DHS moves to unify face, fingerprint and iris searches across agencies
DHS seeks a single platform to search multiple biometric types
A procurement push inside the Department of Homeland Security aims to link separate biometric systems into a unified search capability. The agency wants a backend matcher that accepts different biometric inputs and lets users run either rapid identity checks or broader investigative queries.
Documents and recent disclosures show the ambition extends beyond theory: a field biometric app called Mobile Fortify — supplied under contract by NEC — has been connected into federal matching pipelines, with Customs and Border Protection marking the tool operational in early May 2024 and Immigration and Customs Enforcement gaining access on May 20, 2025. The deployed architecture centralizes scoring inside CBP systems rather than having ICE host models locally, concentrating operational control and audit responsibility at CBP.
The design task is ambitious: disparate systems purchased over many years encode biometric measurements in incompatible ways. Converting or translating those legacy records to a common format will be necessary, and at the scale DHS contemplates — potentially billions of entries and an added commercial image pool valued at roughly $1.2 billion — even small mismatches could cascade into performance and accuracy problems.
Mobile Fortify collects facial photos, contactless fingerprint captures and images of identity documents in the field, then forwards those elements into the centralized matching pipeline. Disclosures indicate that datasets tied to Trusted Traveler programs were used in model work, though agencies have not clarified whether those records were used for training, fine-tuning or evaluation — a distinction with real legal and consent implications.
Operationally, the platform would serve multiple missions — from verifying identities at checkpoints to producing ranked candidate lists for investigators — and the department intends to tune match strictness by use case. That means one search may return a simple yes/no, while another produces a ranked roster of similar-looking candidates that requires human review.
Technical tradeoffs are front and center: bridging formats or reprocessing old templates will consume time and funds and can alter matching behaviour. At the projected scale — potentially billions of entries and frequent updates if commercial image pools are used — small efficiency losses multiply into heavy compute and storage demands and make error attribution (capture vs. model vs. vendor metadata) more difficult.
Governance gaps are evident in the disclosures. Although both CBP and ICE classify some uses as high-impact, mandated AI impact assessments for Mobile Fortify appear to have been performed after deployment, and monitoring protocols are incomplete or under development. Coupling field-collected biometrics and third-party image datasets transfers significant provenance and labeling responsibilities outside traditional federal chains of custody, complicating oversight and redress.
The procurement package also gestures at expanding modalities: face and fingerprint matching are primary, iris scans are included, and a placeholder for voiceprints appears in the paperwork though collection and governance details are missing. How voice data would be gathered and queried is not defined.
Several enforcement components are explicitly named as targets for linkage; the shared capability would be used for watchlisting, detention, and removal operations as well as investigative work. Those downstream actions raise oversight and legal questions that extend beyond engineering and are amplified when third-party datasets and retroactive assessments are involved.
Practical rollout will likely require either wholesale reformatting of historical templates, algorithmic reprocessing, or translation layers that map one vendor’s outputs to another’s inputs — each option affects latency and error rates in different ways. Vendors that supply large image pools could see increased demand but would also assume heightened reputational and contractual risk if provenance or collection practices conflict with law or policy.
In short: DHS is centralizing biometric search capability across many offices, and recent operational links between field apps, centralized CBP matching, and commercial image sources sharpen the technical, governance and civil‑liberties risks while creating a single point where audit, accountability and legal exposure converge.
- Agencies targeted: Customs and Border Protection, Immigration and Customs Enforcement, Transportation Security Administration, US Citizenship and Immigration Services, the Secret Service, and DHS headquarters.
- Modalities requested: facial images, fingerprints, iris data, with voiceprint noted as a future add.
- Primary uses: identity verification, investigative candidate ranking, and support for enforcement actions.
- Noted deployments and vendors: Mobile Fortify (field app) connected into CBP matching; NEC identified as a contracted vendor; CBP centralized scoring and ICE access date noted.
- Data provenance concern: linkage to a commercial image repository (reported value ~$1.2B) and use of Trusted Traveler datasets for model work raise consent, provenance and oversight questions.
Read Our Expert Analysis
Create an account or login for free to unlock our expert analysis and key takeaways for this development.
By continuing, you agree to receive marketing communications and our weekly newsletter. You can opt-out at any time.
Recommended for you
US DHS facial-recognition app taps $1.2B commercial image repository
New disclosures show DHS has linked its field biometric app to a commercially assembled image repository valued at roughly $1.2 billion, expanding the pool of searchable faces while shifting provenance and governance to private vendors. The records name the field tool (Mobile Fortify) and vendor (NEC), reveal CBP-centered matching architecture and retroactive AI impact assessments, and raise fresh legal, accuracy and oversight concerns.
DHS Repurposes Federal Agencies to Expand ICE Enforcement
The administration redirected broad federal capacity into immigration enforcement — roughly $80B routed to the department portfolio and about $45B directed to ICE — while OMB and agency guidance rewrote grant and program rules to condition funding, compel data-sharing and push PHAs to re-verify residents. Complementary disclosures show parallel expansions in ICE’s physical footprint (150+ leased sites), a rapid 287(g) enrollment (about 1,412 active agreements), and an enforcement tempo tied to roughly 4,000 recent detentions and some 18,000 habeas filings, producing mounting legal, procurement and security risks.
Department of Homeland Security Seeks Access to Child-Support Database
The Department of Homeland Security has requested permission to query the Federal Parent Locator Service , which includes the National Directory of New Hires , raising legal, programmatic and trust risks. The request arrives amid a broad administrative push that has centralized enforcement funding and procurement and that has already connected field biometric tools to large commercial image repositories, compounding governance and attribution concerns.
Palantir Secures $1B DHS Purchase Agreement, Expands Federal Sales Pathway
The Department of Homeland Security set up a five-year vehicle allowing agencies to buy up to $1 billion in Palantir products and services without fresh competitions. The award streamlines procurement while intensifying employee dissent and civil-liberties scrutiny tied to Palantir’s immigration-enforcement work.
DHS Data Breach Exposes ICE Contracts and Multi‑Million Awards
A hacktivist collective released procurement records tied to DHS and ICE, revealing contracts with thousands of vendors and multi‑million dollar awards. Related reporting and security research suggests the disclosures extend beyond vendor files to lease lists, embedded GSA activity and exposed admin credentials, increasing operational and legal disruption risks.
Anthropic PBC Faces Government Legal Challenge Over Agency Access
The U.S. Department of Justice has filed to block federal agencies from using Anthropic PBC technology, joining a White House supply‑chain designation that has already pushed agencies and contractors to decouple Anthropic from classified workflows. The legal move, accompanied by parallel private‑party court filings and an informal six‑month exit window for some deployments, sharpens procurement requirements around telemetry, provenance and hardened hosting and raises the economic and operational stakes for vendors and program offices.
Palantir at Center of Tech Stack Powering Immigration Enforcement
Major cloud and data vendors underpin expanded immigration enforcement, exposing vendors to reputational and regulatory risk while concentrating analytical power in a few firms. Palantir, Microsoft, Amazon, and Google each hold measurable contract exposure tied to enforcement systems and workflows.
ICE Collection of Protesters' DNA Triggers Genetic-Privacy Alarm
Reports that ICE and DHS agents collected DNA swabs from demonstrators have raised urgent questions about genetic privacy and database expansion. The controversy links law enforcement practices to downstream health-data risks, potential civil liberties chill, and near-term legal and regulatory fallout.