[House Hearing, 110 Congress]
[From the U.S. Government Publishing Office]
ID CARDS: REISSUING BORDER CROSSING CARDS
=======================================================================
HEARING
before the
SUBCOMMITTEE ON GOVERNMENT MANAGEMENT,
ORGANIZATION, AND PROCUREMENT
of the
COMMITTEE ON OVERSIGHT
AND GOVERNMENT REFORM
HOUSE OF REPRESENTATIVES
ONE HUNDRED TENTH CONGRESS
SECOND SESSION
__________
JUNE 25, 2008
__________
Serial No. 110-152
__________
Printed for the use of the Committee on Oversight and Government Reform
Available via the World Wide Web: http://www.gpoaccess.gov/congress/
index.html
http://www.oversight.house.gov
----------
U.S. GOVERNMENT PRINTING OFFICE
48-811 PDF WASHINGTON : 2009
For sale by the Superintendent of Documents, U.S. Government Printing
Office Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800;
DC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC,
Washington, DC 20402-0001
COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM
HENRY A. WAXMAN, California, Chairman
EDOLPHUS TOWNS, New York TOM DAVIS, Virginia
PAUL E. KANJORSKI, Pennsylvania DAN BURTON, Indiana
CAROLYN B. MALONEY, New York CHRISTOPHER SHAYS, Connecticut
ELIJAH E. CUMMINGS, Maryland JOHN M. McHUGH, New York
DENNIS J. KUCINICH, Ohio JOHN L. MICA, Florida
DANNY K. DAVIS, Illinois MARK E. SOUDER, Indiana
JOHN F. TIERNEY, Massachusetts TODD RUSSELL PLATTS, Pennsylvania
WM. LACY CLAY, Missouri CHRIS CANNON, Utah
DIANE E. WATSON, California JOHN J. DUNCAN, Jr., Tennessee
STEPHEN F. LYNCH, Massachusetts MICHAEL R. TURNER, Ohio
BRIAN HIGGINS, New York DARRELL E. ISSA, California
JOHN A. YARMUTH, Kentucky KENNY MARCHANT, Texas
BRUCE L. BRALEY, Iowa LYNN A. WESTMORELAND, Georgia
ELEANOR HOLMES NORTON, District of PATRICK T. McHENRY, North Carolina
Columbia VIRGINIA FOXX, North Carolina
BETTY McCOLLUM, Minnesota BRIAN P. BILBRAY, California
JIM COOPER, Tennessee BILL SALI, Idaho
CHRIS VAN HOLLEN, Maryland JIM JORDAN, Ohio
PAUL W. HODES, New Hampshire
CHRISTOPHER S. MURPHY, Connecticut
JOHN P. SARBANES, Maryland
PETER WELCH, Vermont
------ ------
Phil Barnett, Staff Director
Earley Green, Chief Clerk
Lawrence Halloran, Minority Staff Director
Subcommittee on Government Management, Organization, and Procurement
EDOLPHUS TOWNS, New York, Chairman
PAUL E. KANJORSKI, Pennsylvania BRIAN P. BILBRAY, California
CHRISTOPHER S. MURPHY, Connecticut TODD RUSSELL PLATTS, Pennsylvania,
PETER WELCH, Vermont JOHN J. DUNCAN, Jr., Tennessee
CAROLYN B. MALONEY, New York
Michael McCarthy, Staff Director
C O N T E N T S
----------
Page
Hearing held on June 25, 2008.................................... 1
Statement of:
Edson, Tony, Acting Principal Deputy Assistant Secretary for
Consular Affairs, U.S. Department of State; Colleen M.
Manaher, Director, Western Hemisphere Travel Initiative,
Customs and Border Protection, U.S. Department of Homeland
Security; and Jess T. Ford, Director, International Affairs
and Trade, Government Accountability Office................ 7
Edson, Tony.............................................. 7
Ford, Jess T............................................. 27
Manaher, Colleen M....................................... 19
Fuller, Aaron, president, Computer Sciences Corp., Inc.,
Enforcement Security and Intelligence Division; Rick
Patrick, senior vice president for Federal programs, L-1
Identity Solutions, Inc.; and William T. Alsbrooks, former
group vice president, Information Systems Credential
Technology Group, General Dynamics......................... 76
Alsbrooks, William T..................................... 90
Fuller, Aaron............................................ 76
Patrick, Rick............................................ 82
Letters, statements, etc., submitted for the record by:
Alsbrooks, William T., former group vice president,
Information Systems Credential Technology Group, General
Dynamics, prepared statement of............................ 97
Edson, Tony, Acting Principal Deputy Assistant Secretary for
Consular Affairs, U.S. Department of State, prepared
statement of............................................... 9
Ford, Jess T., Director, International Affairs and Trade,
Government Accountability Office, prepared statement of.... 29
Fuller, Aaron, president, Computer Sciences Corp., Inc.,
Enforcement Security and Intelligence Division:
Followup questions and responses......................... 94
Prepared statement of.................................... 79
Manaher, Colleen M., Director, Western Hemisphere Travel
Initiative, Customs and Border Protection, U.S. Department
of Homeland Security, prepared statement of................ 21
Patrick, Rick, senior vice president for Federal programs, L-
1 Identity Solutions, Inc., prepared statement of.......... 84
Towns, Hon. Elophus, a Representative in Congress from the
State of New York:
Followup questions and responses.........................58, 69
Prepared statement of.................................... 3
ID CARDS: REISSUING BORDER CROSSING CARDS
----------
WEDNESDAY, JUNE 25, 2008
House of Representatives,
Subcommittee on Government Management,
Organization, and Procurement,
Committee on Oversight and Government Reform,
Washington, DC.
The subcommittee met, pursuant to notice, at 2:30 p.m., in
room 2154, Rayburn House Office Building, Hon. Edolphus Towns
(chairman of the subcommittee) presiding.
Present: Representatives Towns, Bilbray, Duncan, and
Platts.
Staff present: Michael McCarthy, staff director; William
Jusino, professional staff member; Kwane Drabo, clerk; John
Brosnan, minority senior procurement counsel; Charles Phillips,
minority counsel; and Todd Greenwood, minority professional
staff member.
Mr. Towns. The subcommittee will come to order. Let me
begin by first apologizing for our lateness, but we have to
vote around here. And, of course, we had some votes going on,
and that is what delayed us here.
Welcome to today's oversight hearing on the border crossing
cards. Today we are examining an issue critical to the safety
of our borders and to national security. Each year, the State
Department issues millions of border crossing cards to Mexican
nationals living near the U.S. border. These cards are visa
documents that allow short-term travel across the border for
business and tourism.
Now, visa documents like these allow valuable cultural and
economic exchange. We want these documents to be processed and
used as the efficiently as possible so that this exchange
happens smoothly. As millions of border crossing cards expire
between now and 2012, replacing them will put tremendous
pressure on our consular office in Mexico. The State Department
will have a lot of work to do to minimize the delays in coming
years.
Two years ago, the full committee held a hearing on delays
in visa processing. In some countries, applicants had to wait
more than 5 months to get an interview. We have heard from many
people across this land in terms of these delays and how to
deal with the damage to cultural and economic exchange.
Last summer, the State Department had a backlog of several
months in processing U.S. passport applications, which also
hurt tourism and commerce. So, it is with this recent history
in mind that we ask: what is being done to make sure this type
of backlog does not occur again in Mexico? However, we still
have to make certain, make sure we strike the right balance
between security and openness and ensure that these documents
are not abused by anyone who wants to harm you.
This hearing will continue the subcommittee's review of
identification card programs in the Federal Government. I will
let the State Department's witness go into detail about their
plan. But I would like to mention one part of it now.
State has contracted with Computer Sciences Corporation for
a pilot program to speed up the application process in Mexico.
It will do this by moving the data collection step, including
the application, and fingerprint collection, to privately run
offices, instead of U.S. consulates. I think we should take a
hard look at whether this type of outsourcing will maintain
security and government control of visa issuance.
I look forward to hearing these concerns addressed today.
We will also hear today about the new security technology
that the State Department and the Department of Homeland
Security are using in the border crossing card. They have
assured us that the new card is much more secure than the
version it is replacing, but some critics have said that it is
not. I'm glad that we will have an opportunity today to hear
more about the new card from security experts.
I would like to thank the ranking member, Congressman
Bilbray from California, for his work on this issue. He has
been working on it for quite some time. I know it's very
important to his community in San Diego. We also agree that the
safety of our borders and the openness of our travel policies
are important issues. That is why I'm glad we worked together
on this hearing today, so we can make sure that we are doing
all we can to protect ourselves while also allowing full
opportunities for cultural and economic exchange.
I now yield to my colleague from California for his opening
statement.
[The prepared statement of Hon. Elophus Towns follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Bilbray. Thank you, Mr. Chairman.
Mr. Chairman, as you referred to, obviously my district and
the region of San Diego is very interested in this technology.
San Diego-Tijuana happens to be the largest port of entry in
the world. Just as we get news reports here about the commute
up 95 or down the Baltimore-Washington Parkway, in San Diego
you get the report of how long the wait is at the border every
morning--people coming in and people going south later in the
afternoon. That is just part of our life that border crossing
is not just a luxury; it's an essential part of our community.
But, Mr. Chairman, let me just say, I am proud to serve
with you as the ranking member, and I want to say this to the
people testifying and listening here. This town right now is
full of a lot of Democrats looking to get Republicans and
Republicans looking to get Democrats. And, the priority of
partisanship takes precedence over so many other things. And, I
am so proud to serve with the chairman on a subcommittee that
truly has abandoned that concept.
You do not see a Democrat or a Republican sitting up here
today. You see Americans looking to defend our community and
our Nation as Americans. And, I am so proud to be able to be on
a committee, that is so rare in today's world in Washington,
and that is the ability to serve the Nation first and keep
partisanship out of the process as much as possible.
Mr. Chairman, as the 9/11 Commission final report said, for
terrorists, travel documents are as important as a weapon. So
as we get to testimony today, I want you to know that this
ranking member is looking at the fact that our responsibility
as a subcommittee is to make sure that just as important as it
is to make sure that terrorists don't get weapons of mass
destruction, that terrorists don't figure out how to kill our
soldiers in Humvees or in vehicles, just as important as making
sure terrorists can't get on airplanes to kill another 3,000
Americans, it is just as important that we make sure that we
deny terrorists documents, that they can use as weapons against
the American people.
