[House Hearing, 113 Congress]
[From the U.S. Government Publishing Office]




 
    FEDERAL GOVERNMENT APPROACHES TO ISSUING BIOMETRIC IDS: PART II

=======================================================================

                                HEARING

                               before the

                 SUBCOMMITTEE ON GOVERNMENT OPERATIONS

                                 of the

                         COMMITTEE ON OVERSIGHT
                         AND GOVERNMENT REFORM

                        HOUSE OF REPRESENTATIVES

                    ONE HUNDRED THIRTEENTH CONGRESS

                             FIRST SESSION

                               __________

                             JUNE 19, 2013

                               __________

                           Serial No. 113-37

                               __________

Printed for the use of the Committee on Oversight and Government Reform


         Available via the World Wide Web: http://www.fdsys.gov
                      http://www.house.gov/reform


                  U.S. GOVERNMENT PRINTING OFFICE
81-804                    WASHINGTON : 2013
-----------------------------------------------------------------------
For sale by the Superintendent of Documents, U.S. Government Printing Office, 
http://bookstore.gpo.gov. For more information, contact the GPO Customer Contact Center, U.S. Government Printing Office. Phone 202ï¿½09512ï¿½091800, or 866ï¿½09512ï¿½091800 (toll-free). E-mail, [email protected].  


              COMMITTEE ON OVERSIGHT AND GOVERNMENT REFORM

                 DARRELL E. ISSA, California, Chairman
JOHN L. MICA, Florida                ELIJAH E. CUMMINGS, Maryland, 
MICHAEL R. TURNER, Ohio                  Ranking Minority Member
JOHN J. DUNCAN, JR., Tennessee       CAROLYN B. MALONEY, New York
PATRICK T. McHENRY, North Carolina   ELEANOR HOLMES NORTON, District of 
JIM JORDAN, Ohio                         Columbia
JASON CHAFFETZ, Utah                 JOHN F. TIERNEY, Massachusetts
TIM WALBERG, Michigan                WM. LACY CLAY, Missouri
JAMES LANKFORD, Oklahoma             STEPHEN F. LYNCH, Massachusetts
JUSTIN AMASH, Michigan               JIM COOPER, Tennessee
PAUL A. GOSAR, Arizona               GERALD E. CONNOLLY, Virginia
PATRICK MEEHAN, Pennsylvania         JACKIE SPEIER, California
SCOTT DesJARLAIS, Tennessee          MATTHEW A. CARTWRIGHT, 
TREY GOWDY, South Carolina               Pennsylvania
BLAKE FARENTHOLD, Texas              MARK POCAN, Wisconsin
DOC HASTINGS, Washington             TAMMY DUCKWORTH, Illinois
CYNTHIA M. LUMMIS, Wyoming           ROBIN L. KELLY, Illinois
ROB WOODALL, Georgia                 DANNY K. DAVIS, Illinois
THOMAS MASSIE, Kentucky              PETER WELCH, Vermont
DOUG COLLINS, Georgia                TONY CARDENAS, California
MARK MEADOWS, North Carolina         STEVEN A. HORSFORD, Nevada
KERRY L. BENTIVOLIO, Michigan        MICHELLE LUJAN GRISHAM, New Mexico
RON DeSANTIS, Florida

                   Lawrence J. Brady, Staff Director
                John D. Cuaderes, Deputy Staff Director
                    Stephen Castor, General Counsel
                       Linda A. Good, Chief Clerk
                 David Rapallo, Minority Staff Director

                 Subcommittee on Government Operations

                    JOHN L. MICA, Florida, Chairman
TIM WALBERG, Michigan                GERALD E. CONNOLLY, Virginia 
MICHAEL R. TURNER, Ohio                  Ranking Minority Member
JUSTIN AMASH, Michigan               JIM COOPER, Tennessee
THOMAS MASSIE, Kentucky              MARK POCAN, Wisconsin
MARK MEADOWS, North Carolina


                            C O N T E N T S

                              ----------                              
                                                                   Page
Hearing held on June 19, 2013....................................     1

                               WITNESSES

Mr. Charles H. Romine, Director of the Information Technology 
  Laboratory, National Institute of Standards and Technology, 
  U.S. Department of Commerce
    Oral Statement...............................................     6
    Written Statement............................................     8
Mr. Steven Martinez, Executive Assistant Director of the Science 
  and Technology Branch, Federal Bureau of Investigation, U.S. 
  Department of Justice
    Oral Statement...............................................    20
    Written Statement............................................    23
Mr. John Allen, Director of the Flight Standards Service, Federal 
  Aviation Administration
    Oral Statement...............................................    30
    Written Statement............................................    32
Ms. Colleen Manaher, Executive Director of Planning, Program 
  Analysis and Evaluation, Office of Field Operations, Customs 
  and Border Protection, U.S. Department of Homeland Security
    Oral Statement...............................................    37
    Written Statement............................................    40
Ms. Brenda Sprague, Deputy Assistant Secretary for Passport 
  Services, Bureau of Consular Affairs, U.S. Department of State
    Oral Statement...............................................    48
    Written Statement............................................    50

                                APPENDIX

Biometric IDs for Pilots and Transportation Workers: Diary of 
  Failures.......................................................    74


