ICE contract secures nationwide access to private iris biometric database

U.S. Immigration and Customs Enforcement (ICE) is moving to give its Enforcement and Removal Operations (ERO) agents nationwide access to a private iris biometric database containing more than 5 million booking records under a firm-fixed-price sole-source contract with Bi2 Technologies.

Through a new sole-source contract, ERO agents will have direct access to Bi2’s Inmate Identification and Recognition System (IRIS) and its Mobile Offender Recognition and Identification System (MORIS).

Bi2 holds the only non-federal national real-time web-based iris biometric network and database specifically tailored for law enforcement.

The contract fits squarely inside the Trump administration’s broader immigration enforcement strategy, using biometric identification infrastructure to expand the speed and reach of field identification during ICE operations.

The award follows a September 2025 $4.6 million contract to Bi2 for iris biometric recognition technology for offender recognition and access to a biometric information system to allow ICE agents to quickly authenticate the identity of subjects during field operations.

The latest contract covers licenses for IRIS and MORIS for ICE ERO and is structured as a 12-month firm-fixed-price award, with a listed period of performance from June 1 through May 31, 2027.

The scale of the procurement is significant. ICE says the requirement will provide “immediate access” to more than 5.025 million booking records for more than 1.5 million unique individuals across the U.S.

In practical terms, the contract would allow ICE personnel to query Bi2’s IRIS database and use MORIS to authenticate identities in the field.

ICE says the system will support rapid identity confirmation for individuals encountered during ICE operations and is intended to enhance ICE’s ability to “quickly and accurately identify individuals encountered during ICE operations.”

The deliverables go beyond database access. Bi2 is required to supply 1,570 IRIS biometric devices to ICE for deployment at designated locations nationwide within 30 days of award and maintain the operational capability of those systems for the duration of the contract.

The enterprise license is broad. The Statement of Objectives says ICE will receive 24/7/365 electronic access to IRIS records on “agnostic platforms,” including Microsoft, Apple and Android, for both fixed and mobile devices.

The access is to be available to an unlimited number of users and support an unlimited number of queries and bulk downloads. The contractor must also provide complete identity and booking records in response to authenticated identities and provide ICE with immediate mobile access to MORIS on any platform.

The documents also call for real-time alerting. Bi2 must support ICE in configuring recurring real-time alerts based on defined criteria “in support of continuing and emerging initiatives.”

This provision is notable because it moves the system beyond one-off identity checks and into a standing notification capability, potentially allowing ICE to be alerted when database activity or biometric matches meet agency-defined conditions.

The contract documents include several privacy and security restrictions, though they also underscore how much sensitive data would move through the system.

Bi2 must display a login splash screen outlining permissible uses of the system and data, and users must affirmatively consent to the rules of behavior before access is granted.

It must also preserve available monitoring and packet-capture data for at least 180 days, provide a draft security plan, and explain how it will work toward FedRAMP certification.

ICE requires that Bi2 not use agency query data for its own purposes or share it with other customers, business partners or other entities.

The contractor must immediately delete images submitted by ICE after processing them to determine potential matches, and it may not use data from ICE queries for commercial purposes.

Algorithms, templates, or query results generated from ICE submissions may not be used for other Bi2 customers, with ICE limiting the contractor’s use of queries to maintaining an audit log.

The mobile application requirements are similarly focused on security controls around law enforcement sensitive (LES) information and personally identifiable information (PII).

The mobile app must safeguard LES and PII in the appropriate government-hosted location, comply with encryption, authentication, authorization, and access-control requirements, integrate with role-based access controls, ICE identity and access management systems and enterprise multifactor authentication, undergo security vulnerability scanning, and comply with ICE mobile application vetting processes.

The mobile application must also comply with federal laws and regulations related to data security, privacy, accessibility, and transparency, as well as federal record retention requirements for related application data, documentation and communications.

It must be compatible with mobile devices and operating systems currently fielded within the ICE enterprise and comply with ICE mobile device management and mobile application management frameworks.

The procurement will give ICE unlimited querying capability, mobile field access, bulk download capacity, real-time alerting, and access to millions of booking records drawn from hundreds of agencies.

Article Topics

BI2 Technologies  |  biometric database  |  biometrics  |  DHS  |  ICE - U.S. Immigration and Customs Enforcement  |  iris biometrics  |  law enforcement  |  U.S. Government