Cogswell told reporters the agency is working closely with Customs and Border Protection and is examining “exactly what were the details about how (the breach) happened so we can put procedures in place that would better protect going into the future.”
“I think this is an area where TSA has long recognized that we need to do it but it’s not without risk,” she said.
She noted that TSA has for years handled the delicate task of sharing personal data between the government and the private sector. Air carriers regularly submit passenger data to the TSA’s Secure Flight Database to verify passengers are not on a do-not-fly list, for example.
The agency’s future plans include using biometric data to verify PreCheck passengers, who already provide biometrics such as fingerprints for their background checks.
There are plans to test a system later this year “where we actually won’t hold or retain the actual biometric,” Cogswell said. When a traveler arrives at the checkpoint for screening, computers could take a photo of the traveler and compare it to the photo on his license or passport — verifying that the person is who he claims to be. The photos could then be deleted.