FB pixel

DHS audit finds several flaws in Coast Guard’s biometric system


The Department of Homeland Security’s Office of Inspector General recently audited the US Coast Guard’s (USCG) biometric system, in which it encountered several issues that may be affecting the timely and accurate identification of suspected terrorists, felons and other individuals of interest, according to a report by HS Today.

Federal law requires the USCG — which is tasked with protecting the country’s maritime borders – to implement a program that identifies any unknown individuals in the maritime environment.

To fulfill this requirement, the USCG operates Biometrics at Sea Systems (BASS) on 23 of its warcrafts to acquire biometric data from anyone trying to illegally enter the country.

Once collected, the agency sends the biometric data to DHS’s Automated Biometric Identification System (IDENT), a centralized database storing biometric and biographic information used for efforts relating to national security, law enforcement, immigration and border management.

The BASS system is comprised of a portable handheld device to scan fingerprints (which was upgraded in 2012 from a 2-print fingerprint to a 10-print fingerprint capability), a laptop, and an encrypted hard drive.

After reviewing the USCG’s biometric identification system, the Inspector General discovered that USCG did not regularly update IDENT with biometrics.

The Coast Guard did not keep an independent count of the number of biometrics it sent to IDENT, and as a result, it was unsure as to how many biometrics are currently stored in IDENT.

The National Institute of Standards and Technology (NIST) said the USCG must regularly update IDENT with new biometrics in order to maintain the “integrity, accuracy and completeness of data.”

USCG said they failed to implement a regular reconciliation process because they did not know who owned the biometric data sent from the warcrafts. However, once the DHS OIG’s audit was completed it became clear that USCG owned the data.

“Consequently, USCG and other law enforcement agencies are hampered in their ability to properly identify whether intercepted persons are known or suspected terrorists, aggravated felons or individuals previously ordered to be deported or already deported from the United States,” said the IG.

Other significant problems found in the audit include failure to update all security plans when USCG updated from the 2-fingerprint to the 10-fingerprint system, failure to have the right documentation in place for the BASS Interface Control Agreement and System Security Plan, and enabling application programmers to share passwords.

The IG determined “USCG could not provide assurance that it 1) identified and considered all threats and vulnerabilities, 2) identified the greatest risk, and 3) made appropriate decisions regarding which risks to accept and which to mitigate through security controls.”

The DHS’s Inspector General made several recommendations to USCG based on the audit, including maintaining a BASS aggregate control log to verify biometric transactions from the 23 warcrafts, updating biometrics with IDENT, updating security documents, eliminating the use of common passwords, and ensuring it adheres to the changing management policies.

Article Topics

 |   |   |   |   | 

Latest Biometrics News


U.S. academic institutions get biometric upgrades with new partnerships

A press release says ROC (formerly Rank One Computing), which provides U.S.-made biometrics and computer vision for military, law enforcement…


Smart Bangladesh 2041: Balancing ambition with reality

Bangladesh aims to be a “Smart” nation by 2041 as the country goes through a drastic transformation founded on digital identity…


Nigeria’s NIMC introducing one multi-purpose digital ID card, not three

The National Identity Management Commission of Nigeria (NIMC) has clarified that only one new digital ID card with multiple functions…


Age assurance tech is ready now, and international standards are on their way

The Global Age Assurance Standards Summit has wrapped up, culminating in a set of assertions, a seven-point call-to-action and four…


NIST finds biometric age estimation effective in first benchmark, coming soon

The U.S. National Institute of Standards and Technology presented a preview of its assessment of facial age estimation with selfie…


Maryland bill on police use of facial recognition is ‘strongest law in the nation’

Maryland has passed one of the more stringent laws governing the use of facial recognition technology by law enforcement in…


17 Replies to “DHS audit finds several flaws in Coast Guard’s biometric system”

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Read From This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events