    FEDERAL GOVERNMENT APPROACHES TO ISSUING BIOMETRIC IDS: PART II

                              ----------                              


                        Wednesday, June 19, 2013

                   House of Representatives
             Subcommittee on Government Operations,
              Committee on Oversight and Government Reform,
    Washington, D.C.
    The subcommittee met, pursuant to call, at 9:30 a.m., in 
Room 2154, Rayburn House Office Building, Hon. John Mica 
[chairman of the subcommittee] presiding.
    Present: Representatives Mica, Meadows, Turner, Massie, 
Issa, and Connolly
    Staff Present: Alexia Ardolina, Majority Assistant Clerk; 
Molly Boyl, Majority Senior Counsel and Parliamentarian; John 
Cuaderes, Majority Deputy Staff Director; Linda Good, Majority 
Chief Clerk; Ryan M. Hambleton, Majority Professional Staff 
Member; Mitchell S. Kominsky, Majority Counsel; Mark D. Marin, 
Majority Director of Oversight; Laura L. Rush, Majority Deputy 
Chief Clerk; Scott Schmidt, Majority Deputy Director of Digital 
Strategy; Peter Warren, Majority Legislative Policy Director; 
Jaron Bourke, Minority Director of Administration; Adam 
Koshkin, Minority Research Assistant; Safiya Simmons, Minority 
Press Secretary; and Cecelia Thomas, Minority Counsel.
    Mr. Mica. Good morning. I would like to call this hearing 
to order and welcome everyone to the Subcommittee on Government 
Operations. Mr. Connolly and I appreciate your being with us.
    The topic of today's subcommittee hearing is Federal 
Government Approaches to Issuing Biometric IDs, and this is 
actually the second part. We had hoped to get everybody on one 
panel and we discussed primarily the TWIC card and its 
shortcomings at the last hearing. This hearing focuses on some 
of the other Federal agencies that are producing identification 
and credentialing, primarily for Federal workers and others in 
transportation and others who seek access to what should be 
secure areas or facilities.
    So, with that being said on our topic today, welcome our 
witnesses. We will hear from you in a minute. We will start 
today's proceedings and the order of business will be, first, 
opening statements by myself and Mr. Connolly and any other 
members that join us. I see Mr. Massie has joined us too. Our 
subcommittee will then hear from the witnesses. We will hear 
from all the witnesses and then we will take some time to do 
questions. We will wait until we have heard from all of the 
witnesses to do that.
    We have an important mission statement. I won't read the 
whole thing today, but we have a responsibility to ensure that 
the obligations to taxpayers are met; that we carefully review 
the performance of various Government programs. You have 
authorizers and you have appropriators, and they have their 
mission. Early on in our Government they created this committee 
and its predecessor to review how agencies and Government 
entities were following through with both the intent of the law 
and then the manner in which funds have been appropriated, and 
that is the purpose of the Government Oversight and Reform 
Committee, general purpose.
    Again, today, having been involved in this whole process 
since 9/11, the good Lord somehow put me in charge of aviation 
back in 2001, early in the year, and little did we know what 
would happen with 9/11 and all the aftermath of 9/11. I had the 
obligation and responsibility to put together some programs and 
try to make certain that we put in place mechanisms for the 
best security possible.
    One of the things that we looked at was credentialing and, 
of course, when we started back in 2001, after creating TSA and 
looking at some of the other needs, try to make certain that we 
had exact identifications of those who were involved in 
transportation and accessing secure facilities. We immediately 
saw the need for some standards and it was back in 2004 that 
President Bush actually issued a directive and set some 
standards, and those are still in place today, it was Homeland 
Security Presidential Directive 12, and the issuance of that 
set standards that are supposed to prevail today. 
Unfortunately, many agencies have not made significant progress 
in implementing the biometric standards.
    We are going to hear from the agency that actually sets 
those standards. I am very concerned that time and time again, 
and in previous hearings, I have been promised that the 
standards are just about to be set, just going to be a matter 
of months. In fact, maybe the staff can get me the last 
commentary.
    Now I am told that the last person that testified and told 
me that it was just a matter of months before those standards 
are set is now retiring from the Federal workforce, so probably 
the first question I will have for her replacement is when do 
you plan to retire. But, again, without those standards being 
set, sometimes the agencies who are testifying before us are 
left in the lurch without a standard set by the Federal 
Government.
    A dual biometric measure is something we have always sought 
after, and that is in the form of both fingerprints and also 
iris. If you have those two biometric measures, you can almost 
guarantee that the person with the credentialing is that 
person.
    We will hear also from, I believe, one of the witnesses 
about the ability to abuse credentialing and some of the 
problems even with using fingerprints as a sole source of 
identity.
    We looked at the TWIC program, and let me run through some 
of the programs that we have pretty quickly. I think Mr. 
Connolly may recall some of the testimony. We spent over half a 
billion dollars on a TWIC card. We have issued more than 2 
million of them. Now we are reissuing some of them. The TWIC 
card does not have full biometric dual capability; it has some 
fingerprint capability. Unfortunately, it also does not have a 
reader.
    And most recently we got a request to maybe do away with a 
requirement for readers. So we spent half a billion dollars on 
a pretty expensive ID program that could have been done at a 
fraction of the cost. It almost defies reason that we could go 
this long, not produce a card that could be used, and still 
don't have a biometric standard or incorporation of that 
capability in the TWIC card, and we are on our second set of 
issuing these expensive I call them college IDs, as any college 
kid could produce probably the same thing off of his computer.
    We have gone around and around with the FAA on a pilot's 
license. Some of you may recall that in the past, in fact, in 
law, we set a pilot's license, which used to be a little folded 
piece of paper, we set in law that it had to be durable, it had 
to have a biometric capability, and it had to have a photo of 
the pilot on it.
    Lo and behold, several years ago a pilot approached me and 
said, have you seen the new pilot's license? Where is the new 
pilot's license? And the pilot's license was durable. I have 
one of these here. It was durable. The strip was not really 
biometric capable. In fact, anything in your wallet, any credit 
card would have better capability than the biometric capability 
of the card.
    You see the front of the card up there; I have the back of 
the card. The only pilot photo on the card were Wilbur and 
Orville Wright. This is not a joke; this is what we have for a 
pilot's license. So we still don't have a credential for a 
pilot, a commercial pilot. This is what we have.
    Now, last week, when we did our hearing out in Dayton, you 
weren't there, I actually had a chance to go to the Wright 
graveyard.
    Mr. Connolly. Believe me, I wanted to be in Dayton.
    Mr. Mica. Yes. Well, I went to the Wilbur and Orville 
Wright graveyard. Their tombs are here. Both of these pilots 
are dead; I can confirm it. I have been to the site, quite 
interesting, if you ever get out to Dayton. It is in Mr. 
Turner's, who is a member of our committee, his district. But 
the only pilots on this license produced to this date are 
Wilbur and Orville Wright, certifiably dead.
    So that is the pilot's license. And when you talk to FAA, 
they say, well, DHS has to set the standards and TSA, and then 
they point to, again, the National Standards Bureau, who hasn't 
set a standard. And, again, that lady is retiring, so we will 
talk about that in a few minutes.
    We have 924,000 airport workers, all who have various forms 
of credentialing; none of it standard, none of it, again, with 
full biometric capability, maybe one or two of them may have 
incorporated. We don't even know. TSA has started a pre-check 
program and I have had an experience with that personally. I 
was able to get on, my wife was not able to get on.
    I don't want to complain about that, but I guess it is 
based on the number of miles that you have. I understand they 
have a pre-check lite, which is going to be interesting, so you 
don't have to have quite as many miles. But even if you have 
that capability, and it is encoded in your boarding pass, you 
still do not have any credentialing, and you don't know for 
certain who the person is who has the pre-checked clearance. I 
could thwart the pre-check in a nanosecond, and anyone who is 
intent on imposing a terrorist act could do the same.
    Then, again, our own personal experience, and I have to 
relay this to the committee, is my wife couldn't get in pre-
check, so they said go Global Entry. So after waiting a long 
time and paying the fee, which we did, she finally got her 
Global Entry. There are 734,000 people she has joined with 
Global Entry.
    And she got her card and proudly displayed it, but found 
out that the form to apply was not properly crafted to get the 
information needed, so her middle name, which is Evelyn, is on 
her Global card, but it doesn't match her passport, which has 
her maiden name. So, again, she has a card with fingerprints, 
with no iris, and you have conflicting documents.
    Of course, the passport, and I remember beating years ago 
with the passport folks, trying to get them onboard to have 
dual identity. They produced that without that capability. So 
we have millions of passports issued, again, without dual 
biometric capability.
    We also have NEXUS with 850,000 people; no bio. We have 
FAST; I guess it is a trucker and cargo program; 80,000, no 
bio. We have dual bio. We have three quarters of a billion air 
travelers to go through with various documents, driver's 
license and any kind of public ID, most of which, again, can be 
easily forged and used in an improper manner.
    There is a little bit of good news. The private sector has 
produced a CLEAR card. Do we have a CLEAR card? This actually 
has a biometric. Now, it doesn't have a standard. I guess TSA 
or somebody must have checked off on a CLEAR card, but it is 
not the standard set by the Federal Government or a standards 
agency, but it has a dual biometric capability.
    One of our subcommittees visited, a year or so ago, Canada, 
and since 2007 they have had, it is called RAIC, Restricted 
Area ID Card, and all of their airports and airport workers, 
personnel across Canada, 28 airports, about one-tenth of what 
we have in size, but they all have dual biometric credentialing 
and it also has different standards for entry and clearance; 
and they have had that in place since 2007.
    So that is a little bit of background. We have spent 
billions of dollars on these credentialing. I think we have 
left ourselves at risk. We don't know who is coming and going, 
whether it is passengers, airport workers, transportation 
workers, pilots. But we have spent an incredible amount of 
money and it is absolutely mind-boggling that we do not have, 
at this stage, proper credentialing or anything that even comes 
close to complying with the intent of Congress or some of the 
standards that were set back in 2004.
    So a little bit of a long introduction, but some of the 
information and background that I wanted to cover this morning.
    Mr. Connolly?
    Mr. Connolly. Thank you, Mr. Chairman, and thank you for 
your passion on this subject, which is quite evident, and it is 
important.
    You referenced our first hearing on this subject and I 
remember it quite visibly, and this is a topic that demands 
much more attention. At our previous hearing we talked about 
the failure of the TWIC program and we talked about programs 
that worked. The chairman just cited the CLEAR card in the 
private sector, but in Afghanistan and Iraq millions of 
contractors and civilian personnel have been issued ID cards 
that work; very few of the incidents of people being able to 
misuse those cards and breach security.
    If we can do it in the theater of war, why can we not 
replicate that, or at least the best elements of that, here at 
home? And the failure to do so is an ongoing source of 
distress, I hope for you and certainly for us up here.
    So I really want to have a dialogue this morning, Mr. 
Chairman, about what can we do to ramp this up and make it 
efficacious. Something that doesn't violate people's privacy or 
civil liberties but, on the other hand, protects the Country 
and is more efficient than the current systems we have of 
screening mass members of citizens and transport modes 
throughout the Country, including airports.
    So I am looking forward to your testimony and I very much 
want to hear ideas. I will say, parenthetically, the chairman 
noted that we had a witness who made assurances about deadlines 
being met and things happening. She had to know she was 
retiring. She had to know that she wouldn't be accountable 
after that hearing.
    And that is disappointing because this is about the 
Nation's security and we are all actually on the same team 
trying to get at what works and what doesn't, and, frankly, 
that kind of behavior is most disappointing, if not 
disingenuous, and I would hope it would be avoided in the 
future.
    Anyway, with that, I look forward to the testimony this 
morning and working with our colleagues in the executive branch 
to try to resolve this issue for the sake of security of the 
Country.
    Thank you, Mr. Chairman.
    Mr. Mica. Thank you, Mr. Connolly.
    All members may have seven days to submit opening 
statements for the record.
    Now we will go to our first panel. I guess we have two 
panels today. Oh, it is all one? Okay. You are the first and 
only.
    Mr. Charles Romine is the Director of Information 
Technology Laboratory with the National Institute of Standards 
and Technology; Mr. Steven Martinez is the Executive Director 
of the Science and Technology Branch with the Federal Bureau of 
Investigation; Mr. John Allen is the Director of the Flight 
Standards Service with the Federal Aviation Administration; Ms. 
Colleen Manaher is Executive Director of Planning, Program 
Analysis, and Evaluation with Customs and Border Patrol; we 
have Ms. Brenda Sprague as the Deputy Assistant Secretary for 
Passport Services in the Department of State.
    Now, part of this committee's work, or most of this 
committee's work is investigative. We do, as part of our 
procedure, swear in our witnesses, so the first thing we are 
going to do is ask you to stand, raise your right hand.
    Do you solemnly swear or affirm that the testimony you are 
about to give before this subcommittee of Congress is the whole 
truth and nothing but the truth?
    [Witnesses respond in the affirmative.]
    Mr. Mica. All of the witnesses answered, the record will 
reflect, in the affirmative.
    Well, welcome today. We are going to start with Mr. Charles 
Romine, Director of Information Technology Laboratory at the 
National Institute of Standards and Technology.
    Mr. Connolly, Mr. Romine is the replacement for Ms. Cita 
Furlani, and she testified before the House Transportation and 
Infrastructure Committee on April 14th, 2011, but by the end of 
that year, in fact, there is a question here, it says by the 
end of the year she would have the standards available, and she 
said, oh, yes, yes. Now, I guess I can't hold her in contempt 
since she is retired, but we have Mr. Romine here today to 
update the committee on not only this time was I told that 
these standards were right around the corner, but several other 
times, and we can document that.
    This will be made part of the record. Without objection, so 
ordered.
    Mr. Mica. So we will hear from you first, sir. Welcome and 
you are recognized.