And it's not as sexy, and it's not going to be on the front
page, and it's not going to be on the evening news, because you
don't have the visuals that you have with what is going on
overseas. But, this is just as much a part of our national
defense and our No. 1 responsibility as a Federal Government as
all of those things.
I hope that we can now take the same attitude and same
urgency and the same commitment to quality and safety with
armoring our borders from terrorist attacks and illegal
crossings as we would to armoring our Humvees.
And so, with that, I just want to let the witnesses know
ahead of time, you're not facing a separated panel in front of
you, of a Democrat and a Republican. You're facing a united
committee of Americans, who want to make sure we get to the
right answer, as quickly as possible because nothing short of
the defense of our neighborhoods are at stake here.
Thank you, Mr. Chairman. I yield back.
Mr. Towns. Thank you very much and let me thank the
gentleman for his kind words. Thank you for that as well.
Let us now turn to the panel. It is a longstanding policy
of this committee that we swear in all of our witnesses, so if
you would be kind enough to stand at this time and raise your
right hand.
[Witnesses sworn.]
Mr. Towns. You may be seated. Let the record reflect that
the witnesses answered in the affirmative.
Let me begin with you, Mr. Tony Edson, the Acting Principal
Deputy Assistant Secretary of Consular Affairs with the State
Department.
He has a great deal of experience with visa issuance.
We want to welcome you here, and we will begin with you and
then come down the line. Thank you.
STATEMENTS OF TONY EDSON, ACTING PRINCIPAL DEPUTY ASSISTANT
SECRETARY FOR CONSULAR AFFAIRS, U.S. DEPARTMENT OF STATE;
COLLEEN M. MANAHER, DIRECTOR, WESTERN HEMISPHERE TRAVEL
INITIATIVE, CUSTOMS AND BORDER PROTECTION, U.S. DEPARTMENT OF
HOMELAND SECURITY; AND JESS T. FORD, DIRECTOR, INTERNATIONAL
AFFAIRS AND TRADE, GOVERNMENT ACCOUNTABILITY OFFICE
STATEMENT OF TONY EDSON
Mr. Edson. Chairman Towns, Ranking Member Bilbray and
distinguished Members, thank you for the opportunity to discuss
what the Department of State is doing to meet the increased
workload from the border crossing renewal program in Mission
Mexico. The challenging task facing us is clear. Millions of
border crossing cards first issued in April 1998 begin expiring
this year.
Between 2008 and 2012, more than 5 million border crossing
cards will expire. By 2012, the workload in Mexico for visas
and border crossing cards resulting from normal demand and the
BCC renewal program could exceed 3 million cases. To meet this
temporary and cyclical surge demand, we have developed a three-
point strategy: to implement new staffing programs, increase
infrastructure to accommodate larger numbers of visa
interviews, and to leverage technology to gain efficiencies and
reinforce integrity in the adjudication process.
To supplement our consular work force in Mexico during the
surge period, we have developed a framework for a flexible and
temporary work force of consular adjudicators, selected from a
highly qualified pools of applicants. This flexible work force
will include assigning retired Foreign Service officers for
discrete periods of time, in addition to participants of two
new programs, professional adjudication specialists and roving
adjudication specialists. Both of these new programs will hire
qualified adjudicators who have successfully completed all
consular officer training and have the language competency and
other prerequisites.
We have also developed a facilities strategy that will
increase space available for BCC adjudication as well as
demands for passport and nationality services affected by the
Western Hemisphere Travel Initiative rule. Consulate General
Monterrey will serve as a consular hub by accommodating
overflow demand from our consulates in Matamoros and Nuevo
Laredo. To accommodate this increase in Monterrey, the
Department is currently expanding interview window capacity
from 10 to 26 windows by the end of this year to perform an
estimated 700,000 interviews per year.
We will also open a new, large conflict compound in Ciudad
Juarez in September 2008 and a new consulate compound in
Tijuana, to be completed in 2010 in ample time for the BCC
surge there, which according to our projection should peak in
2011.
Innovations in technology enhance our staffing and
infrastructure approaches as well as enhance efficiency and
security. As you mentioned, we're piloting a new concept of
visa processing, offsite data collection, ODC, in Monterrey and
Nuevo Laredo whereby a contractor collects the biometric
information from the applicants. The consular officer then
confirms that biometric information during the interview
process.
By moving nongovernmental visa processing functions to an
offsite contractor, consular personnel can better focus on
critical governmental activities such as the security and
integrity of the visa process.
In its July 2007 report, ``Security of New Passports and
Visas Enhanced, But More Needs to Be Done to Prevent Their
Fraudulent Use,'' the GAO recommended that the Department
reassess security features and redesign travel documents on a
regular basis. The advent of the BCC renewal program has
offered the Department just such an opportunity to redesign the
next generation of BCCs.
Later this fall, we will begin replacing the current border
crossing card with this new generation and much-improved card
design. The Department believes that the physical security of
the card itself is paramount. In designing both the passport
and border crossing cards, we reviewed a wide range of
available security features and consulted with the interagency
community and especially with the Department of Homeland
Security, Immigration and Customs Enforcement's Forensic
Document Lab to make the card as secure and durable as
possible. As a result of this collaboration, the card's design
includes multiple layers of covert, overt and forensic security
features which provide safeguards against tampering and
counterfeiting and which also provide easy visual and tactile
verification to our colleagues in the Customs and Border Patrol
at the ports of entry.
Let me acknowledge the cooperative relationship with the
GAO team and their current review of our plans to prepare for
the workload demand in Mexico, generated by the BCC renewal
program. We have learned a lot of from their study and we
appreciate it.
Thank you again, and I welcome your comments.
Mr. Towns. Thank you very much for your testimony.
[The prepared statement of Mr. Edson follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Towns. Ms. Manaher.
STATEMENT OF COLLEEN M. MANAHER
Ms. Manaher. Chairman Towns, Ranking Member Bilbray and
other distinguished members of the committee, I am pleased to
appear before you today to discuss the security of the border
crossing card, how it compares with previous versions of the
card and how it's integrated with other Federal identification
card programs.
The Department of Homeland Security, in partnership with
the Department of State, is working to secure our homeland by
strengthening our ability to accurately identify all persons,
U.S. citizens and visitors alike, before they enter the United
States. We're accomplishing this through the implementation of
secure document requirements at all ports of entry.
The Department of State has worked very closely with the
Department of Homeland Security to develop a secure, highly
tamper-resistant passport card that includes vicinity RFID
technology and facilitates real-time verification of the
document at land border ports.
The newly redesigned, Department of State-issued border
crossing card is modeled on the passport card and therefore
will have vicinity RFID capability that will contain layers of
overt, covert and forensic security features, making it as
counterfeit and tamper-resistant as the passport card.
The vicinity RFID capability will provide for the same
electronic verification of the document as the passport card,
which means verifying the document with the issuing source,
which is a significant security enhancement over physical
features alone. Our decision to adopt vicinity RFID technology
for the land border was based on the need to process legitimate
travelers as speedily as possible without impacting security.
Vicinity RFID technology affords the most benefits for the
facilitated movements of travelers, including the ability to
read a travel document in advance at the land border, to verify
identity, to pre-position information and, most importantly, to
perform watch list queries.
Our research and testing indicates this RFID technology is
able to accomplish each of these critical business
requirements. Both DHS and CBP have instituted ``best
practices'' for the collection, the protection and the use of
personal information for the Western Hemisphere Travel
Initiative. No personal identifying information is stored on
the RFID tag, and all data is stored at remote locations on
secure storage devices that only can be accessed via DHS's
secure encrypted networks. Implementation of a card-specific
tag identifier number will ensure that cloned or duplicated
RFID tags can be detected electronically and in real time at
the border.
On January 22, 2008, the Department of Homeland Security
published a privacy impact assessment for the use of vicinity
RFID technology for border crossings. In preparation for the
full implementation of the Western Hemisphere Travel
Initiative, we awarded a contract on January 10, 2008, to begin
the process of deploying vicinity RFID facilitative technology
and infrastructure to 354 vehicle primary lanes and 35 high
volume land ports of entry, which process 95 percent of all
land border travelers.
We have started the actual construction in our land border
ports, and the installation of the integrated solution will
commence shortly. However, until that time, we currently have
optical character reader technology in place at air, land and
sea ports of entry. This technology reads any travel document
with a machine-readable zone, including passports, border
crossing cards, trusted traveler cards, permanent resident
cards and the new passport card.
All CBP officers are currently trained in the use of this
technology and this technology is being used right now. Our
trusted traveler programs, NEXUS, SENTRI and FAST, have a total
of 462,000 members, and we expect to more than double that
number by the end of fiscal year 2009.
This year, trusted traveler cards are being upgraded to
make them WHTI-compliant and will included additional security
features to make them more tamper-resistant.
These documents will be upgraded with vicinity RFID
technology that will allow them to be verified electronically
against secure DHS data bases.
In closing, these initiatives discussed today are only a
portion of CBP's efforts to secure our homeland, and we will
continue to provide our men and women on the front lines with
the necessary tools to help them gain effective control of our
Nation's borders.
I would like to thank Chairman Towns and Ranking Member
Bilbray for the opportunity to present this testimony today and
for your continued support of CBP. We will be happy to respond
to any questions.
Mr. Towns. Thank you very much.
[The prepared statement of Ms. Manaher follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Towns. Mr. Ford.
STATEMENT OF JESS T. FORD
Mr. Ford. Thank you, Mr. Chairman, members of the
subcommittee. I am pleased to be here today to discuss GAO's
ongoing work being conducted for this subcommittee on the
Department of State's efforts to prepare for the upcoming surge
in its consular workload in Mexico. We plan to issue our final
report on this later, at the end of July.
The U.S. Mission in Mexico is the State Department's
largest consular operation in the world. In fiscal year 2007,
it processed about 1.5 million nonimmigrant visas, which is
about 20 percent of the global total. Moreover, its post in
Juarez is the largest issuer of U.S. immigrant visas in the
world.
