Mobile Fortify has become a field tool for United States immigration agents, but the central claim around it is narrower than it may sound. Records reviewed by WIRED indicate that the app can generate possible facial recognition matches, yet it is not designed to reliably verify who a person is during street encounters.
That distinction matters because DHS launched Mobile Fortify in the spring of 2025 to “determine or verify” the identities of people stopped or detained during federal operations. The records also show that the rollout was tied to an executive order signed by President Donald Trump on his first day in office, which called for a “total and efficient” crackdown on undocumented immigrants through expedited removals, expanded detention, funding pressure on states, and other tactics.
What Mobile Fortify Actually Does
Mobile Fortify uses facial recognition in the field, but the system’s output is not a confirmed identity. It converts a photo into a mathematical template and returns entries that score high enough to be treated as possible matches.
That means the app is a lead-generation tool, not an identity-verification tool. The difference is not semantic. A verified identity implies a level of certainty that the system, as described in the records and testimony, does not provide.
Nathan Wessler, deputy director of the American Civil Liberties Union’s Speech, Privacy, and Technology Project, described that limitation directly: “Every manufacturer of this technology, every police department with a policy makes very clear that face recognition technology is not capable of providing a positive identification, that it makes mistakes, and that it's only for generating leads,”
The issue becomes sharper in uncontrolled settings. A face scan taken on the street can be affected by head tilt, lighting, shadow, cropping, focus, or expression. Even small differences can change the template and reshape the pool of candidate matches.
Why Street Scans Can Produce Uncertain Results
Mobile Fortify’s design appears to favor fast candidate returns rather than exhaustive identity confirmation. According to the source article, the threshold for possible matches could be set manually or adjusted dynamically in response to response-time requirements and system load.
That creates a practical trade-off. Faster results require smaller candidate pools, and a smaller pool can miss the right person if the original image is poor. If a badly framed photo causes the subject to be excluded early, any returned match will be wrong.
The Oregon testimony described in the source illustrates the problem. An agent said two photos of a woman in custody taken with his face-recognition app produced different identities. The woman was handcuffed and looking downward, and the agent testified that he physically repositioned her to get the first image.
The app returned a name and photo of a woman named Maria, which the agent rated “a maybe.” After agents called out “Maria, Maria,” and the woman did not respond, they took another photo. The second result was described as “possible,” with the agent adding, “I don’t know.”
Asked what supported probable cause, the agent cited the woman speaking Spanish, her presence with others who appeared to be noncitizens, and a “possible match” through facial recognition. The agent also testified that the app did not show a confidence score, saying, “It’s just an image, your honor. You have to look at the eyes and the nose and the mouth and the lips.”
Privacy Review Changed Before The Rollout
The deployment of Mobile Fortify did not happen in isolation. Records reviewed by WIRED show that DHS’s approval of Fortify last May was enabled by dismantling centralized privacy reviews and removing department-wide limits on facial recognition.
Those changes were overseen by a former Heritage Foundation lawyer and Project 2025 contributor who now serves in a senior DHS privacy role. The result, according to the source, was a faster path for a technology that affects privacy and biometric collection.
DHS has declined to detail the methods and tools agents are using, despite repeated calls from oversight officials and nonprofit privacy watchdogs. At the same time, Mobile Fortify has reportedly been used not only on “targeted individuals,” but also on people later confirmed to be US citizens and others observing or protesting enforcement activity.
Reporting cited in the source has documented federal agents telling citizens they were being recorded with facial recognition and that their faces would be added to a database without consent. Other accounts describe agents using accent, perceived ethnicity, or skin color as reasons to escalate encounters, then turning to face scanning once a stop was underway.
Where The Biometric Data Goes
Mobile Fortify also expands where and how DHS collects biometric data. The source article says its primary function is to increase the number of photos and biometric records DHS collects, including fingerprints, by moving collection from ports of entry into routine ICE encounters far from US borders.
The data is stored in databases linked by a centralized platform known as the Automated Targeting System (ATS). CBP says the data are retained for up to 15 years, though they may persist longer if shared with other agencies beyond CBP’s control.
ATS is linked to the Traveler Verification System (TVS), which CBP uses for facial comparison at ports of entry, pre-arrival vetting, and other screenings tied to border crossings. Under CBP policy, photos and biometric data of US citizens who opt out of biometric identification are supposedly deleted from TVS in under a day.
Internal records also show that data collected through Fortify may be stored in the Seizure and Apprehension Workflow (SAW). SAW is described as a “biometric gallery of individuals for whom CBP maintains derogatory information.” Unlike TVS, it is used for intelligence purposes and lead generation.
- A “derogatory hit” does not indicate undocumented status.
- It does not indicate criminal conduct.
- It does not indicate probable cause for arrest.
- US citizens are not explicitly excluded.
- Records are retained for up to 15 years.
The Stakes For Identity And Enforcement
The core concern is that a tool built for possible matches can be treated in practice as stronger than it is. When a system does not provide a positive identification, any enforcement decision that leans on its output depends heavily on human judgment, context, and safeguards.
Mario Trujillo, a senior staff attorney at the digital-rights nonprofit Electronic Frontier Foundation, put the concern plainly: “Facial recognition can be wrong, and it has been wrong in the past,” He added, “Here, the safeguards you’d expect—confidence scores, clear thresholds, multiple candidate photos—don’t appear to be there.”
Attorneys for the State of Illinois and the City of Chicago said in a federal lawsuit this month that the app had been used “in the field over 100,000 times” since launch. That scale makes the distinction between candidate match and verified identity more than a technical footnote.
Mobile Fortify shows how biometric systems can move from border infrastructure into everyday enforcement encounters. The records reviewed by WIRED suggest that the app’s real power is not that it proves who someone is, but that it can expand biometric capture while presenting uncertain matches inside high-stakes encounters.