                 STATEMENT OF CHARLES H. ROMINE

    Mr. Romine. Chairman Mica, Ranking Member Connolly, and 
members of the subcommittee, I am Chuck Romine, Director of the 
Information Technology Laboratory at NIST. Thank you for the 
opportunity to appear before you today to discuss the NIST role 
in standards and testing for biometrics.
    NIST has nearly five decades of experience in proving human 
identification systems. NIST responds to government and market 
requirements for biometric standards by collaborating with 
Federal agencies, academia, and industry to support development 
of biometric standards, conformance testing architectures and 
tools, research advanced biometric technologies, and develop 
metrics for standards and interoperability of electronic 
identities.
    NIST research provides state-of-the-art technology 
benchmarks and guidance to U.S. Government and industries. To 
achieve this, NIST actively participates in Federal biometric 
committees and national and international standards developing 
organizations.
    Biometric technologies can provide a means for recognizing 
individuals based on one or more physical or behavioral 
characteristics. These can be used to establish or verify 
personal identity of enrolled individuals. By statute and 
administrative policy, NIST encourages and coordinates Federal 
agency use of voluntary consensus standards and participation 
in the development of relevant standards, and promotes 
coordination between the public and private sectors in the 
development of standards and conformity assessment activities.
    NIST collaborates with industry to develop a consensus 
standard that is used around the world to facilitate 
interoperable biometric data exchange. The standard is evolving 
to support law enforcement, homeland security, forensics, and 
disaster victim identification.
    Internationally, NIST leads development of biometric 
standards that have received widespread market acceptance. Use 
of these standards is mandatory by large international 
organizations for identification and verification of travelers 
at border crossings.
    In response to Homeland Security Presidential Directive 12, 
NIST developed a standard to improve the identification and 
authentication of Federal employees and contractors for access 
to Federal facilities and IT systems. NIST is updating the 
standard and guidelines to include optional use of iris images 
for biometric authentication; use of facial images for 
issuance, re-issuance, and verification processes; and privacy-
enhancing on-card comparison.
    NIST leads the development of conformance tests for 
implementations of national and international biometric 
standards. In August of 2010, NIST released conformance tests 
designed to test implementations of finger image and finger 
minutiae biometric data interchange format specified in four 
American national standards, and in 2011 we released 
conformance tests designed to test implementations of the 
international iris image data interchange format standard.
    Understanding capabilities and improving performance of 
biometric technologies requires a robust testing 
infrastructure. For more than a decade, NIST has been 
conducting large biometric technology challenge programs to 
motivate the global biometric community to dramatically improve 
the performance and interoperability of biometric systems, 
foster standards of option and support global deployment, and 
achieve an order of magnitude that are accuracy gains.
    One example is the Iris Exchange, or IREX, testing program 
initiated at NIST in support of an expanded marketplace of 
iris-based applications based on standardized interoperable 
iris imagery. The work is conducted in support of the ISO and 
ANSI/NIST standards. The IREX III testing program evaluated 
large-scale one-to-many iris identification algorithms.
    The NSTC National Biometrics Challenge 2011 report included 
key challenges to the future applications of biometrics 
technologies, including research in the privacy and usability 
of biometrics. For privacy, NIST is collaborating to advance 
technical methods to safeguard and control the use of 
biometrics through methods such as liveness detection and 
biometric template protection.
    Usability is a priority for deploying biometric systems 
within the Federal Government. NIST was identified in a recent 
National Academies report as one of only two organizations 
addressing usability in biometric systems. NIST has applied its 
usability expertise to several studies involving biometric 
systems. As a result of one study, all of the fingerprint 
standards at U.S. ports of entry are now angled to improve the 
collection process.
    In summary, NIST has a diverse portfolio of activities 
supporting our Nation's biometric needs. With NISTs extensive 
experience and broad array of expertise, both in its 
laboratories and in collaboration with U.S. industry and with 
other Government agencies, NIST is actively pursuing the 
standards and measurement research necessary to deploy 
interoperable, secure, reliable, and usable biometric systems.
    Thank you for the opportunity to testify on NISTs 
activities in biometrics, and I would be happy to answer any 
questions that you may have.
    [Prepared statement of Mr. Romine follows:]

    [GRAPHIC] [TIFF OMITTED] T1804.001
    
    [GRAPHIC] [TIFF OMITTED] T1804.002
    
    [GRAPHIC] [TIFF OMITTED] T1804.003
    
    [GRAPHIC] [TIFF OMITTED] T1804.004
    
    [GRAPHIC] [TIFF OMITTED] T1804.005
    
    [GRAPHIC] [TIFF OMITTED] T1804.006
    
    [GRAPHIC] [TIFF OMITTED] T1804.007
    
    [GRAPHIC] [TIFF OMITTED] T1804.008
    
    [GRAPHIC] [TIFF OMITTED] T1804.009
    
    [GRAPHIC] [TIFF OMITTED] T1804.010
    
    [GRAPHIC] [TIFF OMITTED] T1804.011
    
    [GRAPHIC] [TIFF OMITTED] T1804.012
    
    Mr. Mica. We will hold the questions, as I said.
    We will turn next to Mr. Steven Martinez, Executive 
Director of the Science and Technology Branch of the FBI. 
Welcome, and you are recognized.

                  STATEMENT OF STEVEN MARTINEZ

    Mr. Martinez. Good morning, Chairman Mica, Ranking Member 
Connolly, and members of the subcommittee. I want to thank you 
for the opportunity to appear before the committee today and 
for your continued support of the men and women of the FBI.
    I am pleased to describe for you today the FBIs experience 
in using fingerprints as an effective identification biometric 
so that you may consider it in the context of the issuance of 
Government credentials.
    While the FBI has developed deep expertise in a variety of 
biometric modalities, the production of Government 
identification cards beyond our own use for physical and 
logical access control is not a primary area of direct FBI 
responsibility.
    The FBI uses fingerprints in two primary ways: in 
conducting background checks and in criminal investigations. A 
criminal history record, or rap sheet, is a catalog of 
information taken from fingerprint submissions in connection 
with arrests. All arrest data, including a criminal history 
summary, is obtained from fingerprint submissions, disposition 
reports, and other information submitted by agencies having 
criminal justice responsibilities. The FBI also maintains a 
civil file of fingerprints tied to biographical data collected 
and submitted in matters of Federal employment, naturalization, 
or military service.
    Fingerprints recovered from evidence found at crime scenes 
are processed through our Latent Print Operations Unit, or 
LPOU, located at the FBI Laboratory in Quantico, Virginia. 
These latent prints of unknown individuals are examined and 
used to assist in criminal investigations.
    The LPOU also uses fingerprints to assist in the 
identification of victims from natural disasters and mass 
fatalities. Such events include Hurricane Katrina, the Thailand 
tsunami, the Oklahoma City bombing, and the attack on the USS 
Cole, and, most recently, the 9/11 terrorist attacks and, of 
course, it will be applied in the attacks in Boston.
    Originally, fingerprint identification and matching were 
performed manually by trained fingerprint examiners in a 
laboratory. Today, through the use of computer technology, the 
practice has evolved into a highly automated and reliable 
process. For most of the past 14 years, more than 18,000 local, 
State, tribal, Federal, and international partners have been 
electronically submitting requests to the FBIs legacy 
Integrated Automated Fingerprint Identification System, or 
IAFIS housed and maintained by the FBIs Criminal Justice 
Information Services Division.
    But with advances in technology, changing customer 
requirements, and the growing demand for IAFIS services, the 
FBI was compelled to create the next Generation Identification 
Program, or NGI, as we call it. With NGI, the FBI is 
dramatically improving all of the major features of IAFIS, 
including system flexibility, storage capacity, accuracy and 
timeliness of responses, and interoperability with other 
systems such as the biometric matching systems of the 
Department of Homeland Security and the Department of Defense.
    NGI is being developed and deployed incrementally. The 
initial increment included the launch of the NGI Advanced 
Fingerprint Identification Technology, or AFIT, in February 
2011, which replaced less capable technology within IAFIS. This 
enhancement provided increased processing capacity for sequence 
checking and image comparison. It improved search accuracy, 
provided a new validation algorithm for image quality, and it 
improved flat print screening.
    NGIs system accuracy is currently measured at 99.6 percent. 
Prior to IAFIS, the FBI reported false matches to contributors 
at a rate of approximately 1 of every 50 million searches. 
There have been no known false matches since IAFIS went online, 
with nearly one-half billion fingerprint checks conducted.
    NGIs second increment, the Repository for Individuals of 
Special Concern, or RISC, was completed in August of 2011. RISC 
enables mobile access to law enforcement officers nationwide 
through handheld devices that capture and submit fingerprints 
of high interest individuals and search them against the 
repository of wanted criminals, terrorists, and sex offenders.
    As part of the third NGI increment, new capabilities in 
relation to latent and palm prints, rapid DHS response, and 
full infrastructure were completed and rolled out in May of 
this year. U.S. Customs and Border Protection officials at some 
ports of entry now have access to 10-second search of the 
system's full criminal master file of biometric-based criminal 
history information.
    The fourth increment on schedule for delivery in June 2014 
will complete the new system's functionality and will add two 
new services: Rap Back and the Interstate Photo System. The Rap 
Back Service will provide an ongoing status notification of any 
change in criminal history reported to the FBI after an 
individual's initial criminal history check and enrollment of 
their fingerprints in our files.
    The final increments of NGI will include an effort to 
provide identification-based iris image checking, scheduled for 
pilot deployment in 2013, with a focus on technology 
refreshment as well.
    Since automation through IAFIS, and now NGI, the FBI has 
processed more than 456 million fingerprint submissions. The 
current reject rate on these submissions is 3.77 percent, with 
most rejections being due to poor image quality or an 
inadequate accompanying documentation.
    Strict quality control over the data enrolled in NGI, in 
concert with state-of-the-art automation, is key to the 
system's accuracy and speed. The FBI has long been a leader in 
the development and use of biometrics, with much emphasis on 
fingerprint technology. While fingerprints may be considered 
the most common and widely biometric modality, the FBI is 
actively evaluating emerging modalities, researching their 
accuracy, reliability, and potential suitability for the use in 
the lawful or constitutional performance of our mission.
    This concludes my remarks, Chairman Mica, Ranking Member 
Connolly. I thank you for this opportunity to discuss the FBI's 
fingerprint and biometric programs, and I would be pleased to 
answer any questions you might have.
    [Prepared statement of Mr. Martinez follows:]

    [GRAPHIC] [TIFF OMITTED] T1804.013
    
    [GRAPHIC] [TIFF OMITTED] T1804.014
    
    [GRAPHIC] [TIFF OMITTED] T1804.015
    
    [GRAPHIC] [TIFF OMITTED] T1804.016
    
    [GRAPHIC] [TIFF OMITTED] T1804.017
    
    [GRAPHIC] [TIFF OMITTED] T1804.018
    
    [GRAPHIC] [TIFF OMITTED] T1804.019
    
    Mr. Mica. Thank you. As we said, we will hear from all the 
witnesses.
    We will hear from John Allen, who is the Director of Flight 
Standards Service with FAA next. You are recognized. Welcome.

