U.S. biometric entry card program on track

Published 8 March 2006

US-VISIT, the DHS premier program aiming to create an RFID-enabled biometric card to be used by people entering the United States has had a smooth sailing so far. Jim Williams, director of DHS for the US-VISIT program spoke yesterday at a meeting of the DHS Data Privacy and Integrity Oversight Committee, and discerning companies in the space should be able to see where DHS is looking to bolster the card’s effectiveness and utility. Williams especially addressed some of the practical obstacles to building a border-crossing card with a radio frequency identification (RFID) component. He has said in the past that the RFID component will allow travelers to proceed quickly with a system similar to EZ-Pass. Critics, however, have noted that a fundamental problem of using the RFID technology is the very reliance on information stored on a card. With current technology, border crossers could simply borrow another person’s card to avoid registering for their own. Moreover, the technology also gives rise to what is called “digital pick-pocketing” — the ability of hackers with the right equipment to pick up personal information off the card by simply walking within three or four feet of the individual carrying the card in his or her pocket.

The new cards — known as PASS cards and required by Western Hemisphere Travel Initiative rules written into law in 2004 — may eventually contain next-generation technology which will address these concerns. Williams said that he envisioned “card where somebody could press down a biometric” — verifying not only possession of a card, but a card assigned to the right person. Emerging technology, which he believes will accelerate the program’s ability to perform effectively, will also play a hand in giving border officers more complete information about people entering and leaving the United States. Williams said he hoped that a more complete profile of border crossers will include not only biometric and biographic information, but will also feature a photograph and automatically check traveler information against government watch-lists.

Williams said that fraudulent “skimming” (digital pick-pocketing) of cards with an RFID component, which some privacy advocates believe identity thieves could perpetrate with an electronic reader, could be addressed by a metallic shield on cards. Looking into the future, there could be an on-off switch for the cards.

-read more in Patrick Yoest’s CQ report (sub. req.)