Introduction to BISA
Biometric Identification System for Access
April 10 2008
Base Access Operations Manager - CONUS
About This Briefing
The aim of this briefing is to provide a general overview of the
BISA program, its processes, and its current operational status
The Origin of BISA
• Following the liberation of Iraq, US and
coalition partners established military bases
throughout the country.
• MNF-I‟s original base access program for local
national and third-country nationals (LN/TCN)
called for „dumb badges‟, which were easy to
forge, and relied on human authentication
(eg, sentry checks photograph, then grants
• In December 2004, the mess hall at Mosul was
attacked by a suicide bomber, who used a
forged „dumb badge‟ to gain access to the
• The requirement for a more robust base access
program, using biometric recognition, was
signed by DEPSECDEF in March 2005.
• The intent was to use a more thorough vetting
process resulting in a „smart-card‟ base-access
• Homeland Security Presidential Directive 12 (HSPD 12) had already established broad requirements and
limitations for identity verification of persons seeking access to US Federal facilities.
• The new system mandated by DEPSECDEF would have to meet these requirements.
• Review HSPD 12 at http://www.whitehouse.gov/news/releases/2004/08/20040827-8.html
• For further background, see http://www.smartcardalliance.org/alliance_activities/FIPS_201_resources.cfm
(describes new Federal Information Processing Standard for physical security).
• Within Iraq, MNF-I Force Protection Policy Annex G defines the local requirements for the BISA badge.
The New Requirement (post-Mosul)
The Mosul incident demonstrated the need for the following:
Better vetting of non-US persons seeking access to US bases;
‘How can we give ourselves the best possible assurance that a person who applies for
routine and regular access to a US base can be trusted?’
Better means of identity verification of non-US persons arriving for work at US
bases on a daily basis, prior to allowing entry;
‘Is this person really the one we vetted, and to whom we issued an authorized base-
The identity management features of the BISA system meet both of these needs.
It is significant that in the three years since BISA was deployed, there has not been
an incident similar to Mosul at a US base in Iraq.
The BISA Process – Broad Overview
Sources of IRAQI records in ABIS Database
DOD BIOMETRICS FUSION CENTER
BISA Site* Biographic and Biometric data CLARKSBURG, WV
taken at Enrollment Stations
and submitted for transmission BFC
Checks transmitted files
VSAT against records in ABIS Crime Scene Latents (eg @ IED sites)
ABIS 1990 EPW
C3 Conex Oil For Food
Automated Biometric Information System Saddam-era Criminal Cards
A database of biometric and biographical
“Print Card” data collected from persons of interest Over 400,000 pre-existing off-line paper records
were translated into English and scanned into ABIS
Does Applicant’s Yes
Smart Card Printer Adjudication
Reports to BISA Site record match that from
another source? Process
Non-US citizen Card issued to
applies for applicant;
employment on Biometric data Yes Issue No
US base stored on chip Card? TBA...
* Standard BISA „Tier I‟ Site consists of 2 x Enrollment trailers, 1 x Waiting Trailer, 1 x Issuance Trailer, 1x VSAT-capable C3 Conex, and 1 x Storage Conex.
BISA Site: Physical Layout
C3 Conex The C3 Conex is manned by the
Site Systems Administrator (SA).
He / she ensures VSAT connectivity with
Issuance Trailer BFC, and overall system operability.
A standard enrollment trailer
contains four enrollment stations.
In addition to 4 x trailers and 2 x Conexes, site also includes
generators, frequency converters, and blast and fragmentation
Enrollment to Printing: 1-2 Days* * assuming non-idents
Applicant begins enrollment procedure...
PRINT?: Yes / No...
enrollment procedure... Applicant reports to site to pick up printed badge
How BISA Works: Controlling Access
Badge holders are directed to a base
ECP (Entry Control Point) when they
arrive for work each day.
Badge holders are required to insert
their badge into an HHT (hand-held
terminal) carried by a sentry; they
then place their right index finger on This is the display the sentry sees
a platen on the terminal, so that the on an HHT once a comparison is
software on the device can compare complete. Note the green check
the actual fingerprint image from the marks and the red ‘NO’ symbol.
platen to that stored on the biometric This example shows that the badge
template on the badge itself, allowing is still valid (has not yet reached
for a fast, all-electronic comparison expiration date), the certificates
of the fingerprint and other key are valid (have not been revoked
data, the results of which are for cause), but that the fingerprint
displayed on the screen. on the platen DOES NOT match
that on the biometric template of
Standard security routines still apply.
the badge. Standard SOP will be
applied in this situation.
The BISA Process
• The BISA process consists of the following discrete steps:
– Vetting and Adjudication
– Card Printing and Issue
– System Updates: CRL and Software
• We will look at each of these steps over the following slides.
