DELL CAMERON MADDY VARNER SECURITY FEB 5, 2026 3:28 PM ICE and CBP’s Face-Recognition App Can’t Actually Verify Who People Are ICE has used Mobile Fortify to identify immigrants and citizens alike over 100,000 times, by one estimate. It wasn't built to work like that—and only got approved after DHS abandoned its own privacy rules. PHOTOGRAPH: MICHAEL SILUK/GETTY IMAGES Get our Tracker: ICE newsletter to understand what’s happening and what’s coming next SIGN UP By signing up, you agree to our user agreement (including class action waiver and arbitration provisions), and acknowledge our privacy policy. THE FACE-RECOGNITION APP Mobile Fortify, now used by United States immigration agents in towns and cities across the US, is not designed to reliably identify people in the streets and was deployed without the scrutiny that has historically governed the rollout of technologies that impact people’s privacy, according to records reviewed by WIRED. WIRED has made this article free for all to read because it is primarily based on reporting from Freedom of Information Act requests. Please consider subscribing to support our journalism. The Department of Homeland Security launched Mobile Fortify in the spring of 2025 to “determine or verify” the identities of individuals stopped or detained by DHS officers during federal operations, records show. DHS explicitly linked the rollout to an executive order, signed by President Donald Trump on his first day in office, which called for a “total and efficient” crackdown on undocumented immigrants through the use of expedited removals, expanded detention, and funding pressure on states, among other tactics. Despite DHS repeatedly framing Mobile Fortify as a tool for identifying people through facial recognition, however, the app does not actually “verify” the identities of people stopped by federal immigration agents—a well-known limitation of the technology and a function of how Mobile Fortify is designed and used. "Every manufacturer of this technology, every police department with a policy makes very clear that face recognition technology is not capable of providing a positive identification, that it makes mistakes, and that it's only for generating leads," says Nathan Wessler, deputy director of the American Civil Liberties Union’s Speech, Privacy, and Technology Project. Records reviewed by WIRED also show that DHS’s hasty approval of Fortify last May was enabled by dismantling centralized privacy reviews and quietly removing department-wide limits on facial recognition—changes overseen by a former Heritage Foundation lawyer and Project 2025 contributor, who now serves in a senior DHS privacy role. DHS—which has declined to detail the methods and tools that agents are using, despite repeated calls from oversight officials and nonprofit privacy watchdogs—has used Mobile Fortify to scan the faces not only of “targeted individuals,” but also people later confirmed to be US citizens and others who were observing or protesting enforcement activity. Reporting has documented federal agents telling citizens they were being recorded with facial recognition and that their faces would be added to a database without consent. Other accounts describe agents treating accent, perceived ethnicity, or skin color as a basis to escalate encounters—then using face scanning as the next step once a stop is underway. Together, the cases illustrate a broader shift in DHS enforcement toward low-level street encounters followed by biometric capture like face scans, with limited transparency around the tool’s operation and use. FORTIFY'S TECHNOLOGY MOBILIZES facial capture hundreds of miles from the US border, allowing DHS to generate nonconsensual face prints of people who, “it is conceivable,” DHS’s Privacy Office says, are “US citizens or lawful permanent residents.” As with the circumstances surrounding its deployment to agents with Customs and Border Protection and Immigration and Customs Enforcement, Fortify’s functionality is visible mainly today through court filings and sworn agent testimony. In a federal lawsuit this month, attorneys for the State of Illinois and the City of Chicago said the app had been used "in the field over 100,000 times" since launch. In Oregon testimony last year, an agent said two photos of a woman in custody taken with his face-recognition app produced different identities. The woman was handcuffed and looking downward, the agent said, prompting him to physically reposition her to obtain the first image. The movement, he testified, caused her to yelp in pain. The app returned a name and photo of a woman named Maria; a match that the agent rated “a maybe.” Agents called out the name, “Maria, Maria,” to gauge her reaction. When she failed to respond, they took another photo. The agent testified the second result was “possible,” but added, “I don’t know.” Asked what supported probable cause, the agent cited the woman speaking Spanish, her presence with others who