The Biometric Interoperability & Standards Conformance Office (BISCO) was recently established to support test and evaluation objectives for current and emerging biometrics capabilities. BISCO is a government-owned, secure ecosystem for interoperability governance; compliance with Department of Defense (DoD) standards; integration, experimentation, and evaluation; and policy testing. It has been validated by the Joint Interoperability Test Command (JITC) to conduct standards compliance testing to the DoD Electronic Biometric Transmission Specification (EBTS), which requires alignment of the National Information Exchange Model (NIEM), the NIEM Biometrics Domain, the ANSI/NIST-ITL 1-2011 Update:2015 Data Format for the Interchange of Fingerprint, Facial & Other Biometric Information, and the Federal Bureau of Investigation (FBI) EBTS.

The BISCO Conformance Software, which supports DoD EBTS v1.2 (binary) and v4.1 (binary and XML), has certified the Cross Match SEEK II for use by the US Marine Corps (USMC) Identity Dominance System (IDS). BISCO has certified Lakota and Aware’s software products for file-level conformance to DoD EBTS. Additionally, DoD EBTS conformance testing has been completed, and defect remediation is underway, for the Sciometric SlapShot, the Tascent MX, the Booz Allen Hamilton Vampire, the InCadence Javelin XL, as well as Navy IDS, USMC IDS, and InCadence ABIS in a Box.

The BISCO Biometric Enrollment application captures biometrics, builds DoD EBTS v1.2- and v4.1-compliant transactions, and transmits them to the Automated Biometric Identification System (ABIS), allowing the use of almost any local or remote contact or contactless fingerprint, face, or iris sensor. Integration with palm and thermal imaging sensors is underway.

The Naval Criminal Investigative Service Technical Services Field Office - Identity Activities Branch (TSFO-IA) developed government-off-the-shelf (GOTS) software for rapid ingestion of biometric data from fingerprint cards. The RISER Suite has advanced U.S. government (USG) card scanning operations through custom software development, prototyping, operational pilots, and collaboration across government organizations and industry. The TSFO-IA team included Booz Allen Hamilton, Novetta, and multiple USG organizations, including Office of the Secretary of Defense for Acquisitions, Technology, and Logistics, CDM, Defense Forensics Science Center BoD, and the Combating Terrorism Technology Support Office.

Over the last 18 months, TSFO-IA has developed capabilities that have turned an expensive, manual, and time-consuming procedure into a streamlined semi-automated process. The Rapid Fingerprint Digitization tool scans cards into digital images. RISER identifies fingerprint locations within scanned images, crops fingerprint images to eliminate blank space, performs image adjustments, checks quality, and creates EBTS v1.2-compliant files. Every one of those steps was previously performed manually. The SWIPE tool was developed for on-site review and includes tools to manually adjust files. After manual review, EBTS files are submitted to biometric repositories for matching and storage in real time. Missions, previously split between on-site activities and off-site processing, are now performed 100 percent on-site thanks to innovations introduced by TSFO-IA. RISER technology, workflow integration between tools, and network connectivity to biometrics databases have reduced the time to ingest biometric records from months or years to days. RISER provided:

• Data Capture: Prior to RISER, a card digitization mission to Ghana for ~120,000 cards required 21 personnel for approximately 3,525 days. A similar mission to Guatemala using RISER required just seven personnel approximately 48 hours to digitize ~57,000 cards, with 90 percent of the data ready for submission into USG databases two days after scanning was completed.
• Near Real-Time Ingestion: Images scanned in Ghana took more than 365 days to manually adjust, process, and submit for biometric matching. Guatemala cards were processed and ingested on-site in five days.
• Reduction in Hardware: Ghana scanning hardware took over $70K to ship in a dozen shipping containers, while Guatemala hardware was reduced to two containers weighing 150 lbs.
• Time Saved: Technologies developed by TSFO-IA have saved over 9,022 hours to date.