                    STATEMENT OF JOHN ALLEN

    Mr. Allen. Good morning, Chairman Mica and Ranking Member 
Mr. Connolly. Thank you for the opportunity to appear before 
you today on the issue of incorporating biometric data into 
pilot certificates.
    The FAA has responsibility for issuing 23 different types 
of airman certificates. In addition to pilot certificates, 
these include certificates for mechanics, dispatchers, 
parachute riggers, and air traffic controllers. The agency also 
issues certificates for flight attendants. There are 
approximately 837,000 active pilot certificate holders.
    Historically, the primary function of these pilot 
certificates was simply to document that its holder meets the 
aeronautical knowledge and experience standards established for 
both the certificate level and any associated ratings.
    Although pilot certificates have not been intended for 
identification verification purposes, the FAA has a long 
history of responding to law enforcement interest in enhancing 
airman certificates. Pursuant to the Drug Enforcement 
Administration Act of 1988, for example, the FAA began the 
process of phasing out paper certificates and replacing them 
with security-enhanced plastic.
    Since April 2010, all pilots have been required to have the 
new plastic certificates, and holders of the remaining airman 
certificate types, such as mechanics and dispatchers, were 
required to have these plastic certificates by March 31st, 
2013. These plastic certificates include tamper-and 
counterfeit-resistant features such as micro printing, a 
hologram, and a UV-sensitive layer.
    Additionally, the FAA has taken other steps to meet law 
enforcement concerns. Since 2002, the FAA has required pilots 
to carry a valid Government issue photo ID, as well as a pilot 
certificate, in order to exercise the privileges associated 
with the certificate. This allows an FAA inspector or a fixed-
based operator that rents airplanes to confirm both the 
individual's identity and his or her pilot credentials.
    In 2004, Congress directed the FAA to develop tamper-
resistant pilot certificates that include a photograph of the 
pilot and are capable of accommodating a digital photograph, a 
biometric identifier, or any other unique identifier the FAA 
administrator considers necessary. I want to emphasis the FAA 
had already met some of these requirements when we began 
issuing the tamper-and counterfeit-resistant certificates in 
2003.
    To address the remaining requirements, the FAA was required 
to initiate a rulemaking. We did so in November 2010, and while 
the agency was reviewing the hundreds of comments received on 
that notice of proposed rulemaking, the FAA Modernization and 
Reform Act of 2012 became law.
    Section 321 of that Act requires that pilot certificates 
not only contain photographs, but also be smart cards that can 
accommodate iris and fingerprint biometrics, and are compliant 
with specific standards for processing through security 
checkpoints and to airport sterile areas. The FAAs NPRM did not 
contemplate these additional features.
    Because the Section 321 requirements were not within the 
scope of the previous NPRM, the agency was required to initiate 
another rulemaking in order to comply with the congressional 
directives. Currently, we are developing a notice of proposed 
rulemaking to issue smart card pilot certificates that can 
accommodate a photograph and other biometric data.
    In addition, we are analyzing the costs and benefits of 
various alternatives to meet this statutory mandate. To justify 
imposing a new cost on pilots, we must carefully consider the 
benefits of improved pilot certificates, and if pilot 
certificates with embedded biometrics are intended to permit 
airport access or increased security, we must coordinate with 
the Department of Homeland Security and TSA, who develop 
standards for airport access and security.
    Further, the FAA must coordinate our efforts with the 
National Institute of Standards and Technology, which is in the 
process of establishing standards for use of iris biometric 
data. It is essential to identify and quantify the benefits of 
biometric enhancements and work with other Federal agencies as 
we move forward. The FAA must ensure we are not duplicating 
effort or imposing an undue burden on the public. We must also 
coordinate with airlines, industry trade associations, and 
organizations representing individual pilots through the FAAs 
aviation rulemaking committee process.
    We are working hard to accomplish the goals outlined by 
Congress and we are in the final stages of preparing a report 
to Congress. We believe this report will assist Congress in 
assessing the future use and inclusion of biometric data in 
pilot certificates. We look forward to working with you and in 
collaboration with other agencies as our efforts progress.
    This concludes my prepared remarks. I will be happy to take 
questions as you wish. Thank you.
    [Prepared statement of Mr. Allen follows:]

    [GRAPHIC] [TIFF OMITTED] T1804.020
    
    [GRAPHIC] [TIFF OMITTED] T1804.021
    
    [GRAPHIC] [TIFF OMITTED] T1804.022
    
    [GRAPHIC] [TIFF OMITTED] T1804.023
    
    [GRAPHIC] [TIFF OMITTED] T1804.024
    
    Mr. Mica. We will get back to questions.
    Ms. Colleen Manaher is the Executive Director of Planning, 
Program Analysis, Evaluation with Customs and Border Patrol.
    Welcome, and you are recognized.

                  STATEMENT OF COLLEEN MANAHER

    Ms. Manaher. Good morning, Chairman Mica, Ranking Member 
Connolly, and distinguished members of the Subcommittee. Thank 
you for this opportunity to appear before you on behalf of the 
dedicated men and women of the U.S. Customs and Border 
Protection to discuss our Trusted Traveler Programs and the use 
of biometric information to enhance the security of these 
programs.
    As the unified border security agency of the United States, 
CBP is responsible for securing our Nation's borders, while 
facilitating the flow of legitimate trade and travel that is 
vital to our Nation's economy. CBP operates at more than 320 
ports of entry and processes nearly 1 million travelers every 
day as they enter the United States.
    From 2009 to 2012, the volume of international air 
travelers has increased by 12 percent and is projected to 
increase 4 to 5 percent each year for the next five years. CBP 
continues to address the security elements of its mission, 
while meeting the challenges of increasing volumes of travel in 
the land, air, and sea environments. We do this by implementing 
multiple layers of security throughout the entire supply chain 
of goods and throughout the entire transit sequence for people.
    We accomplish our mission of expediting trade and travel by 
separating the knowns from the unknowns. This risk-based 
segmentation allows us to facilitate the entry of legitimate 
trade and travel. Twenty million of these known documents have 
been issued by DHS, our partners at the Department of State, by 
four of our States, four provinces in Canada, and two U.S. 
Native American tribes. By knowing the holder of these 20 
million documents, CBP can focus its resources on travelers and 
traders that are unknown, with the goal of stopping 
illegitimate trade and travel.
    I would like to share just a bit more detailed information 
with you on DHSs flagship credentialing program, CBPs Trusted 
Traveler Program, which had been essential to our risk-based 
approach to expedite the flow of travelers into the United 
States. It provides expedited processing upon arrival for pre-
approved, low-risk participants through the use of secure and 
exclusive dedicated lanes and automated kiosks.
    Our Trusted Traveler Program issues secure documents in 
accordance with the best practices consistent with 
international standards, applies rigorous biographic and 
biometric vetting procedures, all of which increases our 
confidence in a program that provides a secure service when 
time is valuable. We simply know far more about these travelers 
than anyone else.
    CBP operates four Trusted Traveler Programs: SENTRI for our 
land border crossings along the southern border; NEXUS for our 
air, land, and marine environments along the northern border; 
FAST for low-risk commercial carriers and truckers; and Global 
Entry for our international air travelers.
    SENTRI, the Secure Electronic Network for Travelers Rapid 
Inspection Program was established in 1995 and has grown to 
include over 20 vehicle lanes at the 12 largest southern border 
crossings along the U.S.-Mexican border. SENTRI pedestrian 
crossing is also available at several locations. SENTRI members 
currently account for 14 percent of all cross-border traffic. 
Approximately 58,000 travelers a day use the SENTRI lanes.
    NEXUS is a partnership program between the United States 
and Canada, and provides for the expedited travel for air, 
land, and the marine environment along the northern border. A 
NEXUS applicant also undergoes an interview conducted by 
officers by both CBP and the Canada Border Services Agency. 
NEXUS is the only CBP Trusted Traveler Program that requires 
the collection and use of an iris scan for travelers wishing to 
use the program at Canadian pre-clearance locations.
    The Free and Secure Trade Program, FAST, is a commercial 
clearance program for known motorist shipments entering the 
United States from Canada and Mexico. FAST allows for expedited 
processing for commercial carriers to include the truck driver. 
Participation in FAST requires that every link in the supply 
chain, from manufacturer to carrier to driver to importer be 
certified under the Customs Trade Partnership Against 
Terrorism, or CTPAT, program.
    Global Entry is an expedited customs clearance program for 
pre-approved, low-risk air travelers entering the United States 
without routine CBP questioning, bypassing the regular passport 
control cues and, instead, use an automated kiosk at over 34 
designated airports, accounting for 98 percent of the arriving 
international travelers.
    Advanced technology is the critical element of the Trusted 
Traveler Programs. In the land border environment, the 
implementation of the Western Hemisphere Travel Initiative 
involves a substantial technology investment that continues to 
provide both facilitation and security benefits. Today, as a 
result of that Initiative, more than 20 million RFID-enabled 
technology documents have been issued. These documents 
represent the ultimate in security feature, as they can be 
verified electronically in real-time back to the issuing 
authority to establish identity and citizenship. They also 
reduce the average vehicle processing time by 20 percent.
    RFID technology has also increased CBPs capability to query 
national law enforcement databases, including the U.S. 
Government's terrorist watch list. Today, CBP is able to 
perform law enforcement queries for 97 percent of travelers at 
the land border, compared to only 5 percent in 2005.
    More than 1.9 million people, including 425,000 new members 
this year, have enrolled in the Trusted Traveler Program. Fees 
range from $50 to $122 for a five-year membership, which covers 
the direct cost affiliated with these programs. The time and 
resource savings for CBP are considerable. For example, as of 
May 2013, Global Entry kiosks have been used 4.6 million times.
    When that many passengers use Global Entry, it frees up the 
equivalent of 18 CBP officers to focus on other mission-
critical work. The time savings are extended to travelers as 
well. Global entry has reduced wait times for members more than 
70 percent, compared to the general process. More than 75 
percent of the travelers using Global Entry are processed in 
less than 5 minutes. In fiscal year 2012, the average NEXUS 
vehicle processing time was only 20 seconds.
    To counter the threat of terrorism, secure our borders, 
while expeditiously facilitating travel and trade, CBP relies 
on a balanced mix of professional law enforcement personnel, 
advanced technologies, and innovative programs. CBP has made 
significant progress in securing the borders through a multi-
layered approach using a variety of tools at our disposal.
    We will continue to enhance and expand our Trusted Traveler 
Program, which expedites the processing of known and low-risk 
travelers as we focus our attention on the high-risk travelers. 
We will remain vigilant and focus on building our approach to 
position CBPs greatest capability to combat the greatest risks 
that exist today.
    Chairman Mica, Ranking Member Connolly, thank you for this 
opportunity to testify about the work of CBP and our efforts. 
Thank you.
    [Prepared statement of Ms. Manaher follows:]