appeared to be noncitizens, and a “possible match" via facial recognition. The agent testified that the app did not indicate how confident the system was in a match. “It’s just an image, your honor. You have to look at the eyes and the nose and the mouth and the lips.” MOST POPULAR ARTIFICIAL INTELLIGENCE A New AI Math Startup Just Cracked 4 Previously Unsolved Problems BY WILL KNIGHT ARTIFICIAL INTELLIGENCE Loyalty Is Dead in Silicon Valley BY LAUREN GOODE CULTURE Hollywood Is Losing Audiences to AI Fatigue BY MILES KLEE GEAR I Infiltrated Moltbook, the AI-Only Social Network Where Humans Aren’t Allowed BY REECE ROGERS Agents described the Oregon operation as part of “Operation Fortify the Border” and referred to enforcement in the Pacific Northwest specifically as “Operation Blackrose.” “Facial recognition can be wrong, and it has been wrong in the past,” says Mario Trujillo, a senior staff attorney at the digital-rights nonprofit Electronic Frontier Foundation. “Here, the safeguards you’d expect—confidence scores, clear thresholds, multiple candidate photos—don’t appear to be there.” The appearance of multiple identities is not an error but a feature of how Mobile Fortify operates in the field: Regardless of how agents use it, the system is built to generate candidate matches, not confirmations. Rather than exhaustively searching vast biometric galleries, Fortify converts a photo into a mathematical template and returns only entries that score high enough to be treated as possible matches. That threshold could be set manually or adjusted dynamically in response to response-time requirements and system load. When images are taken outside controlled conditions, even small differences—head tilt, lighting, shadow, cropping, focus, or expression—can alter the template and reshuffle the pool of candidates. Quicker responses also require smaller candidate pools. This is a significant trade-off of demanding real-time results. When a poorly framed street photo causes the subject to be excluded by the system early, it is a mathematical certainty that any match will be a miss. Mobile Fortify’s primary function is to expand the number of photos and biometric data that DHS collects, including fingerprints, by shifting its collection from ports of entry to routine ICE encounters occurring far from US borders. The data is stored in databases linked by a centralized platform known as the Automated Targeting System (ATS). CBP says the data are retained for up to 15 years but may persist longer if shared with other agencies beyond CBP’s control. Among other biometric systems, ATS is linked to the Traveler Verification System (TVS), used by CBP for facial comparison at ports of entry, during pre-arrival vetting, and in other screenings tied to border crossings. Under CBP policy, photos and biometric data of US citizens who opt out of biometric identification are supposedly deleted from TVS in under a day. Got a Tip? Are you a current or former government employee who wants to talk about US immigration enforcement? We'd like to hear from you. Using a nonwork phone or computer, contact the reporter securely on Signal at dell.3030 or mvarner.01. Internal records show that data collected through Fortify may also be stored in the Seizure and Apprehension Workflow (SAW), which is described as a “biometric gallery of individuals for whom CBP maintains derogatory information.” Unlike TVS, SAW is used for intelligence purposes and lead generation. A “derogatory hit” does not indicate undocumented status, criminal conduct, or probable cause for arrest. US citizens are not explicitly excluded, and records are retained for up to 15 years. ICE agents are instructed to photograph subjects for facial recognition before trying to match their fingerprints, which court records show is done in-office rather than on the street, even though fingerprints are a stronger biometric for confirming identity. The sequence prioritizes speed and ease of collection over positive identification. When fingerprints are taken, they are routed through ATS to the IDENT database and retained for a minimum of 75 years. Records also indicate the existence of another derogatory watch list controlled by CBP and fed by Fortify, known as the Fortify the Border Hotlist. The list is mentioned in only a single publicly released document and was first revealed by 404 Media last year. The record does not describe the criteria for placement on the watch list nor any removal or appeals process. It is unclear whether US citizens are included. MOST POPULAR ARTIFICIAL INTELLIGENCE A New AI Math Startup Just Cracked 4 Previously Unsolved Problems BY WILL KNIGHT ARTIFICIAL INTELLIGENCE Loyalty Is Dead in Silicon Valley BY LAUREN GOODE CULTURE Hollywood Is Losing Audiences to AI Fatigue BY MILES KLEE GEAR I Infiltrated Moltbook, the AI-Only Social Network Where Humans Aren’t Allowed BY REECE ROGERS DHS did not respond to questions about the criteria that governs the watch list, whe