TSFO-IA has advanced card scanning technology to efficiently make hundreds of thousands of previously archived biometric records available for automated biometric matching. The technology has been made available as GOTS software and utilized by other USG agencies.

Since September 11, 2001, agencies have sought to improve how they leverage sensitive intelligence and law enforcement information when vetting for homeland and national security missions. However, these processes were often bilateral, did not occur in real time, and were not adaptable for an all-threats landscape. The National Vetting Center (NVC) provides a single coordinating entity and platform to address these issues, ensuring that adjudicators receive national security partner vetting support in a timely manner. The NVC’s technology platform streamlines the transfer of unclassified applicant information to classified environments, where it is compared against information held by national security partners, and provides responses back to the NVC for use by vetting analysts. For the first time ever, the NVC provides adjudicators with a single picture of all the “dots” of sensitive information to evaluate as a whole before making an adjudication decision.

The NVC’s success lies in the rapid technological advances to develop a cross-domain, multiagency platform. In less than six months, using Commercial Cloud Services (C2S) services, the Department of Homeland Security (DHS) Office of Intelligence and Analysis designed, built, and deployed a common technology platform and process to support the NVC. This platform allows for a comprehensive review of relevant information to support adjudications. The NVC’s system was DHS’ first C2S environment to be fully deployed and operational, successfully integrating multiple cloud environments across the Intelligence Community (IC), including other agencies’ C2S environments and the National Security Agency’s IC-GovCloud. The NVC deals with high volumes of multiple streaming data sets that are routed through various architectural components to be processed, stored, and shared on the high-side network. DHS built and deployed redundant cross-domain solutions to deliver applications across fabrics to be routed for vetting support. DHS receives vetting results from multiple national security partners, which traverse across C2S environments. The NVC technology platform enables high-to-low responses to be delivered to vetting systems for automatic integration with unclassified vetting workflows within minutes from the application having been submitted for vetting. Prior to the NVC, there were independent systems for each national security partner, some taking hours or days to supply vetting responses. The use of C2S services allows the NVC to easily scale up to meet increased load during holidays or other high travel periods.

Over the past 12 months, DHS I&A has matured its technical solutions to include establishing a DevOps process that will allow for continuous integration/continuous delivery. The team also worked with the NVC and its customers to improve the user experience, resulting in updated design and workflow. The updated application also included backend enhancements built on micro services improving system performance, resiliency and redundancy. Further, they implemented Amazons auto-scaling group capability which provides the NVC with a more cost-efficient solution that meets its evolving mission demands.

The NVC demonstrated the ability to drive interagency technical integration across more than six federal agencies. Additionally, the NVC’s technical innovation has further advanced the identity intelligence mission – providing new analytical and operational insights as well as new technical capabilities that can be applied to support other mission use cases. In addition to developing a capability to transmit tens of thousands of vetting requests across domains and between C2S environments, DHS designed and built the NVC’s flagship workflow management tool, allowing vetting responses to be centralized for analysts’ quick review. Currently, NVC technology supports the near real-time screening of approximately 40,000 applicants per day. The NVC enables rapid review of Electronic System for Travel Authorization applications. As national security partners provide responses to the NVC, new identity information and connections are automatically disseminated back to the national security community, consistent with law and policy requirements.

The joint DHS/DoD team has enabled more efficient and effective automated biometric information sharing interoperability between the DHS Automated Biometric Identification System (IDENT) and the DoD Automated Biometric Identification System (ABIS). The advancement of DHS IDENT/DoD ABIS interoperability directly benefits both departments, allowing faster and more complete access to one another’s biometric data. The project ties directly to each department’s overarching priorities – DHS’ “Counter Terrorism and Homeland Security Threats” and DoD’s “Deepen Interoperability.”

