FB pixel

TSA to conduct 2nd evaluation of travel ID biometric verification technology

Security concerns over imposters have lingered for as long as there’s been a TSA.
TSA to conduct 2nd evaluation of travel ID biometric verification technology
 

A short-term proof of concept evaluation of the automation of the identity verification portion of the Travel Document Checker (TDC) system using biometric technology will be performed by the Transportation Security Administration (TSA) at the Las Vegas McCarran International Airport (LAS).

TSA said it will be assessing the ability to compare passengers’ live facial images at security checkpoints against an image taken from passengers’ identity document(s) for passengers who opt to participate in the test.

TSA has been exploring the use of biometric matching technologies with a focus on facial recognition “as the primary means of identity verification for aviation security screening,” as well as to improve the speed, efficiency, and security of TSA’s identity verification process.

TSA said it not only “expects … facial recognition” to eventually “permit TSA personnel to focus on other critical tasks” and to expedite security processes,” but that “biometric matching” will “increase TSA’s security effectiveness by improving the ability to detect impostors.”

Security concerns over imposters have lingered for as long as there’s been a TSA.

On October 29, 2010, a young Asian man boarded an Air Canada flight in Hong Kong bound for Vancouver wearing a sophisticated facial prosthetic that effectively disguised him as an elderly man. It sounded alarms among counterterrorism authorities, including then Department of Homeland Security (DHS) Secretary Janet Napolitano, who said the use of such a disguise raised serious questions about whether it could be used as a tactic to smuggle terrorists into the United States.

A year earlier, Saudi counterterrorism intelligence officials warned Al Qaeda and its associated movements’ use of disguises — including the use of “cosmetic tools” — was a signal that the terror organization believed “disguise and masquerade” could be used to significant effect. In earlier 2010, the Yemen branch of Al Qaeda boasted it could infiltrate terrorists into Israel disguised as Somali refugees from Egypt or as new immigrants from Ethiopia.

A Canada Border Service Agency (CBSA) intelligence alert called the Air Canada incident an “unbelievable case of concealment.” Canadian Public Safety Minister Vic Toews said the matter “is very troubling.”

The young man on the Air Canada flight wore a silicone head and shoulder prosthetic that can be bought online. It resembles an elderly Caucasian male. The young man topped his mask with a brown leather cap and glasses, and donned a brown cardigan sweater. The effect can fool many people, which is the intent. The young man was caught only after exiting the aircraft’s bathroom without his disguise prior to landing at Vancouver International Airport.

The full-head prosthetic was made by SPFX Masks, which specializes in highly detailed, full-head appliances. Designed to move with the user’s facial muscles, when combined with hair and makeup to better conceal any telltale signs of its silicone construction, the prosthetic is disturbingly lifelike. Each mask is manufactured using high-grade silicone that is hand painted by veteran special effects and make-up artists. The masks can take months to complete and can be augmented with matching hand and arm “gloves.”

While neither Canadian nor US authorities suggested the young man had any ties to terrorism and that passengers were never in any danger, the ability of the man’s disguise to go undetected raised serious questions. The young man is said to have donned his elaborate disguise once he’d passed through security as himself, and then used an older man’s legitimate US passport, other identification and boarding pass.

During a press briefing with then Israeli Defence Minister Ehud Barak at the Halifax International Security Forum, Napolitano said, “I saw the pictures [of the mask the young Asian man wore] but I don’t have the actual operational details, but I think these are further illustrations of different tactics and techniques [that terrorists could use] … I think a lot of us have questions about how this happened and how he was able to get on the plane.”

Then there’s the work of Robert “Bob” Barron, a certified clinical anaplastologist who for more than twenty years was the CIA’s top Advanced Disguise Specialist. He successfully constructed highly detailed, hand-crafted prosthetic facial appliances for undercover spies; effectively giving them a new face that was unable to be detected close-up. Today, Barron makes custom-made realistic silicone prosthetics for people whose faces are disfigured. His facial prosthetics — which he hand makes — are indistinguishable from real human features.

“The advanced disguises needed to be realistic enough to pass close scrutiny and distract attention away from officers to protect their lives,” Barron said for a CIA story about him on the Agency’s website. “Their lives were in jeopardy if the disguise attracted attention … agents depend on the realism of that disguise to keep them alive, and their lives would definitely be in jeopardy if that disguise attracted attention …”

The ability to apply biometrics to an airline passenger’s face in real-time and to biometrically match it to the face on the ID document presented by the passenger is expected to address this, and other similar security threats.

During the initial proof of concept performed by TSA at Los Angeles International Airport (LAX), TSA employed biometric-enabled automated electronic security gates with a camera that captured and compared a real-time facial image with the image from a passenger’s e-Passport. During the proof of concept being conducted at LAS, however, TSA will not use automated gates, but instead will deploy a Credential Authentication Technology (CAT) device that will be equipped with a camera at the checkpoint.

