Skip to main content
U.S. flag

An official website of the United States government

Government Website

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Safely connect using HTTPS

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

facial recognition

  • Review of CBP's Major Cybersecurity Incident During a 2019 Biometric Pilot

    Executive Summary

    U.S. Customs and Border Protection (CBP) did not adequately safeguard sensitive data on an unencrypted device used during its facial recognition technology pilot (known as the Vehicle Face System).  A subcontractor working on this effort, Perceptics, LLC, transferred copies of CBP’s biometric data, such as traveler images, to its own company network.  The subcontractor obtained access to this data without CBP’s authorization or knowledge, and compromised approximately 184,000 traveler images from CBP’s facial recognition pilot.  Later in 2019, the Department of Homeland Security experienced a major privacy incident, as the subcontractor’s network was subjected to a malicious cyber attack.  While CBP and DHS took immediate action to mitigate the data breach, we attribute this incident to the subcontractor violating numerous DHS security and privacy protocols for safeguarding sensitive data.  Consequently, this incident may damage the public’s trust in the Government’s ability to safeguard biometric data, and may result in travelers’ reluctance to permit DHS to capture and use their biometrics at U.S. ports of entry.  We made three recommendations to aid CBP in addressing the vulnerabilities that caused the 2019 data breach, and to better mitigate future incidents through greater oversight of third-party partners.  CBP concurred with all three recommendations.

    Report Number
    OIG-20-71
    Issue Date
    Document File
    DHS Agency
    Fiscal Year
    2020
  • Progress Made, but CBP Faces Challenges Implementing a Biometric Capability to Track Air Passengers Departures Nationwide

    Executive Summary

    In 2017, CBP made considerable progress developing and implementing a biometric capability to track air passenger exits using facial recognition technology. CBP’s Biometric Entry-Exit Program conducted a pilot at nine airports and demonstrated ability using this technology to match 98 percent of passengers’ identities at departure gates. However, During the pilot, CBP encountered various technical and operational challenges that limited biometric confirmation to only 85 percent of all passengers processed. These challenges included poor network availability, a lack of dedicated staff, and compressed boarding times due to flight delays. Further, due to missing or poor quality digital images, CBP could not consistently match individuals of certain age groups or nationalities.

    Report Number
    OIG-18-80
    Issue Date
    Document File
    DHS Agency
    Oversight Area
    Fiscal Year
    2018