A U.S. Government Accountability Office (GAO) audit of the TWIC card reader pilot program calls into question the program’s premise and effectiveness in enhancing security after the results were found to be unreliable.
GAO’s review of the pilot test, which was launched in 2009, aimed at assessing the technology and operational impact of using the Transportation Security Administration’s (TSA) Transportation Worker Identification Credential (TWIC) with card readers. The results of the review showed that the pilot test’s results were incomplete, inaccurate, and too unreliable to inform Congress on developing a regulation about the readers.
The report cites challenges related to pilot planning, data collection, and reporting affecting the completeness, accuracy, and reliability of the results.
Specifically, pilot data collection and reporting weaknesses cited in the review included:
- Installed TWIC readers and access control systems could not collect required data, including reasons for errors, on TWIC reader use, and TSA and the independent test agent (responsible for planning, evaluating, and reporting on all test events) did not employ effective compensating data collection measures, such as manually recording reasons for errors in reading TWICs.
- TSA and the independent test agent did not record clear baseline data for comparing operational performance at access points with TWIC readers.
- TSA and the independent test agent did not collect complete data on malfunctioning TWIC cards.
- Pilot participants did not document instances of denied access.
The GAO recommended that DHS components implementing the pilot–TSA and the U.S. Coast Guard (USCG)–develop an evaluation plan to guide the remainder of the pilot and identify how it would compensate for areas where the TWIC reader pilot would not provide the information needed.
TSA officials said challenges, such as readers incapable of recording needed data, prevented them from collecting complete and consistent pilot data. As a result, TSA could not determine whether operational problems encountered at pilot sites were due to TWIC cards, readers, or users, or a combination of all three.
GAO recommended that Congress halt DHS’s efforts to promulgate a final regulation until the successful completion of a security assessment of the effectiveness of using TWIC.