The U.S. Mission in Mexico also provides services,
including passport processing and emergency assistance, to
around 20,000 American citizens living in Mexico. This already-
significant consular workload is expected to increase
dramatically in the coming years as millions of nonimmigrant
visa border crossing cards issued in Mexico between fiscal
years 1998 and 2002 will expire and need to be renewed.
In addition, the implementation of the new travel
requirements under the Western Hemisphere Travel Initiative
will, for the first time, require U.S. citizens to carry
passports or other approved documentations when traveling
between the United States and Mexico.
The State Department must expand its consular capacity in
Mexico to keep pace with this expected surge in demand. If
State does not take the steps necessary to adequately meet this
growth in workload, travel between the two countries could be
significantly affected, resulting in inconveniences and
hardships for individual travelers and negative consequences
for the economies in both countries.
Today, I will discuss two main observations in our upcoming
report. First, I'm going to discuss State Department's
estimates for its workload in the consulates in Mexico through
the year 2012; and second, I'm going to discuss the actions
that the Department of State is taking to address this increase
in demand.
State anticipates that the Mission in Mexico will, through
its passport--excuse me, its NIV and passport workload will
double from fiscal year 2007 to 2011, which will be the peak
year of demand.
The Mission in Mexico will experience a substantial growth
in NIV workload primarily due to the need to renew all of the
border crossing cards that are expected to expire. According to
State Department forecasts, the Mission in Mexico--the demand
will more than double by the year 2011 to approximately 3
million applications. NIV demand will then begin to decline in
fiscal year 2012.
The State Department acknowledges that it is uncertain
about how many actual cardholders will renew their cards and
what the number of first-time NIV applicants will be. However,
State officials believe that the forecasts are more likely to
overestimate demand. For purposes of planning, the Department
is using a worst-case scenario in determining how many people
it will need to hire and how many windows it will have to
build.
In addition to the increase in NIV workload, the Mission in
Mexico will also face increases in passport workload due to the
implementation of the WHTI. The magnitude of the increase in
passport workload is more difficult to forecast because, unlike
NIVs, there is no historical precedent. Also there is a great
deal of uncertainty as to how many U.S. citizens actually live
in Mexico or the number of citizens that are likely to apply
for a passport.
Despite these challenges in developing forecasts, the State
Department has created some initial estimates of workload
increases caused by these increases in demand. In anticipation
of this demand, the State Department is taking several steps to
ensure that the consulates in Mexico keep pace with the
projected workload. The State Department is planning to add
several new interviewing windows at many of its posts, and it
also plans to hire as many as 100 temporary adjudicating
officers to handle the workload that is expected from the
demand.
Consular officials we met with at many of the consulates in
Mexico generally agree that their plan, if fully implemented,
should address any increases in workload demand and not result
in backlogs. However, the State Department is continuing to
revise its estimates on future workload, and we plan in our
final report to have the most current information available on
that demand.
The State Department's plan to hire temporary adjudicators
will almost double the number of officers currently in Mexico
during the surge. We identified some posts that may have some
difficulties in meeting demand because of the space that is
available from the windows. The State Department has a plan to
address this problem by having applicants move to another post,
where they have expanded the window capacity, and hopefully,
there won't be any backlogs in those posts.
Finally, the State Department has begun a pilot program
that outsources a portion of the NIV application process that
does not require the direct involvement of consular officers,
including biometric data collection at offsite facilities. The
pilot began in the spring of this year in Nuevo Laredo and in
Monterrey. Because it is new, we have not been able to assess
the potential impact of this pilot on productivity, fraud and
security.
We note that at this point the State Department has not
developed milestones for completion of the pilot nor metrics to
measure the effectiveness of the pilot.
However, in conclusion, we believe the State Department has
done a good job of estimating what the potential demand is
likely to be, and that they have a plan in place that should,
if fully implemented, address the potential for backlogs in the
future.
This concludes my oral statement. I would be happy to
answer any questions.
Mr. Towns. Thank you very much, Mr. Ford.
[The prepared statement of Mr. Ford follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Towns. Let me thank all of you for your testimony, and
let me move very quickly to you, Mr. Edson. And I would like to
start by saying the State Department plans for handling the
upcoming demand for border crossing cards seems to be a good
one, but we are still concerned about the contract with CSC.
Contracting experts say it's generally poor practice to use
a letter contract, such as the one between State and CSC,
because it does not specify price or costs. This is the type of
contract we generally associate with concession sales at our
national parks, not with anything like the important business
of collecting visa application information, and this is a very
important and very serious situation.
Why didn't you take the time to draft a formal contract
versus a letter? This seems to be very important, and I can't
figure out why you would just do a letter and not a contract.
Mr. Edson. Thank you for that question.
We actually had a preexisting arrangement with CSC in
Mexico to provide user-paid information services and to assist
in managing our appointment system, so in a sense it was a
concession during the time it was being run as a letter
contract. We have amended that contract to allow for CSC to
help with this pilot program.
Because we are interested in a full and open competition
with a regular RFP. We were concerned that we needed to know
more about this new business model, have enough detail
concerning this new business model, so we could do a regular
detailed statement of work in conjunction with a normal
contracting model. That statement of work is being worked on as
we gain more experience with the pilot and as soon as we're
satisfied that the pilot is completed and has been successful,
we plan--hopefully, by the end of the calendar year--to release
a regular RFP onto the street.
Mr. Towns. We know that the original contract for the call
center in Mexico was competed, but then it was extended to
include the work of the offsite data center pilot program.
Why wasn't a contract for this work competed?
Mr. Edson. At the time we began working on this new
technology, this new business model for us, we were concerned
that competing it would move us too far out into the BCC
renewal period. By the time we competed the pilot and then did
a full--a regular competition for the worldwide use of this
model, if and as appropriate, we thought we would be too far
into the BCC renewal period and that we ran a risk then of not
meeting the demand.
So we thought we were better off with an amendment to run a
pilot to get the information we needed for a regular
competition.
Mr. Towns. I understand that this is a pilot program, and
you may extend this model to other countries if it's
successful. Will those contracts be competed? Or will they be
letter contracts as well?
Mr. Edson. We are discussing with our acquisitions folks at
the Department of State the best contracting model to use; that
is something that still has to be determined. We would like to
have something as rigorous and fully and transparently competed
as possible.
Mr. Towns. Well, it just seems to me that for something
that is as very serious as this--I mean, that a official kind
of contract would be drawn up. I don't understand why you would
just do it by letter.
Mr. Edson. Right at this point, we're only doing that
because we extended the existing arrangement for pilot
purposes.
Mr. Towns. The State Department and Customs and Border
Protection--at this point, I'm going to yield to my colleague.
Go ahead. I yield to the gentleman from San Diego.
Mr. Bilbray. First of all, let me premise this whole
discussion based on--are all three of you aware of what's going
on along the border right now? Do you realize that 1,300 people
have been murdered along our border on the other side? Do you
comprehend why so many people are being killed and what is
happening there, where you have law enforcement officers
crossing into the United States asking for asylum?
I only bring this up to just show you the degree of threat
not only of bad guys getting across the border, but the degree
of corruption and infiltration into our own operations.
Does anybody of the three panelists know what ``silver or
lead'' means, the term ``silver or lead?''
Mr. Ford.
Mr. Ford. Yeah, I know what it means. We just issued a
report on the problem in Mexico, by the way, last said October
that basically the problem with law enforcement there is; and
the ``silver and lead'' analogy is basically: if you don't take
the payments from the drug traffickers, they're going to kill
you. So----
Mr. Bilbray. And that is the point. And I will tell you
something. I only--I just wanted to start off with that.
Just understand, this is a pressure cooker of corruption, a
threat, and I just think those of us here in Washington have no
idea how bad it is. And I will say this publicly. It's so bad
that I'm trying to get my daughter to move away from 2 miles
from the border on our U.S. side.
So that is the precedent. With 1,300 people--murdered it
basically means, You take my silver or I'm going to shoot you
or your family.
That can be a very persuasive argument, and my concern is,
as we move forward, we are not naively operating in an
environment that is Peyton-Place-By-the-Sea. This is a very
ugly world that we're confronting along the frontera.
With that, I think I can't overstate the threat of our
systems being compromised, and not just our documents, but our
entire operations. It's hard to think that corruption somehow
or that influence of ``silver or lead'' is somehow going to be
protected because of the Mexican border, especially then,
because so much of our operations even have to be done in the
foreign country where this battle is going on.
I guess, DHS, my question to you is, if you discover that
our security features have been compromised or simulated with
relative ease, are you prepared to make a significant change of
security measures to counter that threat?
Ms. Manaher. In terms of the document, sir?
Mr. Bilbray. Document and operations.
Ms. Manaher. Yes, sir. And I think it's important to note
that as we move with this radio frequency technology that we
will actually be able to go back to the issuing source. So,
right now, our officers, our land border is vehicle-based; it's
not person-based. So once we deploy to WHTI, we will move from
a vehicle-based system to a person-based, meaning we're
actually going to go back to the Department of State and pull
up that information for our officer. All queries will be done
in advance of that vehicle even approaching that officer.
Mr. Bilbray. You're talking about operations. What I'm
saying is, if the documents been compromised, if the procedure
for receiving the information and executing it and getting it
to whomever is compromised, do you have a contingency plan to
modify the operation in time to protect the American people?
In other words, if you are compromised, if the technology
you have chosen gets compromised, is there a backup plan B?
Ms. Manaher. Yes. If they could somehow--with the RFID, all
the card readers also have the machine-readable zone that can
also be used.
Mr. Bilbray. What percentage of machine-readable is going
to be available?
Ms. Manaher. Right now, almost all of the travel documents
that are issued.
Mr. Bilbray. I'm talking about ports of entry.
Ms. Manaher. We have deployed machine-readable technology
to all lanes at all land border ports of entry.
Mr. Bilbray. Every one? Tecate, all the way down?
Ms. Manaher. Yes, sir. They all have them.
Mr. Bilbray. For this technology that is available right
now?
Ms. Manaher. For the current technology on the machine-
readable zone.
