Homeland Security cheers its emerging digital ID privacy technology — an online portal
The mobile portal launched in February by the Department of Homeland Security for travelers will protect the privacy and digital ID of its users, according to an assessment by the department.
That is not the achievement the government seems to think it is. An announcement of the portal in February described it as “emerging technology.”
CBP One (as in Customs and Border Protection) ties into a small number of services, which can be accessed with one login and password for each user. Officials say more services are on the way, each with its own existing privacy protections.
It can be downloaded from Apple’s App Store And Google’s Play app portal.
At the moment, people can use CBP One to apply for I-94 travel documents, which are required by foreign visitors to the country, view their travel history and other operations.
Logistics firms including brokers, carriers and forwarders, can use CBP One to schedule inspections of perishable cargo.
A lengthy, eight-point privacy impact assessment of CBP One states that information transacted will not reside on a user’s device or within the app. It instead will be stored in the systems used by the agency providing a particular service.
Authentication to CBP One is performed through the person’s a Login.gov account, which is signed into with an email address, password, and multi-factor authentication, according to the document. Digital identity proofing is also carried out through Login.gov. Data in the account, the department says, is not shared with Customs and Border Protection.
CBP One also provides a face biometrics capability for recognized international organizations, such as the International Organization for Migration (IOM), to help migrants check their immigration status by running a check, with the individuals consent, against a pre-staged biometric Traveler Verification Service (TVS) gallery. The query returns only a confirmation of status or that the individual is not found in the gallery.
In the case of foreign travelers, the digital ID data will, as usual, be in Homeland Security’s I-94 database. There it will be protected by the policies and tactics created for the database. Information about the portal does not say who owns or manages that database.
The data of logistics users is stored in Amazon’s Web Services Cloud East.