Cutting-edge security technology is a spy-movie staple. In films like Charlie’s Angels, Minority Report, and Avengers, gadgets unlock with a fingerprint or retinal scan. The protagonist freezes as a red laser slowly scans her eyes, and presto, the vault opens.
Crossing the U.S.-Mexico border could soon be nearly that high-tech (albeit less dramatic).
Using someone’s unique biological traits for access control is called biometric authentication. And it’s made the leap from the silver screen to border checkpoints like Otay Mesa. The busy San Diego-area pedestrian crossing just launched a $2 million pilot program that verifies people’s identities using biometrics, specifically iris scanning and facial recognition.
The program, begun in December 2015, is being tested on non-U.S. citizens entering the U.S. But the goal isn’t to keep people out. According to the Center for Migration Studies, a bigger problem is people who enter the U.S. legally and remain after their visa expires. So starting in February 2016, the cameras will also snap facial and eye photos of people leaving the U.S. That way, immigration authorities can determine who hasn’t left the country yet—and therefore whose visa has expired. The pilot program ends in June 2016, and if it’s a success, the technology may spread to other pedestrian checkpoints.
How It Works
Facial and iris scanning isn’t as quick as spy thrillers would have you believe, but it’s convenient nonetheless. Sean Allocca of Forensic Magazine explains: “The cameras are positioned at six kiosks. The migrants simply walk up to the kiosk, scan their documents on a reader, and look into a camera. The process takes seconds, according to reports, and the migrants are then ready to be questioned by immigration officials.” (See it in action here.)
With securing the border being such a hot topic for 2016 presidential candidates–particularly conservative ones–biometric access control is a timely development, if not a new one.
Biometrics at the border actually trace back to George W. Bush and America’s surge of antiterrorism sentiment following 9/11. In 2004, Bush signed the Intelligence Reform and Terrorism Prevention Act, which mandated a “biometric entry and exit data system [to] facilitate efficient immigration.” In other words, Homeland Security should use biometric tests like iris scans, fingerprints, and facial photographs to speed up border crossings and prevent terrorism.
Today, all U.S. airports use biometric authentication on international visitors. U.S. Customs and Border Protection agencies check foreigners’ fingerprints against a database of criminal and immigration records before granting them entry.
Some U.S. citizens even volunteer their biometric data. If you’ve enrolled in TSA’s PreCheck program, yours is already in use. PreCheck lets low-risk fliers bypass long security lines and pesky shoe removal in exchange for their fingerprints, a background check, and $85 a year. Jetsetters love the convenience biometric data affords.
So do some Mexican citizens crossing the U.S. border, like Cesar Quezara. Facial and iris scanning “was two or three seconds. It's very easy," as he told San Diego public media KPBS. But is it worth trading your privacy for convenience?
Those who say no have two main concerns: identity theft and civil liberties.
Facial recognition and eye-scanning technology is typically used to prevent identity theft, but ironically, it can also enable it. Researchers have found that if your face can unlock something, so can a photo or video of you used without your permission.
With the abundance of photos and videos available online, particularly on social media sites like Facebook and Instagram, someone could steal your likeness without your knowledge. According to a study by Carnegie Mellon researchers: “It is possible…to identify strangers and gain their personal information – perhaps even their Social Security numbers – by using face recognition software and social media profiles.” Security researcher Duc Nguyen found that he could crack facial recognition security on Asus, Toshiba and Lenovo laptops with a photograph of the authorized user.
As facial recognition software advances, it now often requires the person to blink, proving it’s not a photo. However, Popular Science writer Dan Moren was able to bypass his banking app’s security measures by using a video of himself blinking. Obviously walk-up facial scanners at pedestrian border crossings would be more difficult to fool, but clearly, the technology is vulnerable to exploitation–both by someone posing as you to cross the border or a hacker who obtains your face from a government database.
The human iris contains some 5,000 data points, making it harder to fake than a face…right? Not necessarily. In 2012, researchers in Madrid created fake irises that successfully fooled biometric scanners 80 percent of the time. Making a fake iris isn’t new, but the researchers were replicating real people’s irises for the first time—meaning identity theft is possible.
John Verdi of the Electronic Privacy Information Center is a vocal critic of biometrics due to the technology’s vulnerability to identity theft. “If your passport is stolen, the government can reissue you a new passport,” he told CNN. “If your biometrics are stolen, short of hacking off your finger, there's no way for consumers or travellers to reacquire their identity.” An iris or face is, needless to say, similarly impossible to replace.
Civil Liberties and Racism
With news outlets from The Guardian to The New York Times lamenting “the death of privacy,” some people worry more about how government agencies and businesses will use their biometric data than about hackers and identity theft.
Almost 90 percent of people “are willing to share their biometric details when traveling across international borders,” according to a 2014 Accenture survey that polled 3,000 people worldwide. However, more than two-thirds would first need to know how their personal data would be used.
Massachusetts resident John Gass discovered firsthand that, rather than detect criminal activity, facial-recognition technology could be used to unintentionally make his life miserable. In 2011, Gass got a letter out of the blue from his state’s Registry of Motor Vehicles revoking his driving privileges. It turns out that an algorithm incorrectly flagged Gass’s photo as a “potentially criminal false identity” because he looked too much like another driver. It took Gass 10 days of fighting with the RMV to get his driver’s license reinstated. This facial-recognition technology is used in about 35 states.
Perhaps a bigger concern than bureaucratic headaches is racial profiling. That’s what American Civil Liberties Union attorney Mitra Ebadolahi worries will come from facial-recognition software being used at border checkpoints. She told KPBS: “If you pay for convenience by giving up a photo of yourself, and that photo then gets into a database–not just at the border, but potentially used elsewhere–and then is used to connect you to a crime you didn't commit because you sort of look like a guy who the victim of that crime has identified as being the perpetrator, how would you feel about the government having that information on you indefinitely?"
Racism may in fact be subconsciously programmed into biometric technology. Author Shoshana Amielle Magnet writes in When Biometrics Fail that iris scanners don’t sufficiently read the irises of people of color. She concludes: “[Biometric] technologies work differently, and fail to function more often, on women, people of color, and people with disabilities.” (This makes sense, considering white men are overrepresented in the tech world.)
Our faces give away more than our racial and ethnic background. Researchers have discovered a significant link between personality traits and iris appearance, as Andrew Patrick, an IT research analyst for the Canada Privacy Commissioner, points out. Specifically, researchers could identify aspects like trust, warmth, and impulsiveness based on the characteristics of someone’s eye. Thanks to an iris scan at the U.S.- Mexico border, the government could learn how trusting or impulsive you are and potentially share that information with interested parties like insurance companies.
“In many ways, biometrics represent a wrong direction in solving identity theft,” Patrick writes on his site. “Instead of a universal identifier that can be used, and abused, everywhere…why not make multiple private credentials that people can use selectively…while maintaining their overall security and privacy?” Unfortunately, non-U.S. citizens seeking to enter America may not have much of a choice.