Best listening experience is on Chrome, Firefox or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.
Both Customs and Border Protection and the Transportation Security Administration continue to expand the use of facial recognition technology to verify traveler identity, with both agencies touting both the security and customer experience benefits of using biometrics, while pledging to safeguard privacy and security.
CBP has processed 223 million travelers since introducing the biometric entry-exit program at airports and other locations since 2018, confirming about 175,000 overstays with non-citizens leaving the country, as well as more than 1,600 imposters at ports of entry, according to Diane Sabatino, deputy executive assistant commissioner for the Office of Field Operations at CBP.
“We’re going to continue to focus on expanding biometric exit through public-private partnerships, and increasing the number of passengers who experience biometric boarding at both airports here in the U.S., as well as looking to our international partners to leverage biometric boarding overseas,” Sabatino said last week at the Identity Week America conference in Washington.
CBP’s Traveler Verification Services (TVS) uses facial recognition to match the photo of a traveler against a “gallery,” or database of images CBP maintains, including passport and visa photographs, and photographs from previous entry inspections or from other DHS encounters, according to the program’s latest privacy review.
TSA, meanwhile, is already using facial recognition technology at security screening checkpoints where a photograph taken of a passenger can be compared with the photograph on their ID. The process is known as “one-to-one” face matching.
But TSA is also testing out “one-to-many” or “one-to-n” facial recognition where a live image of a passenger taken at the airport is compared to a gallery from CBP’s TVS system.
TSA is evaluating the use of TVS through a pilot program at Atlanta and Detroit airports for passengers in TSA PreCheck and CBP’s Global Entry program who opt-in to using the facial recognition system through the airline’s mobile application.
The pilot has been underway since last spring, and TSA is now preparing to expand it more widely, according to Melissa Conley, acting deputy assistant administrator for the office of requirements and capabilities analysis at TSA.
“With the CBP partnership with one-to-n, we’re getting ready to scale that to multiple different airports,” Conley said at the Identity Week America conference.
Both CBP and TSA are promoting the customer experience benefits of using facial recognition to verify traveler identity, namely faster processing times for security screening, as well as entry and exit checkpoints. Officials say they want to introduce a “touchless curb-to-gate” experience.
“I never thought that I’d be walking from curb to gate in Atlanta with my face,” Conley said.
She said the challenge is partnering with airports and other stakeholders to meet everyone’s needs.
“We’ve got multiple different airports who are coming to us, and they want to create this, touchless journey across each touchpoint, from curb to gate, and so they all have a different take on what they want,” Conley said.
But privacy and security concerns continue to remain paramount as agencies test out facial recognition technologies. Sabatino says CBP wants vendors to design “secure privacy features” into their products.
“It’s critical for us to ensure that we have that public trust that actually enables us to do the work that we do every day,” Sabatino said. “We’re committed to the privacy of all travelers, which has been at the core of our entry-exit efforts from the very beginning. And we have built in the privacy and security safeguards, and conduct regular audits and penetration testing to ensure that compliance and privacy impact assessments are available publicly.”
In July congressional testimony, the Government Accountability Office highlighted how CBP has not audited most of its commercial partners to ensure they follow privacy and security requirements, such as restrictions on the use and retention of traveler photos.
CBP began auditing some partners after a 2019 data breach involving a subcontractor that downloaded photos used in the agency’s facial matching pilot test, according to GAO.
In a follow-up interview with Federal News Network at the Identity Week America conference, Sabatino said CBP has completed seven privacy audits so far. Some of the audits may be specific to one airport, while others cover vendors that operate across multiple locations, she said.
“We work with the airport authorities to ensure that they have vendors that meet the business requirements for the traveler verification service,” Sabatino added. “But the airport authorities or the airlines themselves are the ones that work with the vendors and identify the vendors.”
CBP says U.S. travelers and some foreign travelers can opt out of using facial recognition during entry and exit processing.
“The numbers of people who opt out, it’s negligible,” Sabatino said. “It’s not even something that we measure because it doesn’t happen with any significant frequency at all.”