A US government probe has found flaws in airport fast-track service Clear Secure Inc.’s process for speeding customers through security lines, leaving the company to defend its business against the agency responsible for guarding the country’s skies.
(Bloomberg) — A US government probe has found flaws in airport fast-track service Clear Secure Inc.’s process for speeding customers through security lines, leaving the company to defend its business against the agency responsible for guarding the country’s skies.
The Transportation Security Administration investigation into Clear’s methods determined its facial-recognition system to enroll new members was vulnerable to abuse, said people familiar with the review, who asked not to be identified discussing security-sensitive information.
The computer-generated photos of prospective customers at times captured blurry images that only showed chins and foreheads, or faces obscured by surgical masks and hoodies.
The process — which allowed Clear employees to manually verify prospective customers’ identities after its facial recognition system raised flags — created the potential for human error.
That’s how, last year in July, a man slipped through Clear’s screening lines at Reagan National Airport near Washington, before a government scan detected ammunition — which is banned in the cabin — in his possession.
When police were called in to investigate, officials discovered something altogether more troubling: the man had almost managed to board a flight under a false identity.
Verification Process
The security scare, the details of which haven’t been previously revealed, set in motion an extensive TSA investigation into Clear’s methods. The probe has culminated in a high-stakes face-off between the agency and the publicly listed company. The dispute could threaten Clear’s business proposition: speeding people through airports.
In total, the TSA raised concerns about almost 49,000 Clear customers who were enrolled despite facial-recognition software flagging them as non-matches, and concluded its broader methods were inherently inferior to how the government checks travelers’ IDs, the people said. Enrollment photos seen by Bloomberg in some cases didn’t show a face at all and instead, for example, a shoulder and ceiling.
As a result, the TSA in June demanded that its own agents verify the identities of all Clear customers, emphasizing that screeners must know precisely who is flying in order to prevent possible terrorist attacks. The Washington Post reported earlier on the TSA’s plan.
But separately checking Clear customers’ IDs could dramatically undercut the effectiveness of its service, which has a list price of $189. The issue comes as Clear has become the subject of growing complaints that its own lines are getting too long.
The company itself has said the requirement would create “airport chaos,” and Clear has aggressively pushed back on some TSA demands. It said the incident near the nation’s capital was isolated, and has used former Department of Homeland Security Administrator Jeh Johnson to lobby TSA and its overseers at DHS.
Facial Recognition
Johnson called the response “a disproportionate and punitive overreaction” to a single security breach, in a letter sent last December to TSA that the company provided to Bloomberg. Johnson didn’t respond to requests for comment through his law firm.
At least for the moment, the TSA’s initial demand that the identity checks begin by the end of July has been pushed back, two people said.
Clear has defended the enrollments by pointing out that all of the people with questionable facial recognition were also manually verified by at least two Clear employees. The total represents about 1% of all Clear airport customers, Johnson wrote in the letter.
Still, the company stopped allowing its employees to verify applicant identities shortly after TSA questioned the practice last year. All the problematic cases will have to have their identities validated with facial recognition and other data before using Clear again, it said.
The failure that led to the July 2022 incident was “a single case of human error,” the company said, declining to comment on allegations of additional incidents. “Clear’s system is secure with an exemplary security track record.”
The TSA and DHS declined to comment on specific security shortfalls or the timing of any new security measures. The TSA said in a statement it is committed to requiring that all Clear customers undergo additional checks. Clear can continue to operate dedicated screening lines, the agency said.
The TSA investigation also found other cases it considered to be Clear-related security incidents, the agency said in a statement. It declined to provide details due to security concerns.
‘Lax Controls’
“Accurate and reliable verification of passenger identity is foundational to aviation security and effective screening by TSA,” the agency said.
Identifying airline passengers is a pillar of the security program TSA installed after the Sept. 11, 2001, attacks in which about 3,000 people died. The TSA attempts to ensure that every passenger entering the secure area of an airport has a ticket and that they can be checked in real time against extensive databases of suspicious people.
Over the years, TSA has upgraded how it verifies people’s identities, in part because of troublesome incidents, allowing its agents to authenticate IDs, verify flight reservations and screen watch lists in near real time.
The Clear investigation prompted Representative Bennie Thompson of Mississippi, the senior Democrat on the House Homeland Security Committee, along with another lawmaker, to raise concerns about the company in December.
Clear “operated using lax security controls presumably just to keep lines short and boost their bottom line – all while potentially putting the homeland at risk,” Thompson said in response to Bloomberg queries.
Once a person is registered with Clear, the company uses eye scans and fingerprints to ID people arriving for a flight so they can be escorted to the front of TSA screening lines.
TSA’s focus was on how the company enrolled new customers in the first place. When someone joins its airport system, Clear scans a drivers’ license or other ID and uses its computer system to take their picture. The on-scene image is then matched to the photo ID using facial-recognition software.
Mismatch Alert
Because facial recognition isn’t perfect, Clear allowed employees to match people to their photo IDs even when the computers did not, Johnson said in his letter. But the process was complicated because, during that period, Clear employees couldn’t see the computer-generated images of the people.
Clear cited this as evidence the poor photos didn’t play a role in any enrollments, but TSA was concerned that the overall process was poorly designed and prone to error, according to people familiar with the review.
People enrolled under a false identity could potentially fly for years using that bogus information, according to the people. Clear’s biometrics would recognize the person under the fake name.
In the case last July, the customer was enrolled manually in Birmingham, Alabama, after Clear’s computers flagged him as a mismatch with his ID, according to the letter Johnson sent to TSA Administrator David Pekoske on Dec. 12.
The man was Black and part of the reason the company allowed employees to manually verify people’s identities was because some facial-recognition software performs more poorly on people with dark skin, Johnson wrote.
Details about how the decision was made to verify the person’s identity weren’t available. Johnson, in his letter, called it a “judgment error” that was made in “good faith.”
Lawmaker Thompson sees it differently, calling it a broader issue that needs to be addressed immediately.
“This is squarely a security matter and should not be influenced by outside lobbying,” he said.
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.