CBP will implement long-mandated biometric exit at airports, official says
U.S. Customs and Border Protection is finally addressing the 15-year-old-plus legislative mandate to check the identity of departing foreign visitors using biometrics, CBP Deputy Executive Assistant Commissioner John Wagner said Thursday.
“Frankly, the government has struggled with this [mandate] for more than 10 years,” Wagner told the FedScoop Digital Nation Summit presented by SAP.
Wagner said the goal would be accomplished by making use of existing data collection, the latest facial recognition technology and cloud computing. He acknowledged there would be privacy issues – particularly because the facial recognition technology would capture images of U.S. citizens as part of the overall process.
“We’re out of time, we’re out of excuses,” Wagner said.
The first legislative mandate for an automated identity check on departing foreign visitors dates back to the 1996 Illegal Immigration Reform and Immigrant Responsibility Act, and since 9/11 Congress has passed three laws requiring the Department of Homeland Security to set up a biometric exit system.
The lack of proper infrastructure had been a big reason why the mandate had languished, Wagner said. “We’ve had pilots … we’ve looked at ways of using mobile technology … we’ve talked to TSA [about using their checkpoints] we’ve talked to the airlines, to the airports.”
But the fact remains, he said, “We just didn’t build our airports and we didn’t build our land ports of entry with departure control in mind.”
A major problem was that with 200 million fingerprint sets and about a billion photos, the database containing the biometric information on foreign visitors would take 2-3 days to discover the identity of a departing passenger from a print or photo – a so-called one-to-many match.
“That’s the way these systems have been architected … and they are old clunky legacy systems,” he said.
When arriving passengers are checked, instead of a one-to-many match, the biographical data from the passport is used to pull the biometric data from the database and then the passenger’s identity is confirmed against their own biometrics — called a one-to-one match. The fingerprints are also run one-to-many against a much smaller dataset — the one consisting of prints of wanted fugitives and suspected terrorists.
The process, Wagner said, takes about 2 minutes, which makes it impractical to repeat for departing passengers at the boarding gate. “You’ve seen the boarding process,” he noted.
“We could nail a piece of tech to the floor and make people walk through it,” he said, but that would be impractical. “It would take 3-4 hours to board but [we could take the attitude] ‘That’s not my problem, I have a legislative mandate to fulfill.'”
The a-ha moment, he said came with the thought, “What about leveraging existing processes, existing data we’re already collecting?”
Currently, when a passenger checks in for a departing international flight, their biographical data is sent to CBP, where it is checked against terrorist watchlist data. CBP immediately starts to build a manifest for the flight using the biographical data, Wagner said.
“What if we could use that [biographical data] to pull the photos of the departing passengers on that flight into a segmented cloud” and then check the faces of those boarding the plane, one-to-many, against that dataset, which he said would take only a few seconds because of its small size and the efficiency of the latest matching algorithms.
Wagner said he had a stroke of luck in finding “That one IT guy who says, yeah, that might work” and that the technology had been piloted at Hartsfield-Jackson Atlanta International Airport and was now being tested at Dulles as well.
It’s “easy for travelers, not as imposing as us taking fingerprints,” he said and the infrastructure was “A camera on a pole.”
Moreover, he added, the same process could be used “any place you have to show your ID [in the airport] … the TSA checkpoint, the duty free store, the [executive] lounge.” Instead of showing an ID, a passenger’s identity and flight could be confirmed using facial recognition, checked against the picture in the CBP segmented cloud.
“We really see a very efficient process,” he said.
However, “There are some very significant privacy issues that have to be addressed,” he acknowledged. The DHS privacy office last month published an assessment of the pilot program, and some privacy advocates are bound to question the way CBP plans to fulfill the exit mandate.
Nonetheless, Wagner said, CBP were determined to push ahead. “We’re gonna build that cloud space,” he said.