New ICE mobile app pushes biometric policing onto American streets

U.S. Immigration and Customs Enforcement (ICE) has quietly deployed a new surveillance tool in its Enforcement and Removal Operations (ERO) arsenal – a smartphone app known as Mobile Fortify. Designed for ICE field agents, the app enables real-time biometric identity verification using facial recognition or contactless fingerprints.
Based on leaked emails reported by 404 Media, the introduction of Mobile Fortify marks a profound shift in ICE’s operational methodology of using traditional fingerprint-based stationary checks to using mobile, on-the-go biometric profiling that echoes the type of border surveillance previously confined to airports and ports of entry.
Mobile Fortify was built to integrate seamlessly with multiple Department of Homeland Security (DHS) biometric systems. Agents using ICE-issued mobile devices can now photograph a subject’s face or fingerprint, triggering a near-instant biometric match against data sources that include CBP’s Traveler Verification Service and DHS’s broader Automated Biometric Identification System (IDENT) database which contains biometric records on over 270 million individuals.
This level of portability and automation suggests a capability that is poised to extend biometric surveillance far beyond designated checkpoints and into neighborhoods, local transport hubs, and any environment in which ICE officers operate.
Facial recognition, though notably less reliable than fingerprints, is nevertheless embedded in the app’s core functionality. A February 2025 DHS Inspector General audit had warned that reliance on facial recognition risked misidentification. ICE agents have been observed pointing phones at individuals in cars during protests and other domestic operations, although it remains unclear whether Mobile Fortify was active in those encounters.
The presence of a “training mode” within the app’s software though suggests that ICE envisions a spectrum of deployments from casual identity checks to more deliberate urban biometric sweeps.
Although ICE officials stress that biometric matching happens in real time, the underlying model appears to be automated. A mobile photo or print is captured, transmitted to a DHS server linked to identity repositories, and compared through algorithmic matching – most likely involving AI-enhanced pattern recognition.
DHS’s own AI Use Case Inventory confirms that ICE deploys AI for public safety and immigration enforcement tasks, including facial recognition and predictive analytics. The Mobile Fortify app thus fits into a broader ICE strategy of integrating AI-driven biometric data mining with field operations.
An audit last September by DHS’s Inspector General highlighted serious security concerns within the landscape of ICE’s mobile-device ecosystem. The audit revealed that ICE failed to apply required government security settings to roughly 73 percent of its mobile devices, and allowed employees to install unsecured, high-risk apps sourced potentially from China, Russia, or other adversarial nations.
ICE also admitted that some of its mobile devices – notably those used overseas – lacked threat-detection security software. In one sample, 30 percent of mobile devices disposed between late 2021 and mid-2023 had unclear or missing sanitization logs, raising fears that sensitive biometric data may have been left exposed.
Compounding this, a lack of formal policies governing overseas device use led to instances where U.S. mobile devices were connected to unauthorized foreign networks, potential entry points for espionage or supply-chain attacks.
Beyond digital vulnerabilities, the legal framing of Mobile Fortify demands scrutiny. Border surveillance tools such as CBP’s facial recognition at ports of entry have legal authority rooted in border-entry reviews and consent-based processes. But using those same systems in domestic policing without public notice, warrants, or even agency guidelines opens the door to constitutional questions under the Fourth Amendment.
Indeed, and this friction points to a critical oversight gap wherein ICE’s mobile biometric strategy appears to have outpaced legislative scrutiny and civil liberties review. A DHS AI inventory outlines data mining and facial recognition use cases without acknowledging whether privacy safeguards like compliance auditing or retention schedules exist.
Meanwhile, watchdog groups note that ICE has intertwined biometric data with internal analytics and external feeds such as financial records, social media data, and location tracking as part of a larger mission to proactively identify potential violations. A Request for Information published by ICE in June alluded to future efforts to develop AI-powered monitoring tools capable of surveilling a million individuals or entities simultaneously, suggesting a biometric push that goes far beyond simply verifying identity.
In parallel, ICE continues to expand its global biometric footprint. The BITMAP initiative equips foreign law enforcement partners with mobile biometric collection capabilities, enabling data sharing with DHS to identify so-called “known or suspected terrorists,” gang members, or cross-border criminals. This strategy dovetails with Mobile Fortify, painting a picture of a unified biometric sweep across digital, geographic, and operational domains.
The underlying mobile device environment used by ICE could pose substantial security risks. The 2024 DHS audit revealed widespread shortcomings in mobile threat defenses, making agency devices susceptible to spyware, third-party app exploitation, and accidental leakage. A lost or compromised device, especially one storing un-sanitized logs of biometric scans or geolocation data, could expose individuals to serious privacy violations or national security threats.
Legal concerns also persist. Unlike fixed border checkpoints, ICE Enforcement and Removal Operations (ERO) officers operate across local jurisdictions, including workplaces, transit systems, and private property, often without clear statutory guardrails or warrants.
This flexibility allows the app to extend biometric surveillance into areas where individuals may not anticipate being scanned or identified by government agents. The reach of Mobile Fortify therefore could exceed traditional expectations of law enforcement encounters and raises fundamental questions about due process and constitutional protections.
Contributing to these concerns is the existence of an expanding biometric infrastructure that spans domestic and international systems. Databases like IDENT and its eventual successor, the Homeland Advanced Recognition Technology (HART) platform, now store not only fingerprints and facial images, but also iris and gait patterns.
These databases are interwoven with systems such as the Enforcement Integrated Database and Palantir’s analytics platforms, creating a networked surveillance ecosystem. Data captured through Mobile Fortify appears to flow directly into these repositories with little public insight into how it is verified, corrected, or challenged.
Oversight, meanwhile, remains minimal. DHS has yet to issue formal rules clarifying who may use Mobile Fortify, which populations it targets, how long biometric data may be stored, what legal authorities justify its use, or what audit controls apply. Without meaningful oversight, the deployment of Mobile Fortify risks setting a precedent for expansive, mobile biometric surveillance untethered from constitutional constraints or public accountability.
Without stronger security postures and clear biometrics guardrails, ICE is hurtling toward a frontier that its current policy and oversight structures appear unprepared to regulate.
Article Topics
biometric identification | biometrics | contactless biometrics | DHS | facial recognition | fingerprint biometrics | ICE | law enforcement | mobile app | Mobile Fortify | Traveler Verification Service
Comments