    [GRAPHIC] [TIFF OMITTED] T1804.025
    
    [GRAPHIC] [TIFF OMITTED] T1804.026
    
    [GRAPHIC] [TIFF OMITTED] T1804.027
    
    [GRAPHIC] [TIFF OMITTED] T1804.028
    
    [GRAPHIC] [TIFF OMITTED] T1804.029
    
    [GRAPHIC] [TIFF OMITTED] T1804.030
    
    [GRAPHIC] [TIFF OMITTED] T1804.031
    
    [GRAPHIC] [TIFF OMITTED] T1804.032
    
    Mr. Mica. Thank you.
    We will hear from our last witness on the panel, Brenda 
Sprague, Deputy Assistant Secretary for Passport Services with 
the Department of State.

                  STATEMENT OF BRENDA SPRAGUE

    Ms. Sprague. Mr. Chairman, Ranking Member Connolly, and 
distinguished members of the subcommittee, thank you for the 
opportunity to testify today about the Department of State's 
role in the U.S. ePassport and Passport Card programs.
    I think we all agree the integrity of the U.S. passport is 
essential to our national security and the protection of our 
traveling citizens. We believe that issuing secure travel 
documents to qualified citizens is a cornerstone of our 
national mandate. In pursuit of this mandate, we have spent 
years creating a physical passport with security features, a 
photo biometric, and enhanced electronics that render a U.S. 
passport virtually impossible to counterfeit.
    We are proud of this achievement and we are not resting on 
our laurels. We are well into the planning and development 
process for the next generation passport.
    Having a high quality physical document is not enough. It 
is only in conjunction with our highly trained passport 
adjudicators and fraud prevention managers that access to the 
document remains secure.
    Their attention to detail, specialized knowledge, and daily 
commitment to excellence are central to our ongoing efforts to 
ensure that only qualified U.S. citizens ever get the 
opportunity to have and use a U.S. passport.
    Passport adjudicators spend hours annually in mandated 
training to make certain their skills are up to this monumental 
task. We conduct systematic audits of our issuance to identify 
errors in adjudication. We have also built anti-fraud tools 
into the adjudication process to assist them in this endeavor.
    Passports are issued based on a review of citizenship and 
identity documents issued by Federal, State, and local 
jurisdictions. Our ability to verify the accuracy and 
authenticity of those documents is greatly enhanced by real-
time information sharing and cooperation with the issuing 
agencies.
    In the last six months, we have incorporated the FBIs NCIC 
Supervised Release files and a real time Social Security check 
into our front-end verification process. Additionally, we use 
the National Law Enforcement Telecommunications System's 
network to verify driver's licenses. We are working with State 
vital record bureaus to encourage participation in a national 
centralized database of birth and death records.
    We believe data-sharing programs like these are essential 
tools for verifying the identity and entitlement of passport 
applicants, and we continue to pursue opportunities to expand 
these efforts among Federal, State, and local agencies.
    Biometrics provide for an additional level of security to 
ensure that these documents are not fraudulently altered or 
used. Using facial recognition, all photos submitted by 
passport applicants worldwide are screened against the State 
Department's extensive database of facial images to confirm 
identity, as well as to detect fraudulent applications.
    Since 2006, the ePassport has been in the vanguard of our 
effort to improve border security. It is fully compliant with 
the recommended specifications for machine-readable travel 
documents of the International Civil Aviation Organization, 
ICAO. It has printed biographical data protected with secure 
laminate and many other security features to protect the 
integrity of the document and deter counterfeiting.
    The passport also contains an integrated circuit or chip. 
The personal data stored on the chip is identical to the data 
that is printed visually on the data page, including a digital 
photo image of the passport bearer. A unique signature is 
written to the chip, completing what we call the Public Key 
Infrastructure, PKI, process. The chip is then locked so the 
data can never be changed. The Department believes that the 
various security features, combined with the use of PKI, 
mitigates the risks associated with altering data from the book 
or chip.
    In July 2008, the Department of State began issuing 
passport cards which incorporate vicinity read RFID technology. 
These cards are designed to facilitate the frequent travel of 
U.S. citizens living in border communities. With this 
technology, CBP inspectors at U.S. land and seaports of entry 
are able to verify the traveler's identity before the traveler 
reaches the inspection station. The card has forensic security 
features to guard against tampering and counterfeiting, and to 
give CBP officers see and feel cues to verify the card.
    To have the world's most secure travel documents requires 
that we continually assess the security features and design of 
the passport and passport card for potential vulnerabilities 
and risks, and to incorporate new measures as technology 
advances.
    Thank you again for the opportunity to appear before you 
today. I am happy to answer any questions you may have.
    [Prepared statement of Ms. Sprague follows:]

