Home' RTCA Documents for Review : DO-230H FRAC Contents 50
©2017 RTCA, Inc.
FIPS 201 technical standard and policy for PIV can be found on the National Institute of Standards and
Technology (NIST) website [Refer: Appendix A: Reference].
Issuance is just the beginning of the lifecycle of a credential and the identity of the participant it represents.
There are four core processes that must be managed over the lifecycle of a credential for the participant:
In all of the above processes, for those airports using biometrics, it is best practice to confirm the identity
of the individual using biometric identifiers that are registered for that participant in the IdM-CIS. Without
this process, it is best practice to collect a biometric sample of the participant to enable the biometric de-
duplication service (if provided) to confirm the identity. These measures mitigate risks of identity theft and
fraudulent access to facilities.
Renewal replaces a credential prior to that credential’s expiration date. Typically, re-issuance is required
when a credential is reported lost, stolen or damaged. Local policy determines if re-issuance is acceptable,
or if full re-enrollment is required prior to re-issuance. Local policy should specify a means to identify the
individual requesting re-issuance (e.g., verification of I-9 documents, biometric comparison to IdM-CIS)
prior to approving re-issuance.
Credentials reported damaged are presented to airport operator for confirmed destruction prior to re-
issuance. Every effort should be made to acquire lost or stolen credentials to take them out of circulation
Re-issuance may require re-enrollment of the participant. For operational performance and technology
refresh, the airport badging office may elect to re-enroll biometric samples to improve performance and
reliability using the latest technologies. The badging office may require the cardholder to self-select a new
To avoid biometric re-enrollment in the instance of a lost/damaged card or change in technology vendors,
standard interoperable biometric records should be stored in the IDMS. If biometric data is not stored on
the system and only in the card, the participant must be re-enrolled.
The reason any airport adopts biometrics for any purpose (e.g. access control or time and attendance)
is to provide a high level of assurance that the person using the device is actually that person, and not
someone who is simply using another’s access credential. While biometric technologies alone are not
foolproof, they can be viewed as an important tool to increase security – particularly when combined with
another method of authentication such as a card, PIN, or a second biometric modality.
Conventional access control systems are often based on something a person has in his/her possession, such
as a card. This is known as single-factor authentication. To increase security, a second factor can be added,
e.g., something they know, like a Personal Identification Number (PIN). But since cards can be lost, stolen,
or loaned to another person to gain access, and PINs can be forgotten, guessed or observed by others,
another authentication factor, such as biometrics, is now commonly added by airports wishing this
additional security assurance. With biometrics, there is a confirmed link to an actual person rather than an
item lost or stolen. Further, a biometric feature is more difficult to copy or steal than a PIN.
While recent advancements in biometric sensors and algorithms have addressed performance issues that
may have prevented the effective use of biometrics in the past, it is still important that the airport operator
Links Archive Navigation Previous Page Next Page