Mr. Bilbray. I'm talking about the new technology.
Ms. Manaher. We are starting that now, sir, and we will
have that fully deployed with our schedule, of course, with
construction limitations by April 2009, sir.
Mr. Bilbray. So your face-recognition technology will be
available by 2009?
Ms. Manaher. Our RFID technology reader system will be
available by April 2009 at the top 39 land border ports of
entry, yes.
Mr. Bilbray. And your technology will have fingerprint and
face-recognition technology?
Ms. Manaher. It will have the facial. It will go back and
pull up the original face of the passport card to the officer--
will be our facial biometric picture.
Mr. Bilbray. Just the picture?
Ms. Manaher. That's right, sir.
If the officer feels that there is any type of imposter or
any situation going on, he could refer that off of vehicle
primary, refer that to secondary, at which time that officer
can do a full biometric query back to----
Mr. Bilbray. But that card itself does not have the finger
biometric on it?
Ms. Manaher. It does not.
Mr. Bilbray. So the facial biometric is the only biometric
you're using in this technology?
Ms. Manaher. Correct.
Mr. Bilbray. I remember in our REAL ID legislation--that,
if you want to compare this to our REAL ID legislation where--
Mr. Chairman, I remember the debate that we were talking about,
two out of three, so that there were two biometric systems to
confirm within the cards. Has that gotten lost somewhere down
in translation?
I remember specifically, there were three debates. I happen
to have worked on this during my sabbatical the voters gave me
for 5 years.
Mr. Towns. Welcome back.
Mr. Bilbray. Thank you. It's always great to have a
environmentally sensitive district that is willing to recycle
Congressmen.
But I remember it was either your finger, the face
recognition, or the retina scan. Now, that has gotten lost
somewhere down the line. Now we're just going to the face
recognition----
Ms. Manaher. I was speaking of the passport card, sir. The
border crossing card, as you know, takes a full set of
fingerprints, and those are available to us in the secondary
area for the border crossing card, for such a purpose.
Mr. Bilbray. So, in other words, what--say you want to talk
about, the confirmation of fingerprint is based on data already
on file, and the card then opens up that data file, so then you
can check?
Mr. Edson. Correct. We collect 10 prints in conjunction
with the application for a border crossing card. The first
cards, when they were originally applied for, two prints were
collected beginning of 1998, end of 1998; and then, of course,
the photos are there as well.
Mr. Bilbray. So the code goes in. So, de facto, you have
fulfilled the REAL ID standard.
I want to make sure that--one of the things we have done in
our hearings is found out that the Federal Government has not
been upgrading all our IDs to the minimum standard that we set
for the States, which is kind of hypocritical, and I, for one,
have talked to the President about that.
But now we're talking about how this card is compatible
with that. That is fine, but there are still major concerns
with this. And my biggest concern is that we have two or three,
like we require the States to have and what you're saying is,
because it's on file and this card accesses this file, that
fulfills the fingerprint biometric requirement.
Mr. Edson. Correct. And the photo is on the card itself.
Mr. Bilbray. Mr. Ford.
Mr. Ford. You know, we didn't really study this. We issued
a report last year on this issue. I think the only comment I
would make is that the potential vulnerability for the
biometric fingerprints would be that primary currently can't
access, so--but the tradeoff there is, if they started to do
that, then you would have traffic issues.
Mr. Bilbray. Talk about the ones they can't access.
Mr. Ford. Well, on primary inspection, it's my
understanding, unless it has changed from a year ago, that the
biometric fingerprinting is not--the primary inspector is not
going to have access to that.
Mr. Bilbray. Primary. That segues into secondary. He has to
make that call. I understand that--I can understand
procedurally as somebody who has crossed the border many
times--not just to go surfing down south, either.
But let's--what happens with the identification of the
biometrics, in other words, the fingerprints themselves? When
you get the biometrics, what files or what records are
available? You have--FBI files are available, right?
Mr. Edson. Correct.
Mr. Bilbray. Immigration files available?
Mr. Edson. Correct.
Mr. Bilbray. So you do not have any fire walls like local
law enforcement has. You have access to all State and Federal
biometric records there; California has had biometric
fingerprints since 1978.
Mr. Edson. We are fully integrated with DHS and with IAFIS,
the FBI's fingerprint management system for criminal records.
The fingerprints we collect are shared immediately with the
IDENT DHS system; they're all actually stored with IDENT, with
US-VISIT. A query then takes place against the immigration
records, the DHS records, our own previous visa records, which
are stored there for fingerprint purposes; and then passed
through on the FBI's IAFIS prints data base. So we're getting
all federally maintained immigration, visa and criminal----
Mr. Bilbray. What is the possibility of local law
enforcement having access to that data base? Do we have fire
walls now that----
Mr. Edson. Unless you're prepared to answer, I would have
to take the question.
It's an issue that we have been working with law
enforcement, local law enforcement, on through DHS and their
colleagues at CJIC, the Criminal Justice Information Center, in
West Virginia, the FBI operation out there for 4 years or so.
There are some technical issues. There is a lot of sharing
going on. But I just, we would have to take the question to
give you an----
Mr. Bilbray. I think you understand why the San Diego
County sheriff or the police department at El Paso would feel
it's essential for them to be able to check, if they have
fingerprints that they need to cross-check, that this be part
of the data file that they're able to access.
Ms. Manaher. I actually believe that US-VISIT has
entertained a pilot program, I believe with Los Angeles County.
But--we will take that as for a cue for US-VISIT, but I believe
they are moving in that direction.
Mr. Bilbray. Mr. Chairman.
Mr. Towns. Thank you very much. Thank you.
Let me come back to you again, Mr. Edson. The Competition
in Contracting Act and the Federal Acquisition Regulation
stipulate rules for awarding contracts. It appears that they
were not followed, because they only apply when the contractor
receives appropriated funds. In this case, CSC is providing its
services on a user-pays system in which they receive payment
for service directly from the application fees.
Does this mean that CSC has not been paid government funds
of any kind for this contract?
Mr. Edson. CSC was not paid government funds of any kind
for the preexisting arrangement, the user-pays information
services in Mexico. I am fairly certain that is still the case.
But I would have to take the question to confirm in detail
with one of our acquisition folks.
[The information referred to follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Towns. Why wouldn't we have the applicants pay the
Treasury for the services and then pay CSC from the Treasury?
Mr. Edson. That is certainly--that is a central issue as we
look at the release of a request for proposal for a broader
application of this technology and this work process. It's
exactly that question: How do we fund it? And I think that is
where we're going to end up with the money going to the
Treasury and then the Department contracting directly in a more
traditional model.
Mr. Towns. Let me just say that, you know, it's not legally
required in this case probably, but wouldn't following the
procedure in the FAR and the Competition in Contracting Act be
the best business practice to prevent criticism?
Mr. Edson. Again, I prefer to take the question. This was
about 5 or 6 years ago, and I wasn't involved in this original
award, the award with CSC for the information services in
Mexico.
Mr. Towns. I must admit that I have some concerns.
Mr. Ford, let me go to you. It appears that State is taking
steps to make sure that these visas are processed as quickly as
possible, which is a top priority. The committee looks forward
to reading a more detailed review of how well it works once
more, as time has gone by.
How reasonable are State's forecasts of the demand for
visas and passports?
Mr. Edson, how confident is State in your forecast? I just
want to sort of move along. Both.
Start with you first.
Mr. Ford. We have looked at the methodology that the State
Department is using to forecast both the NIV and the passports.
We are much more confident of the NIV forecasts, because the
primary basis for their forecasts are the outstanding border
crossing cards that are already in existence. So they have a
solid foundation of knowing how many cards are already there,
and then the rest of the projection is based on how many new
cards they believe they will need. So we are very comfortable
with the projection process for the NIV cards.
We are less comfortable with the passport estimates,
because there is no historical basis for the new passport
requirement, and so therefore there is not a very good track
record or foundation for basing the forecast.
But the reason we're a little less concerned about that is
because, when you tie that to the workload requirements for
more staff and for more facilities, the number of passports
that are likely to potentially be needed is much, much smaller
than the NIV. We're talking in the neighborhood of tens of
thousands versus an increase of at least a million and a half.
So we're not super-comfortable with the passport forecasts,
but we're not as concerned about them, whether--how accurate
they vis-a-vis the overall workload, because the total numbers
are not likely to be anywhere near the same as the border
crossing cards.
Mr. Towns. OK.
Mr. Edson.
Mr. Edson. We agree with GAO. We're not nearly as
comfortable with the passport projections.
There are a large number of American citizens living on the
Mexican side of the border, who have never had to get a
passport before to travel into the United States. Because of
that, we don't have any confidence that we know the number of
American citizens that are there. If they never asked us for a
passport or asked us for service, they have never come into
contact with us.
We have done our best to estimate, but that estimation, as
Mr. Ford mentioned, has a pretty high fudge factor. We are
submitting, based on the best available data to us and surveys
in the border community, about 40,000 passport applicants. We
are planning for about 60,000 passport applicants. We currently
have the capacity for that higher number which, as you can see,
is a 50 percent increase over our original estimate.
On the border crossing card site, though, there were 5
million cards, give or take, issued during the period when the
first border crossing cards were issued in the late 1990's, and
some percentage of that 5 million will be the surge workload as
it comes in for renewal. So we have a very definite upper end
to the estimate with that estimate.
Mr. Towns. We understand that these offsite data centers
will not be marked on the outside as being affiliated with the
United States. We understand that, applicants will require
appointments to enter the facilities. However, we all want to
make sure that these facilities are as safe as possible. It
will not be difficult for our enemies to find out where these
facilities are, and they have attacked our offices abroad in
the past.
Mr. Edson, how will these offices be kept safe? Will it be
the State Department's responsibility? Whose responsibility
will this be to protect them?
Mr. Edson. Thank you for that question.
We are talking to the contractor, and we are certainly
looking at this as one of the issues as we move forward with a
request for a proposal. We have--we believe that the facilities
are best protected at this point by anonymity, even though, as
you point out, they will be well known as part of the visa
process. That is just to be expected.
People will have appointments, they will need to go through
them to get the fingerprints collected before their interview,
but it's an issue that we're talking to our own computer people
about as we move forward on the contract.