• We will also look briefly at additional functional areas such as
contracts, funding, logistics, role of PM and other organizations, etc, as
well as the imminent future of the BISA system (effects of force reductions
MNF-I Base Access Application
• The current application form lists routine items of biographic and employer data in
both English and Arabic.
• It is a two-page document which must be approved by a military sponsor.
Enrollment (1) – The Process
• Once a military sponsor has approved a badge
application, the employer is directed to send
the applicant to a BISA enrollment site.
• There, a US contractor enters the data from
the form along with the following items to
create an ‘EBTS’ (Electronic Biometric
Transmission Standard) file:
– 10 fingerprints rolled to FBI standard
– Scan of applicant’s iris
– Five photographs showing the face from
• This information is entered in the proprietary
biometric enrollment database, custom-
designed for BISA.
Top: Data fields on enrollment workstation
Bottom: enroller processing an applicant at a BISA site.
Enrollment (2) – The Equipment
All peripheral devices
used during the Camera and operator screen
Fingerprint scanner enrollment process
for facial photos
are connected to a
computer, and the
entire package is
referred to as the
Iris scanner Enrollment Workstation –
• All the enrollment data taken by the
enroller and the peripheral devices
are packaged into an ‘EBTS’ file, and
sent to the site’s ‘C3 Conex’.
The C3 Conex at the IZ.
Note the VSAT dish on the roof
• The site System Administrator (SA)
in the C3 Conex ensures that each
file is sent over the VSAT to the BFC
for further processing.
Site SA in the C3 Conex with BISA Fwd Staff
Vetting and Adjudication
• On receipt at the BFC • Records are routed through ABIS and
(Clarksburg, WV), files are QA’d by BFC IAFIS, and returned to the BFC as either
staff, then submitted to yet another ‘Idents’ or ‘Non-Idents’.
‘Transaction Manager’ which prepares
and sends them to: • BFC staff then advise the ‘Idents’ to
– DOD ABIS, and theater ‘Adjudication Authorities’ via a
– FBI IAFIS (Integrated Automated secure web-site. The Adjudication
Fingerprint Identification System). Authorities are military officers delegated
by base Force Protection staff with
• These resources are co-located at the authority to determine which ‘Idents’
FBI CJIS (Criminal Justice Information should be granted / denied badges.
Service) at Fairmont, WV.
• Via the secure website, Adjudication
• We have seen how DOD ABIS contains Authorities advise the BFC which badges
records from various sources. The FBI to print. The BISA print server at the BFC
IAFIS contains data from US domestic is then made ready to communicate the
crime scenes and arrest records. ‘print’ decision to the print clients in
theater. Note that there is no way to print
a badge at a site without authorization
from the print server at the BFC.
Card Printing and Issue (1)
BFC TRANSACTION SITE VSAT
IAFIS MANAGER (X 10)
USA BISA Print Server
10 x Print Clients
(1 per BISA Tier 1 Site
10 x CP80 Printers
(10 X PRINT SITES)
Card Printing and Issue
• The military OIC at each site calls employers to advise that badges are ready for
their new personnel. These personnel are then directed to the BISA Site
(Issuance Trailer), where they pick up their badges. These are immediately verified
to ensure that the badge is issued to the person who applied for it.
Badging Officer in the IZ with a Hand-Held ‘Portals’ set up at a checkpoint in the IZ.
Terminal (HHT) used for verification
One end of a ‘portal’; card reader, fingerprint
LN/TCNs passing through the ECP at the reader, and a number pad. The ‘other end’ is a
IZ, verifying their IDs per the BISA process. laptop which ‘reads’ these devices.
• LN/TCN workers arriving for work each day are
required to ‘swap’ their national ID card at the ECP
for their BISA badge.
• The badge is handed over to the employee, who is
then required to insert it into the verification device
in use at the ECP (Portal or HHT). • Note that in recent months, non-
biometric BISA badges have been
• The verification device reads data from the card, and issued to certain classes of personnel.
checks and advises the following in sequence:
• These are mostly coalition military
– the expiration status (by date), forces whose governments have not
– the authenticity of the PKI certificate, and agreed to the submission of their
– the biometric comparison (match / non-match). biometric / biographic data to USG.
• In lieu of biometrics, badge holders
• Procedures for non-match are covered by base FP will use a PIN on the card’s chip to
SOP. authenticate their ID.
• During the work day, LN/TCN workers are subject to
random ID checks on HHTs.
• At the end of the work day, the workers return their
BISA cards at the ECP for their national ID cards.