This CAT with Camera (CAT-C) technology will validate that the identity document presented by individual passengers is authentic by collecting the photo image and biographic information of passengers from their ID, then capturing the passenger’s live facial image. The CAT-C will then compare the live facial image of the individual to the image from the passenger’s identity document using a proprietary facial matching algorithm in order to verify that the document belongs to the person presenting it.

The results of the CAT-C evaluation will be “used to help inform future TSA plans and biometrics requirements development and identify and mitigate any performance issues and operational concerns,” TSA said.

“Once the facial matching result is recorded,” TSA said, “personnel staffing the CAT-C will direct the passenger to the standard TDC. All passengers must complete the standard TDC process for manual identity and travel document verification, regardless of the CAT-C biometric matching results. The passenger’s facial image, along with certain biographic information from the passenger’s identity document, will be collected by TSA and retained for subsequent qualitative and quantitative analysis” by the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) for this proof of concept.

TSA said this “data will be obfuscated to the greatest extent possible,” and that the agency “will store this data on a removable TSA-owned encrypted hard drive attached to the CAT-C.”

TSA explained that personnel will remove the encrypted hard drive each day and transfer it to S&T personnel each week. The transfer from TSA to S&T personnel will be in person locally at LAS or in the “Washington, DC metropolitan area or by certified mailor courier.”

S&T will “extract biometric images provided by TSA for the purpose of generating biometric templates from biometric images. This data transformation is not-reversible and converts biometric images into templates. Original biometric images cannot be recovered from the templates.” S&T will use the data and information it receives during this pilot solely for the purpose stated in a Memoranda of Agreement (MOA) between it and TSA, and according to the test plan developed for the effort.

DHS said S&T will consult with the National Institutes for Standards and Technology (NIST) during the assessment of the facial-matching algorithm to assure the analysis methodologies are in accordance with industry standards.

To participate in this second proof-of-concept test, TSA said “passengers will voluntarily choose to enter a lane dedicated to the proof of concept. Signs will be posted and hand-outs will be available so that individuals may make an informed decision about whether or not to participate. All participants, regardless of match result, will still be required to pass through the standard TDC identity verification process before being granted access to security screening.”

During the procedure, CAT authenticates the security features on an individual’s ID to validate legitimacy and collects the document’s biographic data (e.g., name, date of birth, and gender) and transmits it over TSA’s wireless computer network to TSA’s Secure Flight database to confirm the passenger’s ticketing and vetting status via TSA’s Security Technology Integrated Program (STIP) interface.

Currently, a TSA employee performing TDC functions verifies a person’s identity at the checkpoint by manually validating the identity document and boarding pass presented by the passenger, comparing the photograph on a passenger’s identity document to the passenger’s face, then comparing the document’s biographic information to the biographic information on the passenger’s boarding pass.

The passenger data that will be collected and transferred to S&T for analysis includes:

• Real-time images of the passenger’s face (live photo from the checkpoint);
• Passenger’s photograph from the identity document;
• Identification document issuance and expiration dates;
• Date of travel;
• Type of identification document;
• Organization that issued the identification document (e.g., the state that issued the passenger’s driver’s license, or the Department of State in the case of passports);
• Year of passenger’s birth;
• Gender/Sex as listed in the identification document;
• Obfuscated identification document number;
• Obfuscated Passenger Name as listed in the document; and
• Obfuscated date of birth as listed in the document.

Related Posts

Article Topics

 |   |   |   |   |   |   |   | 

Latest Biometrics News

 

US courts training plaintiffs and defendants on repurposing biometric data

A potential class action alleging biometric data privacy violations has been filed against photo storage site Photobucket. The twist is…

 

IANs are the digital fraud protection overhaul the US needs: Liminal

Digital identity authorization networks do not exist as products or services that can be purchased today, but Liminal sees major…

 

CISA, Five Eyes issue hardening guidance for communications infrastructure

The threat landscape for communications infrastructure has intensified significantly, with adversarial groups such as People’s Republic of China (PRC)-affiliated threat…

 

KakaoBank nets 15 million users for digital certificate that enables IDV, authentication

South Korean firm KakaoBank has announced that its digital certificate service has surpassed 15 million users. A piece in Business…

 

Japanese govtech startup raises 600 million yen (US$4M) in funding

A release from the Tokyo-based digital ID firm Cross ID says it has raised a total of approximately 600 million…

 

Biometric passports in Google Wallet take (domestic) flight in US

Google Wallet’s feature for digitizing U.S. biometric passports has graduated to a production launch, enabling domestic travel within the country…

Comments

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Viewed This Week

Featured Company

Biometrics Insight, Opinion

Digital ID In-Depth

Biometrics White Papers

Biometrics Events