    [GRAPHIC] [TIFF OMITTED] T1804.033
    
    [GRAPHIC] [TIFF OMITTED] T1804.034
    
    [GRAPHIC] [TIFF OMITTED] T1804.035
    
    [GRAPHIC] [TIFF OMITTED] T1804.036
    
    [GRAPHIC] [TIFF OMITTED] T1804.037
    
    [GRAPHIC] [TIFF OMITTED] T1804.038
    
    [GRAPHIC] [TIFF OMITTED] T1804.039
    
    [GRAPHIC] [TIFF OMITTED] T1804.040
    
    [GRAPHIC] [TIFF OMITTED] T1804.041
    
    [GRAPHIC] [TIFF OMITTED] T1804.042
    
    [GRAPHIC] [TIFF OMITTED] T1804.043
    
    Mr. Mica. Well, I thank the witnesses for their testimony 
and now we will turn to questions.
    First, Mr. Romine, welcome. I am sorry to see that your 
predecessor has retired, who testified back in April several 
years ago, what was it, 2011, that it would just be a matter of 
months. You heard that testimony. How do you respond to her 
testimony? And we swore her in, too. I think I did. Maybe I 
didn't; maybe that was the problem. Ms. Furlani said, oh, yes. 
Not one yes, but two yeses, that they would have that standard 
for biometric iris.
    Mr. Romine. Yes, sir. So thank you for the question. I know 
Ms. Furlani very well and I can guarantee she had no intent to 
deceive the subcommittee.
    Mr. Mica. But that was April 14th, 2011.
    Mr. Connolly, is today 2013? Is this June? What is the 
date?
    Mr. Connolly. June 19th.
    Mr. Mica. June 19th.
    What has happened?
    Mr. Romine. Thank you for asking.
    Mr. Mica. Your worst nightmare has come true, I am back and 
chairing a committee with broad jurisdiction.
    Mr. Romine. What I can tell you is that----
    Mr. Mica. How long? What are you going to tell us? Where is 
the iris standard?
    Mr. Romine. Well, if I can expand a little bit first on the 
testimony of Ms. Furlani. It was predicated, as she stated at 
the time, on the assumption that no major technical hurdles 
would surface.
    Mr. Mica. My God, technical hurdles? We asked for this 
after 2001, and they were working on it. This is to 2011. We 
were promised it was, I mean, at least three times in three 
different appearances, it was just around the corner. This is 
2013. When? When, when, when can we get--I don't want to harass 
the witness. Sir, please tell me when we can get this standard. 
These people can't do a damned thing unless you set the 
standard. That is what they are going to testify to when I go 
after them in a minute.
    Mr. Romine. During the public comment there were three 
major technical issues.
    Mr. Mica. Tell me the when. Is it an estimate? A month? A 
week? Two more years? When can you set a standard?
    Mr. Romine. We expect to be able to release the special 
publication immediately after the workshop that we are holding 
in early July. So on July 9th we will hold a workshop on a 
camera certification, iris camera certification. Our 
expectation is that we will be able to release the second 
edition or the second version of Special Publication 876 at 
that time, or immediately thereafter.
    Mr. Mica. So say by September 1st these agencies should 
have some standard to go by?
    Mr. Romine. At the risk of repeating the mistake of a 
predecessor in your view, I would say I am willing to agree 
that that is an appropriate release time.
    Mr. Mica. Mr. Connolly, if I die or you guys take over, do 
you pledge to follow up on this?
    Mr. Connolly. We don't want you to die, Mr. Chairman, but 
we certainly want to take over, and I do make that pledge.
    [Laughter.]
    Mr. Mica. Okay.
    Mr. Romine. We certainly want to be responsive to the 
subcommittee's concerns.
    Mr. Mica. Well, again, you just heard testimony. They are 
producing documents to which we don't have dual biometrics. The 
Canadians have had a system, I went to see it, since 2007; it 
has both. I told Mr. Connolly I went to Amsterdam; I saw they 
put the fingerprints, the iris, and they went through the 
turnstile. But it is the only way you can absolutely confirm 
the identity of that individual, according to the technology 
that is available today. Is that pretty much correct?
    Mr. Romine. I would not say that necessarily.
    Mr. Mica. But, again, unless we have some check.
    Now, Mr. Martinez, with the FBI, you do fingerprints. 
Fingerprints can be tampered, can they not, sir?
    Mr. Martinez. Yes. There are several examples of people who 
have attempted to obscure surgically alter their fingerprints.
    Mr. Mica. Okay. So we are finished with you, Mr. Martinez. 
You can go. No, just stay.
    But, again, our best bet, we were told this after 2001, was 
to have iris and fingerprint.
    Mr. Allen, welcome. FAA. And we are still producing the 
Wilbur and Orville Wright. You saw they are dead; I confirmed 
it. And now you come before me and you testify. I just about 
went out of the seat and over the podium to get you, 
restraining myself, did not contemplate the use. We put it in 
law that you would have a durable biometric with a photo of the 
pilot. Never said anything about Wilbur and Orville. I never 
put it in any law; it wasn't in the most recent 2012 law.
    But you did not contemplate. Then you came before us today 
and used the excuse of the law that redirected you to do what 
we told you in the beginning as an excuse for not performing. 
Is that right?
    Mr. Allen. Yes, Mr. Chairman.
    Mr. Mica. Oh, my God.
    Mr. Connolly. Mr. Chairman, could I just clarify what I 
just heard?
    Mr. Mica. Yes.
    Mr. Connolly. Mr. Allen, did you just testify under oath 
confirming what the chairman asserted, that you used the law to 
not comply?
    Mr. Mica. He is using it as an excuse.
    Mr. Connolly. But that was his question.
    Mr. Mica. We put it in the law because they hadn't done it 
in the beginning, and he says, well, and then he says we never 
contemplated that this could be used for an ID. What the hell 
were they going to use it for?
    Mr. Connolly. I know.
    Mr. Mica. You used it to get into the Regal theaters on 
Friday night with a senior discount?
    Mr. Connolly. Mr. Allen, I just wanted to make sure I 
understood what you said because that is what you said, and I 
want to give you the chance to either expand or clarify.
    Mr. Allen. Thank you, Mr. Connolly. What I testified to was 
that we already had a rulemaking process in place that was 
meeting specific issues from that rulemaking and we received 
another legislative requirement, and some aspects of that were 
not identified in the earlier legislation.
    So when you get into rulemaking and you got that thing 
going in process and you are addressing those issues, it wasn't 
addressing some of the things that were brought up in the 
second legislation. That is what I was saying.
    For instance, iris scan. The iris scan was not in the first 
one; it is in the second one. So, consequently, the iris scan 
was not entertained, was not being addressed in the first 
rulemaking process, so now we have iris scan we have to 
address.
    Mr. Mica. I am taking back my time.
    Biometric would include fingerprint and iris. That was in 
the original law. Where is the original law? Doesn't the 
original law that I passed say that, in fact, you would have to 
have biometric capability?
    Mr. Allen. Yes, sir, it says accommodating a digital 
photograph, a biometric identifier. And there is some debate as 
to whether it has to be an iris scan or it can be a fingerprint 
or something like that. So, therefore, that first rulemaking 
was not entertaining the iris scan.
    Mr. Mica. And then you suddenly said you couldn't 
contemplate it being used for security. Again, what were they 
going to do with it?
    Mr. Allen. Sir, as you know, and as my boss testified 
earlier, this was originally for a license.
    Mr. Mica. Well, again, I don't know how we could make it 
any clearer that we are trying to get a pilot, and you don't 
have to put the photograph on it, it could be embedded in it. 
You would be better off telling me some standards hadn't been 
set for that as an excuse.
    But I am telling you this is highly frustrating, and I 
expect, and we will haul you back in here, that we get a 
pilot's license that meets the intent of the law, that can be 
used, so a pilot who is going to the airport to get on a plane 
to fly a commercial passenger aircraft, we know who that 
individual is and we have some certainty of it, okay? We have 
been lucky so far. And now they have a known pilot program. If 
they get any more lanes at the airport of programs, there won't 
be room for the passengers. We have, at least one airport, 
probably a dozen different lanes now.
    Ms. Manaher, I just described the Global Entry experience. 
I don't mean to get personal in these hearings, but I had to 
relay my wife's experience of not qualifying for pre-check, so 
she goes to Global Entry, and then you produce a card the way 
the form is set up that requests her name, and she ends up with 
her maiden name on her passport, Ms. Sprague's passport, and 
her middle name on the Global Entry card. Is she going to be 
accepted by Sprague now?
    Ms. Manaher. [Remarks made off microphone.]
    Mr. Mica. Yes? Even though it doesn't match? Had anyone 
given any thought to having the requirement even in the form 
that the passport match the Global Entry?
    Ms. Sprague. Colleen, it is your form.
    Ms. Manaher. Sir, it is my understanding that is now fixed 
for Mrs. Mica.
    Mr. Mica. Oh, I don't care about Mrs. Mica.
    Ms. Manaher. Oh, oh.
    Mr. Mica. Don't tell her I said that.
    [Laughter.]
    Mr. Mica. I am just talking in general.
    Mr. Connolly. I move that be stricken from the record.
    [Laughter.]
    Mr. Mica. Without objection, that is stricken from the 
record.
    I am talking about, again, it is a simple thing that your 
form should, if you are producing all of these Global Entry 
documents, that they should match the passport. Basic? Can we 
look at that?
    Ms. Manaher. Yes, of course, sir.
    Mr. Mica. At least look at the form or something. And you 
are very nice people and you are here, but when you get to that 
agent that is responsible for checking the documents and they 
don't match, I have seen people in tears at TSA lines because 
their ticket doesn't match their ID exactly.
    Have you given any contemplation to incorporating an iris 
in the future, in addition to a fingerprint, on your documents?
    Ms. Manaher. Yes, sir. As you know, our NEXUS program with 
Canada we do use an iris, and I do believe that both iris and 
facial recognition----
    Mr. Mica. What standard are you using on the NEXUS for the 
iris?
    Ms. Manaher. It is the Canadian standard, sir.
    Mr. Mica. Yay. How about if we put in law that we just 
adopt the Canadian standard? They have had it since 2007. Have 
you ever known an instance in which it has been thwarted?
    Ms. Manaher. Not to my knowledge, sir.
    Mr. Mica. So others have done this.
    Is anyone familiar with the CLEAR program? We couldn't get 
CLEAR to testify; they are terrified, and I don't blame them, 
to come before a panel and actually tell us they have something 
that works. Probably they would be stricken from the Federal 
qualified vendor list.
    Mr. Connolly, I will let you go at it a little while.
    Mr. Connolly. Thank you, Mr. Chairman.
    I think the frustration being expressed here is that it has 
now been 12 years since the tragedy of 9/11 and we seem not to 
have resolved this problem. We don't have a uniform standard; 
we haven't agreed on whether the appropriate biometric 
standards. We have spent a lot of money on an ID card that 
doesn't work very well, even though there are examples within 
the United States Government of ID cards that do work.
    And even listening to all of you, if you flew in here from 
some other place and didn't really know much about the subject, 
it sounds a lot like stovepipe; well, I don't know what anyone 
else is doing, but here is what the FBI is doing.