Mr. Towns. Let me ask you, Ms. Manaher--and I would like to
get your views on it also, Mr. Ford.
Ms. Manaher. I don't really think the Department has an
opinion on the offsite application data collection.
Mr. Towns. I'm sorry?
Ms. Manaher. On the offsite data collectionsites. I would
have to take that back as a cue; I am not prepared to answer
that, sir.
[The information referred to follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Towns. OK, Mr. Ford.
Mr. Ford. Although we are not including that in our current
study, we have done some work in the past regarding our safety
and security of U.S. employees outside of the embassies.
But the Department, as a general rule, wants all of its
employees to work in safe and secure buildings. That is why
we're building all the new embassies overseas, to meet the new
security standards.
With regard to private contractors, I'm not sure what the
Department's policy on that is in terms of what types of
security should be provided. I would think, however--since this
is a pilot that could have global implications, it seems to me
that the Department really does need to take a hard look at the
security, particularly if they're going to operate these
facilities in locations where we have hostile environments.
So I think it's something that should be included as part
of the assessment that the Department makes in terms of the
determining whether this is a useful thing for the Department
to expand globally.
Mr. Towns. At this time, I yield to the ranking member.
Mr. Bilbray. Thank you.
I just have to say one thing. If we really think that the
bad guys aren't going to know where these facilities are, they
will know about it as soon as the wiring starts going in. I
just hope we're not betting on that.
But the optical strip is being maintained on the green
cards. It's on the present BCC cards. Why isn't it being
included in the new card?
Mr. Edson. Thank you for the opportunity to address that
particular issue.
When the competition was let, a wide number of cards were
proposed for testing. We were able to select from a wide
variety of security features that provide multiple or
overlapping layers of security, both overt, covert and then the
forensic. In that context, a number of things were proposed
that we believe provide a secure document.
Our experience with the optical stripe was not uniformly
positive and there were some issues with the stripe over time.
But I think, more importantly, this was 10 years later, and we
were looking at implementing a new card with a new format as a
standard. It's a standard practice for us in terms of document
security that each generation is altered to improve its
security.
Mr. Bilbray. Why doesn't the new green card have them?
Ms. Manaher. I think it's important to note that the green
card is currently going to have a CBP requirement, which is
vicinity RFID made for Customs and Border Protection. I would
have to take that back to the Department and CIS for the
requirement----
Mr. Bilbray. Is there a reason not to have both?
Ms. Manaher. For Customs and Border Protection it is no
longer an operational requirement for us for the optical memory
stripe. We found it----
Mr. Bilbray. The question is, is there a reason not to have
both?
Mr. Edson. On our card, when we looked at it, we believe
that the security features we have are adequate, are more than
adequate, that this is actually a superior product in every
way, and the old style card was easy to wash.
The optical stripe does peel over time. It scratches and it
is difficult to read. It requires a proprietary reader that
doesn't always function as advertised and was never deployed
very widely.
As we looked at other options, we thought that the options
we selected for use in the border crossing card provided us
with a better package of security features.
Mr. Bilbray. Has the optical card ever been falsified or
used--has it ever been used to produce a false document?
Mr. Edson. We have seen counterfeit optical stripes. I
don't believe that they're readable. So that----
Mr. Bilbray. So the problem is not that they're forgeable,
the problem is that they may get destroyed somewhere down the
line? Or is it that the readers are proprietary, and you don't
want to have to pay the proprietary fee?
Mr. Edson. Well, no optical stripe was presented for
testing as part of this contracting process, which I guess is
core to this particular issue. But there were--again, from our
perspective, the security features that were selected provided
such deep, overlapping security to the card that it wasn't
necessary to look at the optical stripe in addition to those
features.
Mr. Bilbray. That technology was presented, though, for a
pass card wasn't it?
Mr. Edson. For the passport card?
Mr. Bilbray. In the pass card, the optical.
Mr. Edson. The passport, it was not presented for testing
by any vendor for the passport card, no.
Mr. Bilbray. Let's get back to this secondary/primary
check.
For the last few months that I have been going through
international airports, when I have been coming in from south
of the border or outside, it looked like every window had a
finger reader on it, even the ones we were using as U.S.
citizens.
They weren't using it for U.S. citizens, but was my
observation correct that----
Ms. Manaher. Yes, sir. It's correct.
Mr. Bilbray. The booths are all manned?
Ms. Manaher. In the air and sea environment, it is in all
the primary lanes.
Mr. Bilbray. May I make a suggestion, as a frequent user,
as an American, I would like to be able to have the option to
go ahead and go use the reader system somehow like the Clear
Card is used. Because, if you go through international airports
now, the system is working so good for foreign travelers that
the backup for Americans is huge, because we're still using the
old system for Americans.
Mr. Ford.
Mr. Ford. The last time I went through, I experienced what
you're talking about.
Mr. Bilbray. Exactly, and I'm just saying that I know we
don't want to mandate this on U.S. citizens now, for political
reasons, but at least we ought to provide the option so when an
American is sitting there and seeing the foreign-born zipping
through--let me say, the praise of the foreign travelers to our
system has been great. They love it. Instead of the 30
questions and all the other stuff about where your aunt is from
or whatever, you go in, you get a positive and you move. And I
think it's a great example that technology done appropriately
can really free up the individual and avoid problems. And I
just want to make that plug that there ought to be a way for
us, like the Clear Card, to be able to access the system and
use it. Because the card, the readers are there, not being used
on the U.S. side.
But that aside, let me take you to task on that. The ports
of entry, the land ports of entry, you're proposing not to
provide that--only those that are taking the secondary. And the
issue is that it will take too long to use biometric
confirmation?
Ms. Manaher. No, sir. I just don't think the technology is
there to meet our operational requirements.
We're still in a land border environment. We have an
antiquated infrastructure. We have weather issues. We have a
family of eight. It's just----
Mr. Bilbray. I understand that. Even with the family of
eight--and again as somebody who is going through again and
again--we have the great technology now that while they're
waiting in a line in a car, we're reading their license plate,
aren't we? Long before they pull in, we have the technology,
because of the waiting process, to be able to process people in
a lot of different ways.
I will be very frank with you. I really don't think you're
being aggressive enough at looking at how to use more
technology on the land base and I think it really can help the
process. I think it can speed up the process.
The trouble is changing the operational mind-set from what
it has been since 1950 to what it can be now. And we're still
stuck in the same border shack that I saw when I was sneaking
down south to catch a couple of beers on Revolucion; and that
mind-set is still there.
And believe me, the people checking there are my friends
and neighbors. They have been my friends and neighbors my
entire life, so I know the people that are in operation there.
But I really think that there is more you can do with
technology. And secondary, as a backup, you still are asking an
officer to make a judgment call at the primary port of entry
like you have since 1950. The difference is, you may speed up
the secondary check, but you're still having a slower process,
because I don't think you're utilizing technology.
And I have seen the benefits at our airports. I really ask
you to keep an open mind in applying it to that land base.
Thank you, Mr. Chairman.
Mr. Towns. Thank you. Thank you very much, and let me just
run through this very quickly.
Ms. Manaher, there have been some who have said that the
new design for the passport card and the border crossing card
is not as safe as the older design. I'm very glad that you're
here today, because there are people on both sides of this that
I respect, you know. So maybe you can sort of straighten it out
today and tell us in terms of whether it is or isn't, because
we all want the documents to be as secure as possible. In your
opinion, is the new design for the passport card and the border
crossing card more secure than the design it is replacing?
Ms. Manaher. Yes, in my opinion it is, sir. And remember,
our primary officers have a very limited amount of time to
make, you know, really quick judgments about the admissibility
of folks entering the United States. The key to us is not so
much the actual document itself, but rather the ability to go
back to an issuing source and pull that information. So even if
you have an imposter before you, you can look and see, well,
wait a minute here, that is not the same guy who applied for
this a few years ago. That issuing source, that ability to go
out and pull back, takes away from even--makes the document
through system connectivity a far greater security feature than
an actual physical security feature for us.
Mr. Towns. Mr. Edson, this is my last question. Background
checks for the employees of the data centers, do they receive a
full check or only a name check? Could you tell me? Background
check for the----
Mr. Edson. I'll have to take the question. I'm not familiar
with that part of the contract.
Mr. Towns. Because information----
Mr. Bilbray. Anybody familiar with it? That is a big
question. That is a huge question.
Mr. Edson. They have access--we'll answer that question.
Mr. Bilbray. It might affect the efficiency of the system
if al Qaeda is issuing these cards.
Mr. Edson. These--we are talking only about--I believe we
are only talking about the employees who are checking to ensure
that the applicant completed their on-line application
completely, all the fields were completed and then took the
fingerprints. The fingerprints and the data go through a series
of security screens before they are admitted into our--on the
other side of the firewall into our systems. And then when the
applicant appears for the interview, their fingerprints are
checked on a random basis. Our system generates a random
request for the officer at the time of interview to reprint the
applicant. But at that point the check has already been done,
so the officer is just verifying that the prints that were
collected offsite match the prints on the person in front of
them at the time of interview. But that is why we believe this
is perhaps not as important as it might be, but we will
definitely answer the question.
Mr. Bilbray. Mr. Edson, how many Mexican applicants are
going to be physically interviewed? Are all the foreign
nationals being physically reinterviewed as we reissue these
cards?
Mr. Edson. Today every applicant is being physically
reinterviewed.
Mr. Bilbray. Where?
Mr. Edson. In the consulate sections in Mexico, not in the
offsite data center. The law, the Intelligence Reform and
Terrorism Prevention Act, in December 2004, provided the
Department of State with the authority to waive interviews in a
very limited number of cases for applicants applying for
renewal of a visa in the same category within 12 months of
expiration. We intend to use that capability if there are no
other fraud indicators, but all these people who are renewing
with the 10 prints collected offsite--the prints will be
matched against the two index prints collected at the time
their original border crossing card was processed. There still
has been a biometric confirmation through U.S. controlled data
before we would ever entertain the idea of----
Mr. Bilbray. From the old file?
Mr. Edson. Correct, correct.