There are two forms of system updates:
- Software Updates (Enrollment and CMS)
- CRL Updates
Software Updates CRL (Certificate Revocation List)
(Enrollment and CMS) Updates
• There are two major component groups of • There may be a requirement to revoke the
BISA software: certificate of validity of a BISA badge, so
– Enrollment System that the next time the holder attempts to gain
– Card Managment System (CMS) access to the base, the verification
procedure will show the revocation, and he
• Changes to system software derive mainly will be denied.
from field experience, requirements to
improve system management, and changes • Lists are compiled at the BFC, and sent by
in access control policy. e-mail to BISA Fwd. BISA Fwd then
distributes them to the affected bases.
• The BFC convenes the BISA CCB (Change
Control Board) once every two weeks to • The VIT at affected bases is then required to
suggest, review, discuss, and implement load the list onto all the verification devices
changes to both the Enrollment System and (portals and HHTs).
Contracts and Management
• BISA is operated by „Team STI‟; a partnership of the following:
– STI – Sensor Technologies Inc
– NGIT – Northrop Grumman Information Technologies, Inc
– I3 – Ideal Innovations, Inc
• BISA is managed by Program Manager DoD Biometrics. HQ is at
Ft Belvoir, with forward offices located at Victory Base
Complex, Baghdad, Iraq.
Key BISA Statistics as of 04/10/08
• Operational at 24 sites in
• 320,188 enrollments of
local and third-country
nationals at US bases in
Iraq (current average of
635 per day).
• Almost 319,000 cards
• 400+ enrollments yielded
critical data on persons of
• Significant arrests have
been made by both Iraqi
and US security forces as
a result of BISA‟s
BISA In Action
Base workers after being issued
A Badging Officer checks an their BISA badges
application form at a BISA
applicants to Military sentry at ECP
the checks identity of vehicle
enrollment driver using BISA hand-held
site to begin terminal (HHT). Note the
collection of badge inserted into the
biographic slot, the actual finger resting
and on the platen, and the screen
biometric which displays authentication
data data for badge
validity, and fingerprint
Quad Charts for BISA
The following slides show one-slide summaries of
each of the following:
The original BISA system (Tier One),
Tier Two, and
BISA: Core System and Tier One
1. Enrollment Center and Kit
2. Iris-Scan and creation of digital
5. Biometric data on badge verified (‘one-
to-one’ match) by electronic readers at
3. Fingerprint Scan and creation of ECP.
• Collect biometric data on all local- and third-country nationals (LN/TCN) accessing US bases in Iraq.
• Screens applicants against ABIS/IAFIS; If vetted then produces & issues access credential based on unique (person‟s) fingerprint &
photo. Digitally verify biometric at each entry to assure identity.
• Electronic storage of biometric characteristics on „smart-card‟ biometric template provides tamper-proof, forge-proof base-access
credential, which also includes privilege (DFAC etc) eligibility and other commonly-required data. At verification (at ECP), electronically
stored data is compared to individual data by all-electronic means; one-to-one match performed between digital image vs actual
fingerprint of holder.
• Designed for turn-key deployment & operation in communications-austere and otherwise unfavorable (eg climate, dust, etc)
• Package includes structures (trailers and conexes) to house and store components and operators of the system.
BISA: Tier Two
1. Enrollment Kit 2. Card Issue Kit, printer 3. Verification Kit
• See BISA Chart Above. The „Tier II‟ system is able to provide full functionality but uses NIPR net communications, avoids Command &
Control Van, has smaller foot print, and is easily packed and moved in pelican cases and therefore is adaptible to both mobile
operations and regular operations at smaller sites employing LN/TCN.
• Facilitates military operators, contractor operators, or mobile enrollment teams.
• Optional smart card printer. Alternative is to courier badges to tier II sites such as FOBs. Courier concept extensively used during
initial Tier I operations.
• The basic functions and expected practices correlate directly with the existing MNFI Force Protection Policy Annex G under which over
193,000 “MNFI Badges” (BISA smart cards) have been printed.
• Biometrics of badge holders vetted against the watch list, ABIS, and AFIS.
• Tier Two equipment consists only of system components. It is assumed that operating unit will provide shelter and other associated
facilities for all components and operators.
DRS “Hammerhead device with IRS
scan device shown. Device also
shows potential to check cards
• System takes advantage of the faster processing speed for iris-searches (vs fingerprints or other unique biometric characteristics), and
high storage capacity of new verification device.
• Dayworkers will receive full BISA biometric enrollment. Biographical & biometric data will be vetted against and stored in ABIS per
routine system requirements. However, dayworkers will not receive a smart card/BISA badge. Instead, the images of their iris-scans
taken at enrollment will be stored on the verification device used at ECP (shown above). At entry, each dayworker will have his iris
scanned, and that image will be run against all images stored on the verification device to confirm identity and eligibility for entry.
• Each site or base will have a tailored database with replication to occur every 24 hours. Master server will have all dayworker records
and also be updated on a daily basis.