- The US-VISIT border security program is full of problems and its fingerprint identification system has, "resulted in many cases of mistaken identity,” says EPIC.
Moreover, “The program will soon test using Radio Frequency Identification (RFID) technology to transmit identifiers to agents," it says in Spotlight on Surveillance
The program is being touted as a time-saver but, “the small amount of time saved by using RFID is outweighed by the significant security risk of unauthorized parties accessing the data when it is transmitted wirelessly,” states EPIC (Electronic Privacy Information Center).
Thirty-two air crew members, "experienced fingerprint scanning mismatches that caused them to be improperly flagged by government watch lists," although half of them had already had undergone background checks, says EPIC.
And, "Visitors reported missing their connecting flights due to errors in the database system, and airline crewmembers reported being delayed up to ninety minutes after a long international flight," the report goes on.
"Some travelers reported that the operator collecting fingerscans at a port had erroneously reversed their left and right index fingerprints, labeled a husband's fingerprints as his wife's, failed to collect the data required under US-VISIT, or collected data from travelers exempt from the program, such as holders of a G-4 visa.
"Passengers' numerous requests to the DHS for correction of erroneous personal information suggest that the rush to implement US-VISIT has come at the expense of data accuracy and passenger privacy."
On the plan to use RFID (Radio Frency Identification) spy chips, "The technical specifications of the test RFID tags have not been released to the public, so it is unknown if the information is encrypted or not," EPIC continues.
If data are unencrypted, they can "easily be accessed by unauthorized users with RFID readers" and even when data on RFID tags are encrypted, security risks remain, states EPIC.
"It has been well documented that criminals are able to use readers to break the encryption systems in RFID tags. One experiment is relevant to the proposed US-VISIT RFID program. In January, researchers at Johns Hopkins University and RSA Laboratories discovered serious security flaws in the RFID chips that are used to protect cars from theft and prevent fraudulent use of SpeedPass keys.
"The researchers easily were able to extract individual SpeedPass secret keys, and used them in another device that allowed for fraudulent charges to the SpeedPass accounts."
US-VISIT, estimated to cost $7.2 billion by 2014, "is rife with technology problems and errors in its databases," adds the report.