The teams worked tirelessly to ensure the coordination of policy, privacy, and technological requirements between DHS and DoD for the exchange of identity data. This capability directly impacts the federal government’s future identity capabilities and builds a stronger information sharing foundation. Since inception in August 2019, DoD interoperability has enabled biometric data exchange for approximately 127,000 encounters between DHS and DoD. Creation and use of direct interoperability has enabled the exchange of almost 36,000 more encounters between the two agencies than legacy processes in the past five months alone.

The team’s continued focus and resilience to overcome ever-present challenges and priority shifts have achieved a new level of mutually beneficial identity information sharing for the United States and directly contribute to the security and defense of the nation.

For the past 18 months, Edd and his team of seven people have been modernizing the Identity Management landscape at the Defense Intelligence Agency (DIA). In just over a year, Edd transformed the most critical function of information technology at DIA, Identity Management and Governance, from a legacy, underperforming GOTS application to a comprehensive, best-of-breed commercial off-the-shelf (COTS) Identity Governance solution that provides the most security and dramatically increased functionality for all users.

Edd inherited a nearly 15-year-old government-built (non-COTS) Identity Management application that utilized older versions of legacy technologies. Through the years, as applications grew in numbers and complexity, the legacy Account Management System showed its age, was not meeting the needs of the users, and was not providing the specialized security needed for an enterprise of DIA’s size and mission.

In an effort to modernize the identity management landscape, Edd sought a best-of-breed solution to propel the identity management framework from merely a provisioning system to one that provided robust management and governance of all identities and data across the enterprise. Edd brought a comprehensive Identity Governance and Administration to DIA. Edd fundamentally changed Identity operations at DIA by moving from a Help desk-driven process to a solution that puts access control in the hands of the resource owners and enables users to request access without directly involving the Help desk. This streamlines the process of granting access to systems, applications, and data, and provides stronger access controls, as those who own the resources certify each user’s access.

The modernization project relied heavily on using industry best technologies to replace government-written applications. Radiant Logic’s virtual directory is now utilized to pull resources into a single location, and SailPoint’s industry-leading IdentityIQ™ governance software manages and governs access for all users. Edd’s team automated the account creation process for all government employees, as well as contractors who originate in the agency’s human resources system. Historically, this manual process took up to one month; it is now performed with automation in less than six hours. By streamlining this process, DIA has realized savings of more than $80 million over the first 18 months of the project.

DHS/Customs and Border Protection (CBP) has a complex, multifaceted mission to manage and secure the border from criminal and terrorist threats while facilitating legitimate travel and trade and ensuring the vitality of the U.S. economy.

In 2013, CBP received the long-standing security mandate to biometrically record the entry and exit of foreign nationals from the United States at air, land, and sea ports of entry. While US Visitor and Immigration Status Indication Technology successfully implemented biometric entry at airports beginning in 2004, the biometric exit mandate has been a major challenge, given that airports were not built with the infrastructure to manage departure control; domestic and international flights are commingled; and it would take considerable resources to staff every exit location. In addition, the air travel industry regarded biometric exit as a government mandate, emphasizing that airlines and airports should not bear the cost. Years of testing have demonstrated that biometric facial comparison technology is the most secure, efficient, and cost-effective way to fulfill the congressional mandate while protecting the privacy of all travelers. Everyone knows how to take a photo, and it is a simple and efficient process.

Beyond just meeting the biometric exit mandate, CBP’s leadership had a vision to innovate the entire travel journey through face recognition. The air travel industry had started to develop its own modernization plans that aligned with CBP’s use of biometric technology. Eventually, it opened the opportunity to develop public/private partnerships and achieve a mutual goal: a more secure and efficient identity verification process without the need to handle paper documents, thereby enhancing the customer experience. CBP built the Traveler Verification Service as the back-end system to do facial biometric matching, while the air travel partners bought the front-end, consumer-facing facial comparison technology. CBP can now offer its stakeholders “identity as a service” wherever an identity check is required in the travel process, including check-in, bag drop, Transportation Security Administration screening, and departure, to further secure and streamline the travel process.

