WASHINGTON – The Transportation Security Administration (TSA) announced today that Verified Identity Pass, Inc. – operator of Clear® – has met program encryption standards for enrollment computers and may resume Registered Traveler enrollment immediately.
This change comes after Verified Identity Pass, Inc. reported an unencrypted Clear®-owned laptop computer containing data of approximately 33,000 customers was missing from San Francisco International Airport. The laptop was later recovered by Clear® officials at the airport. It was voluntarily surrendered to TSA officials for forensic examination. The results of that exam remain under review.
Verified Identity Pass, Inc.took steps to encrypt all enrollment computers and provided a third party audit verifying the encryption. TSA has accepted the audit and provided authorization to the sponsoring entities (airports/airlines) to resume enrollment.
TSA will be conducting random audits of Clear® operations at airports across the country to further ensure compliance. TSA has also asked Verified Identity Pass, Inc. to provide a comprehensive report detailing the status of all security features associated with the Clear® program and to conduct a new and complete annual audit consistent with program standards.
TSA is conducting a broad review of all Registered Traveler providers' information systems and data security processes to ensure compliance with security regulations.