Mr. Bilbray. Sorry, Mr. Chairman.
Mr. Edson. Their biographic data would have to match. If
there is a change in their name or something, we'll call them
in.
Mr. Towns. Let me--why wouldn't the card be more secure if
it included the optical stripe in addition to the other
features? Wouldn't the card be more secure?
Mr. Edson. The card--I can't answer the question simply yes
or no. The card as put together has a number of security
features that security experts, including the forensic document
lab at ICE, the Secret Service, the International Reproduction
Resource Center that is run by a consortium of central banks,
including our own Federal Reserve Board, Sandia Labs--I mean,
number of experts in documents tested these documents as part
of the competition and we believe that we have a more secure
document now than we had with the older card.
Mr. Towns. Let me go at it another way. Well, why wouldn't
you include more security features rather than fewer,
especially if they don't conflict with each other?
Mr. Edson. At a certain point--I'm not positive. I don't
know if we could have fit the optical stripe on this card. At a
certain point, though, the number of features, the nature of
those features, there are unprecedented--the Kinegram, for
example, the hologram that is on the face of this card--if I
could perhaps, I could share copies of the card to look at. The
Kinegram is a mixture of transparent metallic features that is
not used anywhere else in the industry. We've integrated into
several layers of the card material. It is not actually pock
stamped on top as is usually the case. So that it overlaps with
the photo and with the biographic data. The photo and the
biographic data are laser engraved. So once again they go
through several layers of the card material.
This card has been produced in such a way that altering any
of that actually destroys the card. Yes, it could be peeled
apart, but then there would be nothing left. Any card--I showed
you the BCCs we have now can be peeled apart, but then there
would be nothing left of the card, because of the way it is put
together. And we believe we have the best product for the need
right now in this card.
Mr. Bilbray. You don't believe that somebody with a hot
knife might be able to have the technique to remove that
physically?
Mr. Edson. They couldn't. The card would be useless if they
did. I mean, they could split the card into polycarbonate
layers perhaps, but there would be nothing left to do anything
with.
Mr. Towns. Well, let me thank all of you for your
testimony, of course, and I still feel we have a lot of work to
do. I really, really do. I think that, you know, we are a long
ways from being there, and, of course, we have to continue to
do that. And we are going to be here. We're not going to go
away. I just need to just let you know that, of course, so you
can continue to work with us. And we want to be helpful where
we can as well.
So thank you so much for your testimony.
Mr. Bilbray. Mr. Chairman, I want to thank the panelists,
too. And let me just say, look, we are going to be working on
this, implementing it in the next 6 months, but we're going to
be implementing it over the next couple of years. So it is
going to transcend administrations. And I would just ask that
you recognize that we have major concerns and we want to work
with you to make this happen. And I just have to tell you, the
concern we have is about why not use some of this. If it costs
a little more--just understand this as being like the Kevlar
vests that are protecting the neighborhoods instead of
soldiers. You don't want to have to answer to your right,
doggone it, if we just put a little more in, one more layer,
that could have saved the community's life and then we could
have stopped a breach.
So this thing is really scary. Sometimes I don't know how
to emphasize how important the work you are doing. So that is
why, please, both our offices are available to work with you,
to dialog with you and ask you some tough questions. We want to
make you uncomfortable so that you do the best job you're
capable of doing so you can be--make sure that your
grandchildren are safe.
Thank you.
Mr. Towns. Thank you very much. Thank you. Panel No. II,
please come forward. Before you sit, just continue to stand and
we'll swear you in. Then we won't have to get back up. Waiting
on Mr. Alsbrooks.
[Witnesses sworn.]
Mr. Towns. Let me begin with you, Mr. Fuller. Mr. Aaron
Fuller, the President of the Computer Science Corporation
Enforcement Security and Intelligence Division. Welcome. We
begin with you.
STATEMENTS OF AARON FULLER, PRESIDENT, COMPUTER SCIENCES CORP.,
INC., ENFORCEMENT SECURITY AND INTELLIGENCE DIVISION; RICK
PATRICK, SENIOR VICE PRESIDENT FOR FEDERAL PROGRAMS, L-1
IDENTITY SOLUTIONS, INC.; AND WILLIAM T. ALSBROOKS, FORMER
GROUP VICE PRESIDENT, INFORMATION SYSTEMS CREDENTIAL TECHNOLOGY
GROUP, GENERAL DYNAMICS
STATEMENT OF AARON FULLER
Mr. Fuller. Thank you. Mr. Chairman, Ranking Member
Bilbray, and members of the subcommittee. Thank you for your
invitation to testify at today's hearing. I am Aaron Fuller,
President of CSC's Enforcement Security and Intelligence
Division. I'd like to say just a few words about CSC followed
by an overview of the contractual efforts performed by my
organization that may be of interest to you today.
CSC is a leading global consulting systems integration and
management services company with approximately 90,000 employees
headquartered in Falls Church, Virginia, with reported revenues
of $16.5 billion for the 12 months ended March 28, 2008. I'm
President of CSC's Enforcement Security and Intelligence
Division, and my clients include Department of State and other
U.S. Government agencies.
We have two contracts with the Department of State in
support of the Bureau of Consular Affairs. The initial CSC
contracts for user paid visa services were competitively
awarded in 2000 by GSA for the Department of State, and from
the inception of these initial contracts, CSC has delivered
visa information services and appointment scheduling support to
40 U.S. missions around the world.
CSC's work in Nuevo Laredo and Monterey is a 1-year effort
under one of the contracts with a period of performance from
January 2008 to January 2009. Our Applicant Service Centers
[ASCs], in these two locations in Mexico are paid for by the
applicants for nonimmigrant visas, not with congressionally
appropriated funds. A proof of concept facility was opened in
Nuevo Laredo on March 24, 2008 to service up to 65,000
applicants per year as required by our contract, and a pilot
facility was opened in Monterey on April 18, 2008 to service up
to 250,000 applicants per year, also as required by the
contract.
I'd now like to quickly step through the typical applicant
experience in those two facilities. A nonimmigrant visa
applicant calls our visa information service phone number or
accesses our self-service Web site to receive information about
the visa process and to schedule appointments both at an ASC
and at the local U.S. consulate. An applicant enters their
application information on an electronic form available through
a Department of State Web site.
On arrival at the ASC, there are multiple layers of
security to ensure that each applicant has a scheduled
appointment and the necessary visa application documents with
them. A CSC employee now begins the data collection process.
They retrieve the electronic record from the Department of
State using the remote data collection software provided by
State. Next the CSC employee checks the applicant's passport
number and name to see that they match what the applicant
entered online at the State Department Web site. The CSC
employee scans the applicant's Mexican passport, collects a
digital fingerprint from all 10 fingers and takes a digital
photograph of the applicant. This digitized information is now
in the applicant's electronic record in the State Department
provided software. At that point, the State Department provided
software automatically transmits the updated electronic
information via the Internet to the State Department.
The last step in the ASC process is for the applicant to
provide information to CSC's courier service for delivery of
the applicant's approved visa if a visa is approved by the U.S.
consulate. The applicant has now completed the ASC experience
in CSC's service center. The applicant's next step is to attend
their consulate appointment.
Through June 18, 2008, the Nuevo Laredo facility has
averaged 50 applicants per day. The Monterey facility has
averaged 400 applicants per day. All of our in-country staff
members have undergone a Department of State name check by the
local U.S. consulate. Employees of the ASCs are under the
supervision of an American citizen who holds a security
clearance issued by the U.S. Government.
CSC is pleased to be engaged with the Department of State
in efforts to improve the efficiency of visa processing. We
fully support the efforts of Congress and State and other
Federal agencies to oversee, plan and deliver these services.
Thank you, Mr. Chairman and committee members. I would be
pleased to answer any questions.
[The prepared statement of Mr. Fuller follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Towns. Thank you very much, Mr. Fuller.
Mr. Patrick. Push the button. Yes. Good, thank you.
STATEMENT OF RICK PATRICK
Mr. Patrick. Good afternoon, Chairman Towns, Ranking Member
Bilbray, and other distinguished members of the subcommittee.
I'm Rick Patrick, Senior Vice President of Federal Programs for
the Secure Credentialing Division of L-1. I appreciate the
opportunity to appear before you to participate in today's
important discussions. I plan on using my time to touch on a
few highlights from my written testimony.
L-1 Identity Solutions is a portfolio of companies
organized along four primary business areas, secure
credentialing, biometrics, enrollment services and intelligence
consulting. The Secure Credentialing Division focuses on
creating secure identity documents such as passports and
driver's licenses. We have designed over 2,000 card types and
integrated well over 50 security features in these ID cards. We
produce more than 35 million ID documents a year.
Most recently we have been awarded the passport card
contract after a full and open competition run by the
Department of State. In fact, we have already delivered the
first 125,000 production cards to them. In addition, our
contract calls for the production and design of the next
generation border crossing card using the same production
platform as the passport card.
To be clear, this contract is separate from the one that
CSC was awarded for visa processing. Both the passport card and
the border crossing card are aimed not only at enhancing
security, but also at facilitating commerce and expediting
passenger processing.
As set forth by the requirements of the Department of State
and DHS, the two cards contain RFID technology to meet the
operational requirements of CBP at land ports of entry.
The cards also incorporate a number of tactile and visual
security features that prevent tampering and make it easy for
an inspector to quickly ascertain its validity. Among these
features are laser engraved photo and text, rainbow printing,
color shifting ink, laser engraved tactile features, micro
printing and an embedded optical variable device. In addition,
there are many classified features we cannot describe in this
open forum. Taken together, these features make it very
difficult to counterfeit the card. As a result, these
credentials will be among the most secure in the world.
With respect to privacy, the RFID technology embedded in
the card does not carry any personal or biometric information.
The chip contains only a number which is a pointer to a record
in the government data base. Using this number, the traveler's
information is retrieved from the government's data base via a
secure connection so that the CBP officer has an opportunity to
review it before the traveler arrives at the window. The use of
the pointer number protects personal privacy, because no
information is stored on the card and the data base record can
only be accessed when the card is presented. If the card is
lost or stolen, a CBP officer would be able to determine
quickly that an imposter was using it either by comparing the
photograph pulled from the government data base or as in the
case of the border crossing card, by performing a biometric
match between the traveler's fingerprint and the one stored on
the government's data base at secondary inspection.