    Ms. Manaher and Ms. Sprague, if there is a program that 
ought to be cross-fertilized, it is Global Entry and the 
passport. And yet I think they were developed separately. Is 
that correct?
    Ms. Manaher. We have a very close partnership with 
Department of State, but, yes, they were developed separately. 
But we used a similar international standard, sir.
    Mr. Connolly. And, Ms. Sprague, what is the rationale for 
developing these programs separately?
    Ms. Sprague. The passport has a different purpose than 
Global Entry. But I would note that your passport is the token 
you use to activate Global Entry when you enter the United 
States, so we are sharing that technology and that is the way 
it works. But the Global Entry card is also used for TSA pre-
check.
    Mr. Connolly. I understand. But understanding the overlap, 
when they were developed, did these two agencies cooperate in 
the development of the technology and in the statement of 
needs, in the RFP or whatever it was?
    Ms. Sprague. I don't know how formal the process was, but I 
know in anything we do with the passport we invite Customs and 
Border Protection, as well as ICE and the Government Printing 
Office and others are involved in the development of all our 
standards so that they all work. Our passports have to work 
with what CBP is doing at the borders, so that is a constant 
interchange daily that we are communicating on those standards 
and the interoperability of our documents with their systems.
    Mr. Connolly. Mr. Allen, you testified that the FAA hadn't 
foreseen the use of iris as a biometric index or standard. Why 
not? I mean, isn't this more than what the Congress explicitly 
spells out? Isn't this somewhat what the FAA thinks we need to 
protect the Country, and did that never come up and was it 
rejected? Why wasn't that included?
    Mr. Allen. Good question, Mr. Connolly. No, it wasn't 
rejected outright, it just was not mature at the time, to meet 
the requirement.
    Mr. Connolly. I am sorry. You mean the technology was not?
    Mr. Allen. Well, the iris scan technology and standards 
were mature at the time, but this was back in 2004 for that 
initial legislation, so we were looking at biometrics of the 
proven fingerprints, a picture, and going down that path, and 
then when we got this next legislation that suggested, or 
actually required, iris scanning. Now we have to change course 
and also find out what that standard is, and to accommodate 
that extra biometric into a proposed license or a proposed 
certificate.
    Mr. Connolly. The chairman pointed out that the picture on 
a pilot's license is that of Orville and Wilbur Wright. To vote 
these days I need to produce a driver's license with my picture 
on it. Not a very good picture in Virginia, I might add, but 
that is a different matter. But why wouldn't we have airline 
pilots' pictures on their own ID, rather than Orville and 
Wilbur Wright?
    Mr. Allen. We will get there. We intend to fully get there, 
but we want to make sure that you don't come back and complain 
about our program like you are complaining about the TWIC 
program. There is a foundation we have to set in here and there 
is a system behind this that we have to do smartly so that we 
don't put or exercise an undue economic burden on pilots and we 
do it smartly. We are learning a lot from the Global Entry 
program, and as of today they do have to submit a picture ID 
with their pilot's license, so there is actual verification--I 
have a Virginia driver's license as well--that picture, that 
they have----
    Mr. Connolly. Did they make you take your glasses off?
    Mr. Allen. Yes, sir, they did.
    Mr. Connolly. And you couldn't smile?
    Mr. Allen. No, I couldn't.
    Mr. Connolly. Yes, I know.
    Mr. Allen. So you do have that security right now. So we 
believe we are going at it smartly and we are working with TSA 
so we don't have stovepipe, as you suggested earlier, so that 
we don't go out shooting from the hip and doing undue harm on 
the public by requiring something that is not in concert with 
other Government agencies, so we have some standardization.
    I share your frustration as well. I have more cards, 
including a military ID card. I understand what you are saying. 
We understand the intent and we intend to meet that, but we 
have to establish a good foundation now and set the system 
behind it so that we don't have the public incur a financial 
liability that they will push back on.
    Mr. Connolly. Those are all good points. I think, however, 
you might concede that I think to the public it will come as a 
surprise to learn, 12 years after 9/11, we still don't really 
have a photo ID requirement for the license itself. I think 
that is somewhat shocking to the public.
    Mr. Allen. Yes, sir, I would agree that that would look 
shocking.
    Mr. Connolly. All your points notwithstanding, because I 
think we do want to get it right. But it has been 12 years. 
When are we going to get it right?
    Mr. Allen. Well, when we do the whole megillah. I mean, 
just put a picture on there is one thing, but to put the 
picture and biometrics and also to work with other Government 
agencies to make sure we are congruent with them, to also work 
with the public and the airlines and the pilots to help them 
understand what the systems are. And we are not even talking 
about the infrastructure out there that would be needed to put 
in place for regulating access to secure areas of the airport. 
There has to be due diligence.
    Mr. Connolly. Well, let me ask you this, Mr. Allen. Even 
before we get to the biometrics, your point is let's do it all 
at once, and that is a good point. But if I purport to be a 
pilot or if I am a pilot, as I am going through the system, am 
I ever required, actually to get on the airplane, to show 
somebody a photo ID?
    Mr. Allen. Yes, sir, you are. You are required to do that.
    Mr. Connolly. All right. So it is not like we are totally 
ignoring that.
    Mr. Allen. No, sir.
    Mr. Connolly. The fact that it is not on the pilot's 
license, per se, doesn't mean there isn't some sifting and 
sorting in terms of verification and validation.
    Mr. Allen. Yes.
    Mr. Connolly. All right.
    Mr. Romine, NIST is charged with trying to set a standard 
so we do avoid the stovepipe Mr. Allen and I were just talking 
about. Again, what one does not sense is that we, as a unified 
Government, are seized with a mission here. Now, absent some 
kind of effective biometric ID standard, you ask yourself what 
could go wrong with that, the absence of that. And we all know; 
we can all speculate on the answers to that.
    Frankly, Ms. Furlani, maybe she meant well, maybe she 
believed what she said. I am sure she did. But now she is not 
accountable. So it is easy to reassure Congress and the public, 
through its Congress, when you are on the brink of retirement 
and you won't be the one testifying next time, poor Chuck is. 
And I don't mean to suggest she did that deliberately, but I 
will say to you it is a little troubling.
    I mean, where does that end if everybody who comes here and 
testifies on behalf of a Federal agency is watching the clock 
in terms of I retire in two months, so I won't have to be back 
here and explain myself. But why, two years later, two years 
and two months later, actually what I gave assurances for did 
not happen and we are not even within sight of it happening? So 
I think that is the frustration you are hearing.
    But are we seized with a mission? And how can we provide 
guidance to Federal agencies, including your colleagues at this 
table, through a robust, rigorous process and standard setting 
by NIST on something so vital?
    Mr. Romine. So you have keyed on exactly the right point. 
First of all, I am happy to be accountable for this to this 
subcommittee. I have told my staff I only have another 23 years 
in this job. I have done two; 25 is my limit.
    Mr. Connolly. You are not going to retire on us?
    Mr. Romine. I will not retire anytime soon.
    Mr. Mica. They are only in the second decade; we can get 
him into the third.
    [Laughter.]
    Mr. Romine. But you have hit on it, which is this robust 
process that NIST manages that is a process whereby we convene 
the best technical experts, nationally and internationally. And 
during that process in the iris case we received many comments, 
but several of them were sufficiently of concern to us that we 
feared that, unless we resolved them, it would derail our 
ability to stand behind the iris standard, and those three are 
the compression of the iris image and the size of the resulting 
image, there were constraints on it, on how large it could be. 
We wanted to be sure that that would still give us sufficient 
comparability.
    The second, the community had expressed some concern about 
iris changes with age, and to avoid the potential of frequent 
re-enrollment because of iris changes as people age, we wanted 
to do the research necessary before we issued the guidelines.
    And then the third was the camera certification that I 
alluded to earlier, and not putting the Government in a 
position of having vendors come in with claims about camera 
capabilities that weren't backed up.
    Those three things were of sufficient concern to us that we 
have spent now, as you point out, a significant fraction of our 
time resolving those issues. So we have been very active in 
this space and I am pleased to report that in each case we have 
had successful resolution. We have determined that the 
compression level that we are required to adhere to for 
interoperability with some of the identity cards that Federal 
agencies are using is not an impediment.
    We have done extensive research on a very large collection 
of iris images that date as long as a decade with the same 
individuals' images over a 10-year period, and we have 
determined that change due to aging in iris is not an 
impediment. That is a recent finding from our researchers. And 
we have now put in place all of the tools that we need for 
certification of the quality of iris cameras.
    Mr. Connolly. Mr. Chairman, you have been most indulgent. 
Just two more questions, if I may.
    Mr. Mica. No, go right ahead.
    Mr. Connolly. I assume part of the process is you are 
looking at best practices, you are benchmarking with other 
entities, other countries.
    Mr. Romine. That is correct.
    Mr. Connolly. The chairman, for example, mentioned 
Amsterdam, so presumably you have looked at what they do.
    Mr. Romine. We engage with the international community 
broadly through the standards development process, yes.
    Mr. Connolly. But hopefully we are going to adopt best 
practices if we think they are best practices.
    Mr. Romine. Absolutely.
    Mr. Connolly. For example, Ms. Manaher's organization has 
already adopted the Canadian best practices because they work. 
Is that correct?
    Mr. Romine. I believe that that decision was made as a 
result of the fact that they wanted to move forward. Our 
concern is we have to do the absolute best standards 
development and coordination that we can do on behalf of the 
Federal Government in the United States.
    Mr. Connolly. I understand. But if you were to look at best 
practices and discover, I don't know, the Cote d'Ivoire 
standards are the best in the world and there is just no 
beating that based on everything we know, why not adopt it?
    Mr. Romine. That is our standards development process.
    Mr. Connolly. Okay.
    Mr. Romine. We engage the international communities.
    Mr. Connolly. And the second question is and does NIST look 
at what we are doing at Federal agencies to avoid the 
stovepiping, to avoid the duplication of effort and to make 
sure that in fact we are coordinating so that, for example, 
where Global Entry leaves off the passport begins, or vice 
