Secure Identities for US Transportation Workers at the TSA 


TSA were looking to issue a tamper-resistant biometric credential to maritime workers requiring access to secure port facilities and vessels.A key driver for TSA was to meet US Government Homeland Security Presidential Directive 12 (HSPD-12) standards, to achieve interoperability with other federal identity access management and implement a best practice workforce digital identity process.Obtaining a Transport Worker Identification Credential (TWIC) smart card must provide biographic and biometric (fingerprint information), sit for a digital photograph and pass a TSA security threat assessment.

Key requirements:

  • Use of FIPS 201 (PIV) technology and processes
  • Combined centralized production with local card activation
  • Over 160 distributed enrollment and activation centers throughout the US
  • Integration with central card personalization bureau for secure printing
  • Fingerprint verification of applicant prior to card activation Integration with central identity management infrastructure
  • Multi-application card combining contact and contactless technology
  • Strong authentication of operators and non-repudiation of operator actions


MyID® credential management system (CMS) integrates within TSA’s federal identity management solution to provide a single software platform for end-to-end identity registration and credential issuance to TSA workers’ smart cards.

Without a TWIC card transport workers are not able to gain access to secure facilities and networks, a system that means the US Transportation Security Administration can have total confidence that only approved personnel are able to access secure buildings, systems and networks.

The MyID software is passed registration data from the IDMS and formats it into a card personalization request; this is forwarded to the personalization bureau. Printed cards are locked and sent to activation locations. The receipt of a card batch is used to trigger a notification to the applicant that their card is ready for activation. The applicant visits an activation location, places their card into a MyID activation station and follows a simple self-service workflow that requires biometric verification before the card is unlocked, personalized with certificates and activated for use.



The system boasts a load balanced deployment designed for high volume throughput, functioning as a single product that manages all aspects of identity registration, credential issuance, and lifecycle management.


The system employs a multi-server deployment for high availability and a load balanced deployment for high volume throughput, alongside simple web-based workflows that necessitate minimal operator training, thus enabling end users to self-serve.

Trusted by Governments and Enterprises Worldwide

Where protecting systems and information really matters, you will find Intercede.  Whether its citizen data, aerospace and defense systems, high-value financial transactions, intellectual property or air traffic control, we are proud that many leading organizations around the world choose Intercede solutions to protect themselves against data breach, comply with regulations and ensure business continuity.