CBP has demonstrated the operational success of its vision with its ongoing Entry/Exit deployments. Currently, through public-private partnerships, CBP has implemented facial comparison technology for international arrivals at 18 airports and for international departures at 27 airports. CBP has also implemented biometric facial comparison technology for pedestrian crossings at 14 locations on the southwest border and at seven locations for closed-loop cruises. CBP has processed more than 50 million travelers through facial biometrics at air, land, and sea ports of entry. Since September 2018, CBP has used biometric facial recognition technology to capture more than 270 imposters who attempted to enter the United States using a genuine travel document that belongs to another person.

With the devastating impacts of COVID-19 on all modes of travel, CBP’s vision of a seamless travel process using facial biometrics has another critical benefit – it provides travelers with a hygienic, touchless process that will help rebuild the public’s confidence to travel again. As CBP continues to support the travel recovery efforts, the Entry/Exit team will work closely with its stakeholders to develop the future of seamless, touchless travel.

During the COVID-19 pandemic, Jeremy has helped federal agencies navigate the uncertain waters of digital identity and alternatives to in-person identity proofing and to the Common Access Card and Personal Identity Verification. He continues to educate the general population through webinars and conferences, as well as serve as a policy advisor to other organizations such as the Fast Identity Online (FIDO) Alliance to promote a more secure solution to help end the reliance on passwords.

Through his work leading the Better Identity Coalition, Jeremy has established a much-needed organization bringing companies and policymakers together to improve the way Americans establish, protect, and verify their identities when they are online. The Coalition’s “Policy Blueprint for Better Identity in America” has won bipartisan acclaim and helped to drive significant progress in identity policy. Jeremy’s notable activities include:

• Testifying before Congress twice about digital identity challenges and the role government can play in driving new solutions.
• Serving at the invitation of the Financial Action Task Force (FATF) on a small advisory panel assisting with the FATF’s new Digital Identity Guidance.
• Contributing (via the Policy Blueprint) ideas that helped shape the Office of Management and Budget’s “Enabling Mission Deliver through Improved Identity, Credential, and Access Management” 2019 identity policy memo (M-19-17).
• Working with members of Congress to help craft new legislation to create a coordinated, whole-of-government approach to improving digital identity.
• Convening an annual policy forum with government and industry as part of National Cybersecurity Awareness Month, put on jointly by FIDO Alliance, the ID Theft Resource Center, and the Better Identity Coalition.
• Weighing in with federal and state-level policymakers on a variety of proposed legislative and regulatory proposals impacting identity – with an eye toward educating policymakers about approaches that can improve the security, privacy, and convenience of identity solutions.

Patrick Grother, Mei Ngan, and Kayee Hanaoka manage the NIST Face Recognition Vendor Test (FRVT) program, the largest and most extensive face recognition algorithm test of its kind. FRVT is a globally recognized program that has provided expansive, ongoing, and invaluable results and analysis to the facial recognition community, including developers, end users, and policy- and decisionmakers. FRVT results have been the “gold standard” for the facial recognition community worldwide, providing an independent assessment on the current capabilities and limitations of submitted face recognition algorithms.

The FRVT program was developed to evaluate face algorithm capabilities on a fair, repeatable, and equitable platform with data, software, and analysis controlled by a trusted third party. FRVT has evaluated face recognition performance for one-to-one verification, one-to-N identification, ranked-based investigation, demographic differentials, twins and siblings, morphing, image quality, and the impact of face masks on pre-face mask-developed algorithms. In assessing the performance of such areas of research, FRVT has evaluated well over 600 algorithms from more than 150 worldwide developers. FRVT has unique access to over 30 million operational images from a number of different data sources that provide a variety of quality, ranging from portrait-quality images to unconstrained image capture.

