to an airport’s secure area is restricted to designated entry points. This has allowed readers to be installed in relatively few places allowing for the use of more costly but more accurate card readers that present fewer integration and scalability problems. Access points can be equipped with a fingerprint reader only, an iris reader only, or with both (for high volume locations); the system also allows the airport to either place a guard at the location, or to use a mantrap to ensure every individual accessing the secure area presents their own credentials. The additional layer of security provided by a biometric document of entitlement presents a formidable obstacle to people who would try to infiltrate an airport’s restricted area.
Mass enrolment of the approximately 100,000 employees at the 29 Class 1 and Class 2 airports was completed in December, 2006. Although it was the airport authorities’ responsibility to perform the enrolment, CATSA provided assistance through the provision of additional temporary enrolment stations and reimbursement for the additional costs of temporary enrolment personnel.
The cabling and installation of biometric readers and development of interfaces with existing airport systems occurred in parallel with mass enrolment. Each activity had a requirement for external contractors and was eligible for reimbursement from CATSA.
To accommodate employees, who in the course of their jobs must access the restricted areas of more than one airport on a regular basis (e.g. aircrew), a unique national card design was developed, the Multi-Airport Pass (MAP). The MAP solution consists of an Aircrew Pass and a Canada Pass that were issued to individuals using criteria provided by the Canadian Airports Council. Once aircrew are issued the distinctive looking RAIC, they are permitted automated access to the restricted areas of all 29 airports after verifying their identity and validating their pass on a portable biometric reader. The Canada Pass functions as any other RAIC but has a distinctive design. Canada Pass holders have to request access at other airports through the respective pass offices.
This is the world’s largest side-by-side comparison of user preferences for iris and fingerprint technologies. Cooperation among all of the stakeholders was the most critical element needed for the successful implementation of the RAIC project. As part of a group that included the airports, unions, and Transport Canada, CATSA was able to create a solution that met all of the needs of the various stakeholders while maintaining its core mission objective: the enhancement of security at all restricted areas in the airports across the country through the use of a biometric document of entitlement. This not only validates the identity of card holders, it also helps deny access to those who don’t have the proper credentials and security clearance. This in turn enhances the security of all workers at airports, and of all the passengers using those facilities. Biometric-enhanced identity management technology is used around the world by government agencies to authenticate identity and will continue to play an important role in helping keep Canada’s airports safer.
Rob Durward is currently working as the Director, Technical Programs, at the Canadian Air Transport Security Authority (CATSA). Rob’s foremost responsibility is the implementation and management of the Restricted Area Identity Card (RAIC) program. Rob is also responsible for running the Information Systems and Technology Branch for CATSA.
Since the creation of CATSA in 2002, Rob oversaw the design, architecture and implementation of the organization’s entire IM/IT Infrastructure, and assisted in the development of its operational systems.