Verified Identity Pass gets back to RT business

Published 18 August 2008

TSA suspended company from the Registered Traveler program after one of its computer, containing the personal details of 33,000 customers who had registered for the program, was lost; lap top was recovered and handed over to TSA for forensic review; company now allowed to register passengers

Following a forced suspension to its activities, Verified Identity Pass — operator of the registered traveller programme Clear — has met program encryption standards for enrolment computers and may resume Registered Traveler enrolment immediately, according to the U.S. Transportation Security Administration (TSA). This change in status comes after Verified Identity Pass reported an unencrypted Clear-owned laptop computer containing data of approximately 33,000 customers was missing from San Francisco International Airport. The laptop was later recovered by Clear officials at the airport. It was voluntarily surrendered to TSA officials for forensic examination. The results of that exam remain under review.

Verified Identity Pass took steps to encrypt all enrolment computers and provided a third party audit verifying the encryption. TSA has accepted the audit and provided authorization to the sponsoring entities (airports/airlines) to resume enrolment. TSA will be conducting random audits of Clear operations at airports across the country to further ensure compliance. TSA has also asked Verified Identity Pass to provide a comprehensive report detailing the status of all security features associated with the Clear program and to conduct a new and complete annual audit consistent with program standards.

TSA says it is conducting a broad review of all Registered Traveler providers’ information systems and data security processes to ensure compliance with security regulations.