The FRVT team has published reports covering all its work and made them available on the NIST FRVT website (https://www.nist.gov/programs-projects/face-recognition-vendor-test-frvt). The reports are continuously updated as new algorithms, data, and analysis become available. In addition to published reports, the FRVT team has given a number of seminars internationally to educate audiences on the ever-changing topic of face recognition. The team has given over 30 invited talks/presentations at worldwide conferences and workshops; responded to over 30 media interview requests; responded to approximately 15 U.S. congressional and Government Accounting Office inquiries; and prepared NIST leadership for four U.S. congressional testimonies related to their work. Invited talks at industry and government venues include Biometrics Institute Congress (London), Biometrics Institute – Asia-Pacific Conference (Australia), Bias Estimation in Face Analytic Workshop, Biometrics Special Interest Group (Germany), Innocence Project, Privacy and Civil Liberties Oversight Board, and Washington State House Working Groups (United States), to name a few.

The FRVT team members have been and continue to be active members in a number of USG collaborations and working groups. NIST’s evaluations assist other agencies’ face recognition research and development efforts. The team’s established partnerships include Intelligence Advanced Research Projects Activity, FB), DHS Science and Technology Directorate (S&T), OBIM, and CBP, and it is a key member of the Special Operation Command Next Generation Identification and Awareness Government Biometric Technical Working Group.

The results of the FRVT evaluation have highlighted a wide range of performance across algorithm developers and data types. It has informed end users of the technology so they are aware of the algorithm they are using and understand performance variations that exist based on their system’s algorithm, quality of the data, specific application, and risk levels unique to their use case.

The team has also contributed to international face image quality biometric standards, including scalar/vector-quality metrics and next-generation face image capture standards. These standards will have significant impacts on improving the quality of data presented to face recognition systems and will improve identification performance.

This quote from International Biometric Identity Association summarizes the value of FRVT: “The recent NIST report on the performance of facial recognition algorithms across different demographics is a game-changer. It provides new and comprehensive data on the performance of algorithms across demographic groups. … With facts and evidence, the NIST report informs the policy debate on facial recognition, making possible an open and transparent process with a careful balancing of benefits and appropriate uses.…”

Anne Shere Wallwork serves as the Senior Counselor for Strategic Policy and Innovation in Treasury’s Office of Terrorist Financing and Financial Crimes (TFFC), where she helps identify and mitigate money laundering and terrorist financing threats while facilitating responsible financial innovation and financial inclusion. Her efforts to facilitate the use of innovative products and services in the financial sector to help stem the tide of fraud and abuse in the financial system and to support financial inclusion has led Anne to champion work around digital identity, focusing on strong identity proofing and authentication practices.

Anne has been a driving force behind the Financial Action Task Force’s (FATF’s) work on digital identity. Over the last 18 months, she spearheaded the FATF’s public-private engagement on this topic and was project co-chair and lead drafter of the Digital Identity Guidance, issued in February. Through these efforts, Anne has helped strengthen understanding across the globe of how smart digital identity solutions work; their potential to strengthen measures to combat money laundering, terrorist financing, fraud, and other illicit financing activities and support financial inclusion; and the importance of adopting regulatory frameworks that enable the use of responsible digital identity solutions. She has also been a champion of considering the benefits of responsible digital identity solutions to support a range of national security and economic objectives in policy discussions at the Department of Treasury and across the US Government, and has helped focus interagency attention and cooperative efforts on the need for effective digital identity solutions to strengthen financial sector efficiency and integrity. Anne’s tireless leadership has helped drive support for regulatory and policy frameworks that enable customer onboarding, authorization of account access, and global financial transaction monitoring to leverage responsible digital identity solutions to combat money laundering and fraud, and promote inclusion in the financial services marketplace, in this country and globally.

From October 2007 to March 2012, Ms. Wallwork served as TFFC’s Senior Counselor for Asia, with primary responsibility for AML/CFT policy issues involving East Asia/South East Asia; South Asia; and Central Asia and Russia. In this capacity, she headed the U.S. delegation to the Eurasian Group on Combating Money Laundering and Terrorist Financing (EAG) and initiated a mechanism to facilitate cooperation on illicit finance issues with China under the auspices of the U.S.-China Strategic and Economic Dialogue (S & ED), and a similar mechanism with India.