versa, so that we are not creating two separate systems that 
don't really synchronize?
    Mr. Romine. Yes, in the sense that NIST, by statute and by 
administration ruling, is the agency that is charged with 
coordinating both the development and the adoption of 
standards. Those standards are generally, again, by statute and 
administration ruling, we engage the private sector. Most of 
the standards development activity in the United States, unlike 
other countries, is led by the private sector, with NIST as the 
coordinating role on behalf of the Federal Government.
    Mr. Connolly. But you are not a policeman. You don't have 
the authority to tell the State Department you are not going to 
issue that kind of passport because of X, Y, and Z.
    Mr. Romine. That is correct.
    Mr. Connolly. But can you be a clearinghouse to say--I am 
just using the State Department as an example--gee, in our 
research here is something you may want to look at; you don't 
really want to do that, upon reflection, because here are the 
problems that have occurred with that and oh, by the way, 
country X has great experience you may want to look at because 
that is a standard we are probably going to incorporate?
    Mr. Romine. We do routinely engage with Federal agencies as 
part of our role, and agencies have standards officials that 
are attune to the work that NIST is doing on their behalf and 
on behalf of the Federal Government.
    Mr. Connolly. But you do play that clearinghouse role?
    Mr. Romine. We do play a role in coordination. 
Clearinghouse, I am not sure. That conveys a sense in which we 
are a gatekeeper, and I don't think we can, as you point out, 
we don't have authority in this case.
    Mr. Connolly. Well, I don't mean it as a gatekeeper, I mean 
it as the compiler of sort of universal information.
    Mr. Romine. Yes.
    Mr. Connolly. The State Department hasn't got the time or 
resources to look at best practices everywhere.
    Mr. Romine. Yes.
    Mr. Connolly. That is your job.
    Mr. Romine. That is our role.
    Mr. Connolly. Okay.
    Mr. Chairman, thank you.
    Mr. Mica. Thank you, Mr. Connolly. And if you want to 
excuse yourself for that, I will finish up.
    Well, it is interesting today to hear, first of all, 
Customs and Border Patrol here actually has implemented the use 
of iris and the Canadian standard.
    Ms. Sprague, did they consult with you when they did that? 
You say you guys work hand-in-glove?
    Ms. Sprague. We were aware that they were moving ahead with 
that program, but the border is the responsibility of Customs 
and Border Protection, and if they choose to accept a document 
or go in another direction, they certainly have the authority 
to do so.
    Mr. Mica. But they did consult with you? You do know they 
are using that?
    Ms. Sprague. Yes, we do.
    Mr. Mica. Okay. Does your passport have the ability to 
incorporate a biometric standard, both fingerprint and iris?
    Ms. Sprague. Yes, it does.
    Mr. Mica. It does? So when they set the standards, you have 
the capability and the document could incorporate that?
    Ms. Sprague. Yes, it does. But, if I can, the question, the 
challenge will be the capture of that data. We have 113 million 
passports that do not have a secondary biometric. We are 
issuing about 13 million passports a year. We have to find a 
way to capture that.
    Mr. Mica. It would seem that you would start with renewals. 
Now, when they issue a visa, does that have a biometric 
capability embedded in the visa document itself?
    Ms. Sprague. The visa document, when it is read at the 
border, it points to the computer, which does have the match to 
the fingerprint. So we have captured the fingerprint overseas.
    Mr. Mica. And that can also be incorporated to include iris 
in the future?
    Ms. Sprague. It can be.
    Mr. Mica. Okay. Because, again, if you look at most of the 
instances where we are trying to identify folks, whether it is 
issuing a visa from Nigeria or Yemen, or wherever, that we know 
who is who and we can also track those people.
    I did not know, and I asked staff to see if there is any 
Federal agency. Mr. Martinez, are you aware of any Federal 
agency or do you have any use of dual biometric iris, either 
internally, or do you know of any agency that uses it, both 
fingerprint and iris?
    Mr. Martinez. I am not aware in the context of 
credentialing. We have an iris pilot where we are looking at 
iris as another identifier or a technology that we can use to 
add to our identification file with fingerprints and other 
data.
    Mr. Mica. We are told the military does use some; I think 
they use it for some access, and they have a system they have 
agreed on. I think it is in Afghanistan, maybe some other post. 
CIA, we didn't call them in, but I am sure they have some 
sophisticated credentialing that is available.
    Now, Mr. Romine, you had testified that you are getting 
close, and I am holding you to maybe some time this summer. In 
previous meetings, when we had your predecessor folks in 
before, there was a panel or interagency group that met to 
discuss these. Does that still exist, the standards?
    Mr. Romine. Under the NSTC, the National Science Technology 
Council, there was a biometrics and identity management 
subcommittee, and I believe that is still active. But I can 
double-check that.
    Mr. Mica. That worries me, I believe that is still. Now, if 
anybody, you should know because Mr. Connolly just talked about 
stovepiping, and the only way we are not going to stovepipe it 
is for people to be talking, meeting, discussing. When is the 
last time the group met? Did you ever meet with them?
    Mr. Romine. I have not met with them.
    Mr. Mica. Are you in charge of setting the standard or 
overseeing it?
    Mr. Romine. I manage the laboratory.
    Mr. Mica. And have you been at one of these meetings?
    Mr. Romine. I haven't personally been.
    Mr. Mica. Now I am really getting worried. Has anybody here 
been to any of those meetings? No, Mr. Allen? Mr. Martinez, you 
are the standards guy with FBI. Have you ever been to a 
meeting? The interagency meeting where we set down and discuss 
the credentialing standards.
    Mr. Martinez. That would be out of the responsibility of my 
particular branch. I would probably have to defer to our 
security division.
    Mr. Mica. To see if somebody had been.
    Ms. Sprague, anyone? Have you guys been to one lately?
    Ms. Sprague. We attend a lot of meetings, but I don't know 
that we ever attend that specific one.
    Mr. Mica. Okay. I guess if I put it in law that they should 
attend the meetings, that would be used as an excuse because we 
didn't require that before, and it would set us back further.
    How about guys getting together, Mr. Romine?
    Mr. Romine. I am sorry?
    Mr. Mica. Can we see if the subcommittee is activated?
    Mr. Romine. Of course.
    Mr. Mica. Who is in charge of the subcommittee, does anyone 
know?
    Mr. Romine. It is managed by the Office of Science and 
Technology Policy at the White House.
    Mr. Mica. Oh, okay. Just like IRS, it leads to the White 
House. I am just kidding.
    [Laughter.]
    Mr. Connolly. I move that be stricken from the record 
again.
    Mr. Mica. All right, we will take that one too. We can have 
a little humor at these meetings.
    Well, we have to get people talking to each other. We have 
to get the standards set. We spent billions. I had the staff 
starting to count this. TWIC is half a billion by itself. Now, 
because they don't have a reader, we haven't incorporated a 
dual biometric, they are talking about just using it as an ID. 
Pretty expensive ID card for the taxpayers to foot that.
    We have 900,000 airport workers, Mr. Allen. No 
standardization in identification and credentialing. No 
biometric standard, right?
    Canada has had it since 2007. Have you been to Canada, Mr. 
Allen?
    Mr. Allen. Yes, sir. I was in Ottawa about a month ago.
    Mr. Mica. And did you see what they are doing?
    Mr. Allen. I didn't go up there for that purpose, to see 
what they are doing.
    Mr. Mica. Well, that is not the question.
    Mr. Allen. No, I didn't.
    Mr. Mica. Can I talk to whatever his name is, and maybe we 
can get you a trip up there to look at it? You should go see. 
It is incredible, the credentialing. And they have within the 
biometric ID, it has various levels of security clearance, so 
airport workers can get in to certain parts; pilots can access 
certain things; access to towers is limited within the 
credentialing. It goes on and on. And it is replicable and, 
obviously, if our good friends here from Customs and Border 
Patrol could adopt their iris as a standard, I have never heard 
of any thwarting of this system.
    Do you ever look at other credentialing, Mr. Romine, in 
other countries or systems?
    Mr. Romine. We don't look specifically at credentialing so 
much as we look at the standards.
    Mr. Mica. The standards, right.
    Mr. Romine. Yes.
    Mr. Mica. You have never looked at the Canadian?
    Mr. Romine. I am sure that we have.
    Mr. Mica. You have? Okay. And obviously CLEAR, somebody 
cleared CLEAR, because they are using iris and fingerprint, and 
they are using it for travelers. No one is familiar with that 
program? Did they ever come to you on the CLEAR program?
    Mr. Romine. I am not aware of a direct engagement, but I 
can follow up.
    Mr. Mica. Again, Mr. Connolly said this looks like a lot of 
stovepiping. But it doesn't appear that the communications are 
that good on an interagency basis, and we do need to get a 
standard in place. Any standard, too, would have to be 
upgradable, wouldn't it, Mr. Romine?
    Mr. Romine. That is correct.
    Mr. Mica. I mean, since we started this thing in 2012, I 
think it was when it first started, the technology has 
dramatically changed, so the standard you set now, 2013, pray 
to God some time this summer, might need to be upgraded 
periodically.
    Mr. Romine. That is correct.
    Mr. Mica. But I guess the best way is just don't set 
anything, so then we don't have to worry about it, and 
everybody goes off in different directions. We spend billions 
of taxpayer dollars and we leave ourselves at risk with all 
kinds of credentialing that doesn't really meet the security 
test.
    Mr. Martinez, thanks so much for confirming that the one 
biometric method that we have can be thwarted, so that makes me 
feel good too, that the one biometric measure.
    Mr. Allen, he testified to Mr. Connolly that we had three 
requirements. The first one was that the document be durable. 
Now, they met that one. They had trouble with the next two. 
They never got to the bio, and then the photo, of course, that 
is very complicated to get a photo of a pilot either embedded 
or on the ID. So they are a third of the way there some decade 
later. Very encouraging.
    Any final remarks, Mr. Connolly?
    Mr. Connolly. I look forward to the next hearing, Mr. 
Chairman.
    Mr. Mica. I think we will schedule it for this fall, just 
to make certain that we follow up.
    So I want to thank the witnesses for coming. I am hoping we 
can make some better progress in the next hearing. We will 
follow up. This is the first time I think we have ever brought 
at least this many agencies together. We need DHS. We had them 
in TWIC last time. Maybe we can get them all back and get a 
report later this fall.
    There being no further business before the Subcommittee on 
Government Operations, this hearing is adjourned.
    [Whereupon, at 11:04 a.m., the subcommittee was adjourned.]


                                APPENDIX

                              ----------                              


               Material Submitted for the Hearing Record


[GRAPHIC] [TIFF OMITTED] T1804.044

[GRAPHIC] [TIFF OMITTED] T1804.045

                                 
