Tag Archive for: TSA

TSA Now Accepts Mobile IDs in Google Wallet on Android Mobile Devices, Starting with Maryland

/in


In collaboration with the State of Maryland and Google, the Transportation Security Administration (TSA) now accepts Maryland-issued mobile driver’s licenses and ID cards in Google Wallet on Android mobile phones at select TSA airport security checkpoints.

TSA PreCheck® passengers will be able to use this new feature at checkpoints for identity verification at 25 participating airports.

“TSA’s partnership with Google and Maryland spotlights our commitment to implementing new technologies and expanding use of mobile driver’s licenses,” said TSA Administrator David Pekoske. “This launch represents the first mobile driver’s license in Google Wallet. We continue to work closely with other states on deploying this capability across the country. TSA is committed to collaborating on international, open standards that provide enhanced security, privacy protections and offers airline passengers a more efficient and convenient travel experience.”

To present their ID in Google Wallet at select TSA checkpoints, passengers will approach the podium at the first station in the screening process. The passenger may consent to provide their mobile identification from Google Wallet by simply turning on Bluetooth and holding their Android smart phone or watch on the second-generation Credential Authentication Technology (CAT-2) reader device.  The digital identity information from the mobile driver’s license is encrypted and transmitted digitally to CAT-2, where the passenger’s real-time camera photograph will be compared against the encrypted mobile identity information from Google Wallet and their reservation data that would have been on the passenger’s boarding pass.  Once the CAT-2 confirms the identity match, a TSA officer will verify the match and the passenger will proceed to security screening – without ever exchanging a boarding pass.  TSA officers may perform additional passenger verification if needed. The real-time live camera photograph and the mobile identification information is not kept, transmitted or used for any purpose other than for the immediate identity verification by a TSA officer. Passengers who do not wish to participate in facial…

Source…

New TSA security tech raises concern about the potential of misidentifying minority travelers – WPXI

/in


The future of airport security is getting more high-tech as the TSA continues testing a system that scans your face during the screening process.

The pilot program with facial recognition technology is running at several airports nationwide.

An agency official said the technology is only used at podiums manned by a TSA worker to match a passengers’ identification information “with a photo of their physical presence at that station.” The agency believes this will enhance security and cut wait times.

If the technology thinks you’re someone else, a TSA official said a security worker would manually check your ID.

“To me just invites, further law enforcement scrutiny invites further contact with authorities in ways that are not going to be helpful,” said Vincent Southerland, NYU Assistant Professor of Clinical Law.

Southerland helps run the Center on Race, Inequality, and the Law at NYU. He believes an incorrect match could be problematic for minority travelers.

“Force the person to kind of have to prove or demonstrate their identity in weird ways that they otherwise would not have and that is going to course lead to conflict,” said Southerland. “And conflict often does not end very well for folks who have been traditionally marginalized, oppressed and targeted by law enforcement.”

It’s also happened before with facial recognition technology.

Take the case of Robert Williams – he’s a black man who the ACLU says was wrongfully arrested by Detroit Police in 2020. The organization said facial recognition software incorrectly identified him as a shoplifting suspect. The ACLU says the charges were eventually dropped.

In some cases, this software compares your image to another one or an entire database of photos.

So what happens when travelers don’t look exactly like their ID?

A 2019 federal government study by The National Institute of Standards and Technology (NIST) echoes some of those concerns. It found that Asian and African Americans were up to 100 times more likely to be misidentified than White people, depending on the algorithm and the search.

“The bigger finding from the 2019 study was that the false positive rates where somebody else could use your passport or…

Source…

New TSA security tech raises concern about the potential of misidentifying minority travelers – WHIO TV 7 and WHIO Radio

/in


WASHINGTON — The future of airport security is getting more high-tech as the TSA continues testing a system that scans your face during the screening process.

The pilot program with facial recognition technology is running at several airports nationwide.

>> Coroner IDs Dayton man killed in Monday crash

An agency official said the technology is only used at podiums manned by a TSA worker to match a passengers’ identification information “with a photo of their physical presence at that station.” The agency believes this will enhance security and cut wait times.

If the technology thinks you’re someone else, a TSA official said a security worker would manually check your ID.

“To me just invites, further law enforcement scrutiny invites further contact with authorities in ways that are not going to be helpful,” said Vincent Southerland, NYU Assistant Professor of Clinical Law.

>> UPDATE: License plate reader helps police catch Dayton homicide suspect

Southerland helps run the Center on Race, Inequality, and the Law at NYU. He believes an incorrect match could be problematic for minority travelers.

“Force the person to kind of have to prove or demonstrate their identity in weird ways that they otherwise would not have and that is going to course lead to conflict,” said Southerland. “And conflict often does not end very well for folks who have been traditionally marginalized, oppressed and targeted by law enforcement.”

It’s also happened before with facial recognition technology.

Take the case of Robert Williams – he’s a black man who the ACLU says was wrongfully arrested by Detroit Police in 2020. The organization said facial recognition software incorrectly identified him as a shoplifting suspect. The ACLU says the charges were eventually dropped.

In some cases, this software compares your image to another one or an entire database of photos.

>> UPDATE: Police searching for suspect after Huber Heights bank robbery

So what happens when travelers don’t look exactly like their ID?

A 2019 federal government study by The National Institute of Standards and Technology (NIST) echoes some of those concerns. It found that Asian and African Americans were up to 100 times more…

Source…

Hacking Forum Exposes Entire US No Fly List Of Over 1.5M Names As TSA Investigates

/in


hero hacking forum exposes us no fly list tsa investigates news
Earlier this month, a Swiss hacker who goes by the name maia arson crimew exfiltrated a copy the US government’s No Fly List from an insecure server. This list, which names individuals who are forbidden from flying anywhere within US borders, is a subset of the Terrorist Screening Database and is kept hidden from the public. However, this list is now publicly available after an unknown actor posted the version accessed by crimew to BreachForums.

Crimew originally came into possession of this list when browsing the Jenkins servers on ZoomEye, which, similar to Shodan, lets users search for servers connected to the internet. The hacker happened to come across a Jenkins server operated by the airline CommuteAir. After digging through this server for a time, crimew discovered credentials for the company’s Amazon Web Services (AWS) infrastructure. The hacker then used the credentials to connect to this infrastructure, which crimew found to contain a 2019 copy of the No Fly List, as well as a “selectee” list. This second list likely names all those who are subject to Secondary Security Screening Selection (SSSS).

In a blog post published by crimew, the hacker acknowledges that these lists are sensitive in nature before stating, “[I] believe it is in the public interest for this list to be made available to journalists and human rights organizations.” Crimew accordingly made the lists available for access upon request, requiring that applicants be journalists, researchers, or other parties with legitimate interest. The service hosting the lists, Distributed Denial of Secrets, further states that requests will probably be rejected if interested individuals don’t provide sufficient information to verify their identities and if said individuals are “hacktivist[s] that want to exploit the data” or “researcher[s] without a clear journalist or academic project.”

breach forums post tsa no fly list
BreachForums post sharing the No Fly List (click to enlarge)

Despite the apparent limitations on who can access this information, someone managed to obtain a copy of the lists and posted them for free on BreachForums. According to BleepingComputer, the No Fly List contains 1,566,062 entries and the…

Source…