Ms. Wallwork served as the Department’s Senior Representative to National Counter-Terrorism Center (NCTC) from July, 2006 to November 2007 and was Deputy Director of Strategic Policy for Terrorist Financing and Financial Crimes from April 2004 to July 2006. She helped lead the U.S. Government’s efforts to develop a comprehensive, strategic approach to combating kleptocracy; helped drive the U.S. Government’s international efforts to trace and repatriate Iraqi assets worldwide; and chaired several interagency working groups that sought to recover the proceeds of foreign official corruption, including Liberian and Haitian assets. A graduate of Yale Law School (Editor, Yale Law Journal) and Wellesley College (Phi Beta Kappa, Wellesley College Scholar), before coming to Treasury, Ms. Wallwork clerked for the late Judge Thomas Gibbs Gee, U.S. Court of Appeals, 5th Circuit; practiced law at Miller, Cassidy, Larroca & Lewin in Washington, DC; and was a consultant for the World Bank.

Alicia Harrison is the DoD Customer Relations Portfolio Manager at DHS OBIM, where she plays a critical role in the coordination of USG agencies that led to the establishment of automated biometric information sharing, or interoperability, between the DHS Automated Biometric Identification System (IDENT) and the DoD ABIS, to include the sharing of bulk data and enabling active Biometrically Enabled Watch List automation between DoD and DHS.

Alicia’s cutting-edge leadership approach was integral to the creation and coordination of policy, privacy, and technological requirements that established direct interoperability between DHS and DoD for the exchange of identity data. This capability directly impacts the federal government’s future identity capabilities. Whether troubleshooting operational, technological, or business processes, she led DHS information technology teams to enable a permanent foundation for bilateral information sharing. She continues to achieve objectives by demonstrating collaborative behaviors and building effective partnerships across organizational boundaries from the action officer level to the executive leadership levels.

Since inception in September 2019, DHS/DoD interoperability has enabled biometric data exchange for approximately 127,000 encounters between DHS and DoD. Creation and use of direct interoperability has enabled the exchange of almost 36,000 more encounters between the two agencies than legacy processes in the past five months alone.

Alicia’s efforts have achieved a new level of mutually beneficial identity information sharing for the United States and directly contribute to the security and defense of the nation.

Since April 2014, John P. Wagner has been the Deputy Executive Assistant Commissioner for the Office of Field Operations at UCBP within DHS. In this role, Mr. Wagner oversees nearly 30,000 employees, including approximately 23,000 CBP Officers and over 2,400 CBP Agriculture Specialists who protect U.S. borders. An annual operating budget of $4.8 billion provides for operations at over 330 ports of entry and many programs that support the national security, immigration, customs, and commercial trade-related missions of CBP.

With over 25 years of public service, Mr. Wagner has worked on a wide variety of operational and policy issues. Mr. Wagner has been a leader in developing many successful transformative efforts for the organization, including the development of the internationally acclaimed Global Entry program, Western Hemisphere Travel Initiative, and Automated Passport Control. One of Mr. Wagner’s main priorities and most significant achievements has been the advancement of a biometric exit and entry system across the nation. The biometric exit mandate has been a long-standing challenge for DHS; nonetheless, when CBP received the mission in 2013, Mr. Wagner’s innovative approach to CBP’s use of its data, and his vision of expanding public-private partnerships to implement a facial biometric process that can be used wherever an identity check is required in air travel, has helped advance Entry/Exit to where we are today – over 50 million travelers being processed through facial biometrics at select air, land, and sea locations. The hygienic benefits of a “touchless” travel process are even more critical today in light of COVID-19.

Overall, Mr. Wagner is recognized as a driving force behind many of CBP’s resource-saving and time-saving initiatives, while simultaneously enhancing security operations at the ports of entry.