While the IC’s research organization looks into adding security to cloud environments, in the here and now, intelligence agencies are sharing more data.
U.S. Customs and Border Protection (CBP) has started to deploy facial recognition biometric technology to monitor people who are exiting the country.
The limited deployment for exits is starting at Washington Dulles International Airport for one daily flight from the United States to Dubai, according to a CBP statement.
The deployment builds upon a June 2016 pilot program at Hartsfield-Jackson Atlanta International Airport using facial recognition. CBP, a component of the Department of Homeland Security, plans to use the technology at additional airports this summer.
The successful deployment of the technology comes after years of research, development and testing by the CBP to find a workable solution to track whether people are overstaying their visas via biometric identification. If it proves viable at the airports, it could become more widely used by CBP and potentially other agencies, which have been testing biometric technology to minimize cyberthreats and streamline system access.
John Wagner, CBP deputy executive assistant commissioner, hinted that a solution was at hand during a May 23 House Homeland Security Committee hearing on visa overstays, in which he indicated that the agency had found a feasible technical option, FCW reported.
Wagner said at the hearing that the CBP found the solution by moving “the biometrics of the traveler expected to be on a departing flight out of the DHS [Office of Biometric Identity Management] database and into its own temporary secure database until we encounter the person.”
How soon could the technology be expanded to other airports? “It’s a matter of building out the IT back-end services and infrastructure to support this on a national basis, while simultaneously working with industry stakeholders to incorporate their own automation efforts into the exit infrastructure,” Wagner said, according to the website Biometric Update.
In a privacy impact assessment document detailing the new technology, CBP notes that, although biometric screening for those entering the country has been in place since 2004, the agency continued to develop and test various systems and processes in order to identify a method for comprehensive biometric exit screening, including the creation of exit records for individuals departing the United States.
Photo credit: Subhashish Panigrahi/Wikimedia Commons
CBP has been authorized to spend up to $1 billion in certain visa fee surcharges collected over the next 10 years to fund biometric entry and exit technology. DHS says 629,000 visitors to the U.S. overstayed their visas in 2016 due to the lack of a biometric exit system, according to the Biometric Update article. Wagner said at the hearing that the trial in Atlanta, in which a facial image is captured and compared to a database without first reading the traveler’s passport, has processed 28,000 people with accuracy in the “high ninetieth percentile,” the site reports.
By partnering with stakeholders on a voluntary basis and using biometric technologies, the assessment document notes that the CBP will make air travel more secure, “by providing increased certainty as to the identity of airline travelers at multiple points in the travel process.” It also says air travel will become more predictable, “by establishing a clear, easily-understood process that will reduce the potential for major ‘bottlenecks’” during air travel. And it says the agency will be “able to build additional integrity to the immigration system, by better identifying which foreign nationals are violating the terms of their admission to the United States, and by providing capability for immediate action when that occurs.”
CBP uses flight manifest data and existing photographs of U.S. citizen and non-U.S. citizen travelers boarding international flights in order to confirm the identity of the traveler, create an exit record, and biometrically confirm the exit of in-scope non-U.S. citizens.
A CBP system will generate biometric templates of the historical images of travelers for a given flight and will temporarily store those templates, but not the actual images, in a virtual private cloud (VPC) prior to boarding. These images include photographs captured by CBP during the entry inspection, photographs from U.S. passports and U.S. visas, and photographs from other DHS encounters.
As boarding begins, each traveler will approach the departure gate to present a boarding pass and stand for a photo in front of a CBP-owned camera, each of which will be connected to the VPC via a secure, encrypted connection, according to CBP.
Once the camera captures a usable image, it will submit the image to CBP’s cloud-based, back-end facial matching service via an HTTPS/secure sockets layer-encrypted connection. The matching service will then generate a template from the departure image and use that template to search the photos on file.
The matching service will return faces that best match the reference face, thus verifying the identity of the traveler. If a match is found between the newly-captured image template and the pool of previously-captured image templates, a light will signal the match, and CBP (or in some cases, a trained representative from the airline or airport) will direct the traveler to proceed to the aircraft.
However, if the camera is unable to capture a satisfactory image within a reasonable amount of time, the traveler will be required to stand for another photo. If, after repeated attempts, the identity of the traveler cannot be verified, a CBP officer will escort the traveler from the boarding area and attempt to verify his or her identity using alternative methods.
As CBP verifies the identity of the travelers, either through automated facial recognition or manual officer exception processing, the back-end matching service returns the “match/no-match” results, along with the respective associated unique identifier, back to CBP’s system.
CBP will continue to retain biographic exit records for 15 years for U.S. citizens and lawful permanent residents and 75 years for nonimmigrant aliens, consistent with its regulations.
According to CBP, it will temporarily retain all photos within the isolated part of its system to support system audits, evaluate the facial recognition technology and ensure accuracy of the facial recognition algorithms.
CBP staff will manually review system-generated matches related to the identification of a U.S. citizen in order to confirm that the match was correctly made. All newly-captured photos and templates will be deleted from the system within 14 days but will be deleted from the virtual private cloud no later than after the conclusion of the flight. The VPC does not store either photos or templates permanently, according to CBP.
Airlines are also working to implement biometric technology. JetBlue recently announced a collaboration with CBP to test facial recognition technology for a new self-boarding process as part of ongoing trials to implement a biometric exit process.
The program will start this month on flights from Boston Logan International Airport to Queen Beatrix International Airport in Aruba.
“Flyers don't need to enroll or preregister to opt in — they'll just step up to the camera at their gate during the boarding process for a quick scan and a comparison with the computer's database of passport photos,” CNET reports.