Finally, as an additional privacy measure, an RFID
shielding sleeve has been provided to U.S. citizens. The work
to produce the credentials is being done here in the United
States in a secured facility in Mount Pleasant, TN. The team L-
1 assembled for this project is composed of well-established
American companies. The individuals involved in the production
process are vetted through the criminal background checks. The
security materials we use to create the documents are not
readily available in the marketplace but only to government
agencies and vetted security printers.
As I conclude my testimony today, I would like to reiterate
that we at L-1 take great pride in the work that we do in our
partnership with the U.S. Government and we look forward to
continuing to be a part of this critical discussion and once
again appreciate the opportunity to appear today. I'd be happy
to answer any questions.
[The prepared statement of Mr. Patrick follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Towns. Thank you very much.
Mr. Alsbrooks.
STATEMENT OF WILLIAM T. ALSBROOKS
Mr. Alsbrooks. Chairman Towns, Ranking Member Bilbray, and
other distinguished members of the subcommittee, I thank you
for the invitation to appear before you today.
A quick background. I retired from General Dynamics
Information Technology in the fall of 2007, and today I run my
own consulting firm called Great Bear Solutions Group. In the
interest of full disclosure, I have served as a paid consultant
to both OVD Kinegram and Lasercard. For almost 20 years, I was
the Vice President in charge of the Credential Technology
Group. Since 1995, my group deployed over 40 million secure ID
cards of all types containing the most sophisticated security
features known. DHS has stated that RFID infrastructure will be
deployed to only 39 POEs. BCC cards will be used for
identification where there are other places where there are no
readers.
Given these facts, it is important to understand the
following: these cards must provide for reliable, face value
visual authentication. Features that require special readers
are of little or no value to a Tier 1 inspector. If a secure ID
card cannot be visually authenticated with an unaided eye, it
is poorly conceived and easily compromised.
Unfortunately, the BCC card that the State Department
intends to deploy will effectively lower the bar on ID card
security for this generation of cards, which I believe poses a
grave threat to our national security. The most durable, secure
and tamper resistant card available for the American public is
the card that has been developed for the permanent resident
green card. This advanced technology card incorporates all of
the security features specified for the border crossing and
passport cards, including the RFID chip.
However, it is significantly more reliable on face-value
inspection because of the inclusion of the latest state-of-the-
art laser engraved optical stripe. It contains high resolution
images, which function at a forensic level yet offer
unsurpassed visual authentication when used only with an
unaided eye.
The new card specifications for the BCC and passport cards
do include overt, covert and forensic features; however, they
rely heavily on security features most commonly associated with
currency. Most of these features require the use of specialized
tools to validate. All of these features are regularly
simulated in counterfeit currency worldwide every day.
It is the nature of the secure document business and in the
best interest of the American public that the best of breed
proprietary single source technology be utilized in secure ID
cards. Most of the technology that has been specified for the
new card is single source. The OVD Kinegram was chosen by the
State Department and separately sole sourced. The artwork is
done on proprietary software. The color changing inks are
single source. If scrambled indicia is used, it is a
proprietary technology. Any type of traceable particulate or
security threat will be proprietary and require proprietary
readers.
The optical stripe is a proprietary single source feature.
I believe that it offers a solid and unique security benefit
and should be utilized. The Department of State has bet the
whole farm on the visual security of the laser engraved
personalization and the OVD Kinegram. Laser engraving on
polycarbonate for personalization is not new technology. It is
not unique, nor is it difficult to duplicate. It is not
impossible to alter. And tactile features are not difficult to
create.
I believe that laser should be used for personalization of
these cards; however, it is not a feature that is going to stop
a counterfeiter. Laser engravers are readily available,
affordable for low volume counterfeiters and can be purchased
on eBay.
OVD Kinegram produces an extraordinary optical variable
device. It is a unique combination featuring both metalized and
transparent materials. It has horizontal and vertical movement,
color defractive light shifting and multiple images. My group
has used Kinegrams since 2002 and I recommend that Kinegram be
used on these cards. It is the best of the breed in the world.
But all that glitters is not gold, and sophisticated
holograms, both authentic and counterfeit, are now widely
manufactured and readily available worldwide. Technology to
produce holographic devices is not closely held. Unfortunately,
it is a feature that can be simulated and will not stop an
accomplished counterfeiter.
It is important to note that the Kinegram feature is not
unique. It is not unique to an individual. They are visually
all alike. Once the OVD has been compromised, a simulation can
be mass produced.
Also of great concern to me is the fact that the Kinegram
can be removed from a real card intact and reapplied to a
counterfeit. I have one here that has been removed intact, this
original Kinegram--and it can be applied to a new card. I would
be glad to show this to you. Even though the card plans to
embed the OVD under the top layer of the card, it can be
readily separated using heat and a knife or any of several
solvents, which can be purchased at local drug or hardware
stores. Again, any accomplished counterfeiter will have no
problem doing this once he gets his hand on an authentic card.
Today's state-of-the-art laser printing is actually being
done utilizing an optical stripe. This technology does
constitute a huge obstacle to counterfeiters. The new border
crossing cards should continue to include an optical stripe.
Only then can the State Department legitimately claim to be
issuing the most durable, secure and tamper resistant cards
available to the American public.
There are two distinct components to the overt features on
the new cards, common images like portraits and statues that
can be easily seen with a naked eye yet retain their integrity
under 400 power magnification. Each optical stripe is now
available in a 24-millimeter width, is uniquely personalized.
These features have been designed in close consultation with a
forensic document lab.
Mr. Towns. Mr. Alsbrooks, I hate to----
Mr. Alsbrooks. I beg your indulgence.
Mr. Towns. When we get back, I'm going to ask you some
questions. The only thing about it, we have to go vote.
Mr. Bilbray. But we'll be back specifically----
Mr. Towns. We will suspend until 4:15. We will come back.
OK? We have to go vote. They'll criticize you, you know.
[Recess.]
Mr. Towns. Let's continue. Let me begin with you, Mr.
Fuller. Now, we are trying to get a better sense of why this
contract was created the way that it was. Using a letter
contract for this deal seems very unusual. A regular contract
would have specified a sum that CSC would collect for its
services, guaranteeing a certain amount of income. I don't mean
to lecture you on how to conduct business, but wouldn't signing
a regular contract in which State specified how much it would
pay have been a safer business practice for CSC?
Mr. Fuller. Thank you for the question, Mr. Chairman. CSC
responds to a wide range of types of government contracts, has
a wide portfolio of types of contracts that we accept and this
falls into that as a normal practice.
Mr. Towns. As a normal practice?
Mr. Fuller. A wide range of government contracts and this
is one of several kinds that CSC responds to.
Mr. Towns. OK. Applicants must pay a $26 fee for the data
collection at the offsite centers. Who sets that fee?
Mr. Fuller. The fee was set by State Department.
Mr. Towns. What is the profit margin on the data
collection? Do you know?
Mr. Fuller. These are pilot programs and we don't know how
that will turn out yet. We've only been operating for 2 months
and don't know the results.
Mr. Towns. We asked Mr. Edson about this on the first
panel. L-1 announced last year that it hired Frank Moss, former
Deputy Assistant Secretary for Passport Services for State
Department as a consultant. Federal law prohibits former
Federal employees from any acts, which gives them the
appearance of making unfair use of prior government employment
and affiliations. Mr. Moss' former position with the State
Department put him in a position where he could have influence
over the awarding of this contract. Do you agree that this
could at least be perceived as a conflict of interest?
Mr. Fuller. Are you asking me, Mr. Chairman? I'm sorry.
Mr. Towns. Actually I'm going to ask you and Mr. Patrick.
I'm going to ask both of you.
Mr. Fuller. I'm familiar with any of the contracts that----
Mr. Towns. OK. All right.
Mr. Patrick. We publicly announced that we had hired Frank
Moss has a consultant. As you probably know, we are a worldwide
company interested in electronic passports around the world.
Frank Moss as the ex-director was a very----
Mr. Towns. Is your mic on? Is your mic on? Push the button.
Mr. Patrick. It is on.
Mr. Towns. Yeah. Good. Yeah, thank you.
Mr. Patrick. I'm sorry.
Frank was very experienced in the rollout of the U.S. e-
passport book program. That was one of the key reasons we hired
Frank. As the ex-director, he was a resource that followed all
the vetting and the rules and regulations as laid down by the
State Department's exit or revolving door policy. I'm not sure
of the name of it.
Mr. Towns. You know, the press release announcing the hire
says that Mr. Moss will leverage his background to develop
relationships with Federal agencies, driving identity-related
programs. What do you mean by that?
Mr. Patrick. I didn't write the press release, but I
could----
Mr. Towns. But you're familiar with it, aren't you?
Mr. Patrick. I read it before I came today. The other
agencies that have credentialing programs going on and, to list
a few, the DOD CAC card, HSPD-12, the TWIC card, passport card,
enhanced driver's license. He had significant experience. So I
believe there is a variety of Federal agencies that would look
at him as somewhat of an expert.
Mr. Towns. Yeah. What role did he play in this contract? Do
you know?
Mr. Patrick. To my knowledge, he was an advisory, helps us
understand a little bit about State Department processes, but
that was the extent of it.
Mr. Towns. As we said during the first panel, we are
concerned about the security at these offsite centers. Even if
they are guarded and unmarked offices affiliated with the U.S.
Government, they will always be potential targets for attack,
whether they are here or abroad. If the pilot is successful,
these offices may be established in other countries as well.
Will CSC be responsible for the security of the offsite data
centers?
Mr. Fuller. Thank you, Mr. Chairman, for the question. CSC
has layered security procedures that--and activities at both of
these pilot locations. I would prefer to describe those in a
closed communication. I would rather not describe what our
security processes and procedures are in open session?
Mr. Towns. I accept that. I accept that. Again, I
understand why you would not want to.
Mr. Fuller. Thank you.
Mr. Bilbray. For the record, Mr. Chairman, I think we need
to discuss about having a closed session, specifically on these
items.
