US flag Official website of the Department of Homeland Security

Biometric Exit Frequently Asked Questions (FAQs)

General

Why is CBP collecting biometrics?

In 2004, Congress required DHS to develop a biometric entry and exit system. In 2013, Congress transferred the entry-exit policy and operations to U.S. Customs and Border Protection (CBP). As part of the border security mission, the agency is deploying new technologies to verify each traveler’s identity – both upon arrival in, and departure from the United States.

How does this work?

Just before departure, each international traveler’s photo is taken, by either CBP-owned cameras or equipment provided by the airlines or airport authority. CBP compares the photo with existing  images from passports, visas and other travel documents, as applicable, in a secure environment using the Traveler Verification Service (TVS). These images include photographs taken by CBP during the entry inspection, photographs from U.S. passports and U.S. visas, and photographs from previous DHS encounters. See the TVS Privacy Impact Assessments (PIA) for more information.

Are U.S. Citizens required to provide biometrics for the entry-exit system?

U.S. Citizens who are entering or exiting the country are generally required to be in possession of a valid U.S. passport.  At this time, however, CBP does not require U.S. Citizens to have their photos captured when entering or exiting the country. U.S. Citizens who do not wish to participate in this biometric collection should notify a CBP Officer or an airline or airport representative in order to seek an alternative means of verifying their identity and documents. CBP discards all photos of U.S. Citizens, once their identities have been verified.

 

What are the legal authorities that allow CBP to collect biometrics on travelers exiting the U.S.?

The 1996 Illegal Immigration Reform and Immigrant Responsibility Act called for the creation of an automated system to record arrivals and departures of non-U.S. Citizens at all air, sea, and land ports of entry. The 2002 Enhanced Border Security and Visa Entry Reform Act, the Intelligence Reform and Terrorism Prevention Act of 2004, and the Implementing Recommendations of the 9/11 Commission Act of 2007 all called for the creation of a nationwide biometric entry-exit system, including the creation of exit records for individuals departing the United States. In addition, the Consolidated Appropriations Act of 2016 authorized CBP to expend up to $1 billion in certain visa fee surcharges collected and deposited into the recently created 9-11 Response and Biometric Exit Account for biometric entry and exit implementation. Finally, Executive Order 13780, “Protecting the Nation from Foreign Terrorist Entry into the United States,” required U.S. Department of Homeland Security (DHS) to “expedite the completion and implementation of a biometric entry-exit tracking system for in-scope travelers to the United States."

Are there alternative procedures for those who do not wish to have a photo taken?

Individuals seeking to travel internationally are subject to the laws and rules enforced by CBP and are subject to inspection. However, if a U.S. Citizen does not wish to participate in the biometric entry or exit process, he or she must request to be processed using alternate procedures, such as presenting travel credentials to an available CBP Officer or authorized airline personnel.

How does CBP secure traveler photos?

CBP is committed to protecting the privacy of all travelers. Toward this end, CBP employs four primary safeguards to secure the data:

  • Secure Encryption: CBP IT systems use HTTPS/SSL encryption during the storage of personally identifiable information and during the data transfer between the camera and the TVS cloud matching service.
  • Biometric Templates: CBP creates biometric templates of each (1) historical photo and (2) newly-captured photo for matching and storage. What are biometric templates?
    • Strings of multiple numbers representing images that can be matched against other templates that represent facial images
    • Irreversible—cannot be reverse-engineered to reconstruct the photo by anyone outside of CBP
  • Brief Retention Periods: CBP discards the photos of U.S. Citizens within 12 hours after their identities have been verified and deletes the photos of non-U.S Citizens within 14 days from CBP systems.
  • Secure Storage: Facial images are stored in secure CBP systems and, for a brief period of time, in a secure cloud environment for matching, thus mitigating potential privacy risks.
    • The cloud service provider adheres to the security and privacy controls required by National Institute of Standards and Technology (NIST) Special Publication 800-144, “Guidelines on Security and Privacy in Public Cloud Computing,” and the DHS Chief Information Officer.

Has CBP reviewed the security of the biometric entry-exit systems?

The CBP Office of Information and Technology (OIT) completed a System Security Plan for the TVS application as part of the Certification and Accreditation (C&A) process, in accordance with the requirements defined under the Federal Information Security Management Act (FISMA). The most recent C&A for the TVS was completed on December 12, 2017. A Privacy Compliance Review will follow later in 2018 to ensure that the TVS is operating in compliance with privacy and data protection best practices.

Does CBP retain traveler photos?

CBP retains the photos of U.S. Citizens until their identities have been verified. CBP temporarily retains photos of all other travelers for up to 14 days in secure CBP systems to support system audits, to evaluate the TVS facial recognition technology, and to ensure accuracy of the facial recognition process. CBP also enrolls non-U.S Citizens, in association with their encounters with CBP, and stores their photos in the DHS Automated Biometric Identification System (IDENT), in order to biometrically record their entry/exit and to ensure more accurate TVS matching in the future.

How is my privacy protected if I have my photograph taken?

CBP is dedicated to protecting the privacy of all travelers. CBP only uses photographs to verify traveler identities and create a record of entry or exit. Photographs of non-U.S. Citizens may be maintained in secure systems and shared in accordance with the relevant Privacy Act System of Records Notice (SORN). The newly captured images will be used to assist the CBP Officer in verifying identity and determin­ing whether the traveler is the true bearer of travel documents. The photos of U.S. Citizens will not be retained.  The photos of other travelers will be maintained for up to 14 days in the TVS cloud matching service for system audits and evaluation and may also be stored in the DHS IDENT System, only in accordance with the applicable SORN. More information is available at www.dhs.gov/privacy-impact-assessments.

How is TSA using Facial Recognition?

CBP is testing facial recognition technology at select Transportation Security Administration (TSA) checkpoints. This technology captures photographs of travelers scheduled for international flights to verify their identity. CBP is conducting this technical demonstration to validate the accuracy and viability of capturing and matching facial images at the TSA checkpoint.

How does the TSA technical demonstration change the screening process at the checkpoint?

A live photo captured at the TSA checkpoint is used to compare against existing government holdings, such as your passport or visa photo. TSA incorporates mobile technology and CBP’s facial matching service into the identity verification process. If a passenger does not match a photo from existing government holdings, the TSA Officer may conduct a manual document check and may also consult a CBP Officer in order to verify your identity and documents using alternative methods. If you do not wish to have your picture taken, please notify the TSA Officer for an alternative means of identity and documentation verification.

Partners

What requirements does CBP have of its partners who collect data?

As part of its arrangement with industry partners, CBP partners agree to encrypt the biometric data, during transmission to CBP. Questions regarding how an industry partner stores data in its proprietary systems should be directed to the relevant industry partner.

Transparency

How will CBP communicate future updates and changes related to biometrics and biometric entry-exit?

Updates and changes related to biometrics and biometric entry-exit will be communicated through relevant Privacy Impact Assessments (PIA) and System of Records Notices (SORN), in compliance with the Privacy Act and E-Government Acts, and where appropriate, through notices published in the Federal Register. The website will also be updated, as needed, with published PIAs and rules.

Last modified: 
Wednesday, September 12, 2018 - 11:57
Tags: