All airport travelers in the US should “immediately” be required to undergo identity checks by the Transportation Security Administration after the discovery of vulnerabilities in the biometric vetting service operated by Clear Secure Inc., lawmakers said in a December letter.
(Bloomberg) — All airport travelers in the US should “immediately” be required to undergo identity checks by the Transportation Security Administration after the discovery of vulnerabilities in the biometric vetting service operated by Clear Secure Inc., lawmakers said in a December letter.
The Clear verification system, which provides an expedited airport screening procedure, contains unspecified “security vulnerabilities,” according to the Dec. 22 letter to the TSA from Democrat Bennie Thompson of Mississippi, then chairman of the House Committee on Homeland Security, and the committee’s former top Republican, John Katko of New York.
New York-based Clear uses an individual’s biometric data — such as iris scans and facial information — to verify identities, and has become an alternative at US airports for passengers wanting to skip traditional security lines, for a fee. Clear provides its services at airports and venues in more than 40 US cities, according to its website.
Ken Lisaius, a spokesperson for Clear, said the TSA asked them to re-enroll approximately 48,000 travelers who hadn’t completed a facial match, part of the multilayered registration process. “Our policy was to require manager approval for the rare instance when the facial technology could not confirm a match of the individual to their ID — as happens for many reasons, such as document photo quality, damaged ID or poor lighting,” he said.
“That reenrollment process is well underway,” said Lisaius, who disputed describing the issue as a “vulnerability” and described the number of people being affected as a “very small percentage” of the service’s 14 million members.
Clear disagrees with the request from the lawmakers to require TSA identity checks for all passengers, Lisaius said, adding, “Our process is secure.”
The details of the letter from Thompson and Katko were previously reported by the trade publication IPVM.
In a statement, the TSA didn’t provide specifics on the alleged weaknesses raised by Congress. A TSA spokesperson said the agency works with Clear to ensure its standards are met and that the government’s security systems are “fully leveraged by all passengers.”
A representative for the Homeland Security Committee’s Democratic minority said they haven’t yet received a response from TSA.
“We will push TSA to act swiftly to address any security vulnerabilities so travelers can be confident in the safety of our skies,” Thompson said, in a statement to Bloomberg.
The lawmakers’ concerns followed an alert from the TSA to Congress that the verification system run by Clear contained unspecified vulnerabilities in vetting passengers through its registered traveler program, according to the letter.
“The best way to address those sensitive vulnerabilities adequately and ensure the accurate vetting of passengers against terrorist watchlists is to require every passenger to go through TSA-specific identity verification,” the letter said.
Lawmakers also asked TSA Administrator David Pekoske why passengers weren’t required to go through the government’s verification system after the issue was discovered.
More stories like this are available on bloomberg.com
©2023 Bloomberg L.P.