Mr. Towns. Right. Without objection, we will do it. So
ordered.
Mr. Fuller, we are happy to see that there is a plan in
place to reduce delays in border crossing cards, applications.
Even with the huge expected increase in demand, we do have some
questions about the offsite data centers. Who will be training
the employees at these facilities?
Mr. Fuller. The training is conducted by CSC.
Mr. Towns. How would their training compare to the training
that the consulate employees receive and will this matter?
Mr. Fuller. I don't know the details of that comparison. I
will get that answer for you, sir.
[The information referred to follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Towns. All right. I appreciate that.
Mr. Patrick, I'm glad that you were able to testify on the
security features of the new passport cards and border crossing
cards today. The security of these documents is a high priority
for this subcommittee. There is a lot at stake with the work
your company has done on this project. However, some critics
have said that this design is not as secure as the one it is
replacing. What do you say to that?
Mr. Patrick. As a solutions provider for the Federal
Government, we go directly to the spec as written by, in this
case DOS and DHS and we would follow the spec to the letter.
Mr. Towns. Well, what--let me put it this way, then: what
in particular makes this new design more secure than the one it
is replacing? Let me try you that way.
Mr. Patrick. Sure. I believe one of the things that I refer
to in that circumstance is the RFID and the ability to point to
a data base to pull up an actual record. My understanding is,
today, there is not the ability, or very seldom is there the
ability to go back to a data base to confirm the identity of
the user. This would allow the border crossing card holder to
be vetted via the RFID pointer number to the data base.
Mr. Towns. Mr. Alsbrooks, let me get your opinion on this
as well. What advantage did the older design have over this
design?
Mr. Alsbrooks. Over the current one?
Mr. Towns. Yes.
Mr. Alsbrooks. First of all, the optical stripe did contain
the biometric and biographic information. It was written to
that card 10 times. I have one of the old cards here. The
images were etched into the stripe. It could be used for visual
authentication, but the card can also be used for retrieval of
data. It has two biometric templates usually of the forefingers
and it has one full blown WSQ fingerprint. The weakness of the
old card, in my opinion, was the dye sublimation. It was
printed in color and it was a D2T2 process that, as we talked
about earlier, with solvents you can remove that and reprint
it. What you couldn't do was alter the optical stripe. And that
remains to be true. So from the side of the optical stripe,
this is far more secure than the current design. The addition
of the laser engraved personalization, you know, completes the
protection of the card.
Mr. Chairman, when we interrupted for the vote a while ago,
I had a little bit left on my testimony. So at your
convenience, I would love to finish that.
Mr. Towns. I'd be delighted to yield and allow you to
continue at this moment.
Mr. Alsbrooks. OK. Thank you very much. At the time we had
broke, we had just talked about the fact that we had
successfully removed a real Kinegram from the card intact in a
way that it could be reapplied to another card. And then we
started--this--that by the way was done with a 60 watt bulb and
a kitchen knife.
Today's state-of-the-art laser printing is actually being
done utilizing an optical stripe. This technology does
constitute a huge obstacle to counterfeiters. The new border
crossing cards should continue to include an optical stripe.
Only then can the State Department legitimately claim that they
are using the most durable, secure and tamper resistant cards
available to the American public. Two distinct components of
the overt features of the card, common images like portraits or
statues that can be easily discerned from the unaided eye yet
retain their detail and integrity at about 400 power
magnification--the optical stripe is now available in a 24-
millimeter width and is uniquely personalized with a larger and
much clearer digital photograph and with the biographical data
of the card holder. The image is prominently burned into the
optical media with a laser into the core of the card. It can be
destroyed, but it can never be altered.
These features have been designed in close consultation
with forensic and intelligence officers from DHS' forensic
document lab and represent an enormous challenge to any level
of counterfeiter, including those State sponsored. The border
crossing card today contains a fingerprint biometric stored in
the optical stripe, which can be validated in a matter of
seconds from the card off line. The specification for the new
BCC, however, does not include a fingerprint biometric and will
instead rely on visual comparison to the digital photograph.
Visual comparison of a photo retrieved from the data base by an
inspector does not constitute the functional equivalent of a
fingerprint biometric verification.
Without question, the optical stripe is the most
demonstrably secure overt feature available for secure ID
cards. The optical stripe can easily be added to the new cards
specified for BCC and pass. If it were, inspectors would then
be able to rely on the visual authentication of the document.
The digital photo and biographical features on the face of the
card would be rendered relevant and unaltered by simply
referring to the optical media on the reverse side. It is
called a reliable flash pass.
Chairman Towns, Ranking Member Bilbray, let me close with a
word of concern. If State and DHS continue on their current
path, they will issue pass and BCC cards that are so insecure
that they will become the terrorist document of choice. They
will not leave home without it.
Thank you for your time. I will be pleased to answer any
questions.
[The prepared statement of Mr. Alsbrooks follows:]
[GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]
Mr. Towns. Thank you very much for your testimony and I
understand that--let me just ask this and then I'm going to
yield to you after this, ranking member. I understand that this
optical stripe technology has been on the current border
crossing cards for the last 10 years. And you're recommending
that it remain on the new cards?
Mr. Alsbrooks. Yes, sir.
Mr. Towns. Why?
Mr. Alsbrooks. Well, first of all, it gives unparalleled
visual authentication. That optical stripe can be destroyed,
but it can never be altered. The images and the data are burned
into the card with a 40 milliwatt semiconductor laser by
burning pits and the media is actually physically deformed. So
you can't go erase it and rewrite it. By combining that with
other security features--I'm all in favor of layering security
features so that one verifies the other. So if on the face of
the card--and I believe you have some samples up there of this.
On the face of the card, if I use the laser engraving and I
burn that into the polycarbonate into the core of the card and
then I put a Kinegram on top of that, which I then burn that
into that until I link it so I can see if it has been moved and
then--I can then reference the front to the back of the card.
And if the photos are the same, then it hasn't been tampered
with.
Now, the other thing I would do is I would put that
Kinegram on top of the card instead of putting it under the
layer. Any time you put it under the layer like this, you can
separate it and reuse it and they will never get away from
that. But if you put that on top of the card, I know it is an
abrasive issue and it is a wear issue and I know why they did
this. If you put it on the top of the card and somebody tampers
with it, you can detect it.
Mr. Towns. Thank you very much and let me yield to the
ranking member.
Mr. Bilbray. Why don't we followup on the wear and tear
problem, the breakdown of this technology. That is a legitimate
concern?
Mr. Alsbrooks. Yes, sir.
Mr. Bilbray. Mr. Patrick, would you like to have a chance
to respond?
Mr. Patrick. The card we provided was asked for by State
spec to be a 10-year card. We stand behind that 10-year
guarantee.
Mr. Bilbray. So that is the determining factor? Was just
the fact that if somebody--if this is abused, it won't last the
10 years?
Mr. Patrick. Our understanding from the State Department
was they were concerned with people putting it in their shoe,
ashtrays, that they wouldn't take care of it. They had a 5-year
option and a 10-year option. They chose the 10-year option and
we stand behind that. And that is how our contract is.
Mr. Bilbray. If there was a 5-year option, would the strips
still not qualify under your----
Mr. Patrick. I'm sorry. Could you repeat the question?
Mr. Bilbray. If it was a 5-year option, would that change
your perception of the use of the stripe?
Mr. Patrick. No.
Mr. Bilbray. Mostly because you can't guarantee it against
abuse?
Mr. Patrick. Mostly.
Mr. Bilbray. The chip is guaranteed--you're comfortable the
chip is guaranteed for 10 years?
Mr. Patrick. The entire card, the full construction, the
chip, the antenna, the polycarbonate, if it does not perform,
we stand behind it.
Mr. Bilbray. And there is no concern of the chip at all for
10 years?
Mr. Patrick. The test that was run by the State Department
at Sandia labs, plus our independent testing, tells us that we
are on solid ground with the 10-year guarantee.
Mr. Bilbray. OK. You understand my concern or our concern
with the fact that maybe the specs gave precedence to how long
the card was guaranteed and rather than how secure the card
being first priority. I mean, to equate it again to the
bulletproof vest, the best bulletproof vests have--expire much
quicker than older bulletproof vests do. But you were going to
the specs and that is a 10-year spec?
Mr. Patrick. Yes.
Mr. Bilbray. How about the replacement rate on the existing
BCCs?
Mr. Alsbrooks. Well, as I said earlier, I retired from
General Dynamic, but I was responsible for that contract for
over 10 years. We never were asked to replace a single card.
Mr. Bilbray. And how long was that card?
Mr. Alsbrooks. It was guaranteed for 10 years. Certainly
there were cards that were abused, but we never found a card
that had four corners that we could not read. And I have spent
a lot of time on the border just south of San Diego and if the
card had four corners, it would read and we always said that if
it was broken we would replace it, and we were never asked to
replace a single card.
Mr. Bilbray. Just for your record, the incorporated city of
San Diego goes all the way to the border.
Mr. Alsbrooks. Yes, sir.
Mr. Bilbray. San Ysidro is a community of San Diego.
Mr. Alsbrooks. Yes, sir.
Mr. Bilbray. We are still arguing over that occupation, but
that is another issue.
Thank you, Mr. Chairman.
Mr. Towns. Thank you. Let me thank all of you for your
testimony. We really appreciate your time and, of course, we
value the information that you have shared with us as well. So
I would like to at this time, if there is no further question,
to----
Mr. Bilbray. Let me just say--if I can close just with a
statement that was given to us from Guantanamo, and that is Abu
Zubaydah is actually quoted in one of those interrogations as
the al Qaeda's document specialist. And he stated--and I like
the way he uses the English language. It is the way I learned
it, too, but we'll talk about ``we start work in fake
passports. I was famous. I was me, myself, a big market for
fake passports. `And this is really the telling statement.' I
can send anybody to any place. It is easy. So this is my
work.''
Let us just hope, you know, we don't hear testimony like
that from the next group of al Qaedas that we capture.
Thank you very much, Mr. Chairman.
Mr. Towns. Thank you very much and, without objection, on
that note the committee stands adjourned.
[Whereupon, at 4:30 p.m., the subcommittee was adjourned.]
