Download a pdf of this Memorandum
Janice Kephart is the Director of National Security Policy at the Center for Immigration Studies.
Last week, Immigration and Customs Enforcement (ICE) conducted a rather unusual bust highlighting a new spin on visa fraud. This time it was not a fraudulent school masquerading as legitimate and siphoning money for student visas for a curriculum that did not exist, as was the March 4, 2010, bust of a Miami language school that resulted in arrests of 81 student violators and $2.4 million forfeited in illicit cash received. Nor was it referencing the three counterfeit document rings taken out in the last few days. These include a bust in Milwaukee on March 5, 2010, and two March 4 busts — one in Fresno and the other in Panama City, Fla.
The ring busted in this instance abused legitimate colleges that use the federal government’s student tracking program, SEVP. It then used identity fraud to circumvent SEVP, thereby keeping the students “clean” in the federal government’s system. Run by 46-year-old Eamonn Higgins and about 12 associates, the counterfeit operation’s mission was to support lawful immigration status for foreign students using a student visa to enter the United States and live in southern California.
According to the ICE press release, “a forensic analysis of the computer and related evidence revealed more than 100 foreign students who may have participated in the fraud scheme. Of those, ICE determined 47 are still in the United States.” However, only 16 were arrested and of those, 10 were to be placed in removal proceedings and only six brought up on criminal charges. From a national security standpoint, the issue of whether any of the remaining 47 poses a national security risk or simply should be removed is not clear.
Criminal Indictment Findings of Fact and Analysis
According to the criminal complaints filed against Higgins and the four suspects from the United Arab Emirates, the visa fraud has been admitted to by Higgins and the evidence against the UAE suspects includes e-mail exchanges providing identity information, instructions from Higgins to his clients, visa applications, and U.S. entry and departure records. While only six criminal complaints against foreign students have been filed, the complaint against Higgins suggests perhaps up to 500 students committed visa fraud with support of this ring.
The case began in 2007 with a dropped wallet and seven fake IDs in that wallet belonging to Higgins’ nephew. The names on those IDs belonged to foreign students who had “positive results” in “law enforcement databases.” ICE continued a two-year investigation, conducted a search of Higgins’ home in December 2009, and after four UAE students under investigation re-entered the United States in January 2010, arrests were made on March 4, 2010.
The four students had a total of 50 contacts with immigration authorities (the 19 9/11 hijackers had 57). Only one was denied a visa before being issued one subsequently, and none were ever pulled into secondary screening. Two of the defendants likely travelled together, as their LAX entries and departures are on the same dates. The warrant for the Higgins search remains under seal. The involvement and support from the FBI is never mentioned in the complaints, although reference to the FBI appear in the ICE press release.
Ringleader Higgins. According to the complaint filed against Higgins in California federal court:
- Higgins admitted he began providing his services in about 2002 and he continued until December 2009 when a search warrant was issued for his home.
- The schools where Higgins operated included seven community colleges and three California State University campuses, mostly located in Orange County, Calif.
- “Higgins has purchased approximately 500 counterfeit documents which he and his associates have used to take exams and/or attend classes in the furtherance of the fraudulent scheme.”
- Higgins admitted that he knew “that by taking the exams and attending the classes for the foreign students, he was enabling the foreign students to remain in the United States when they otherwise would have been sent back to their home country for failure to meet their educational requirements” of their F-1 student visa status.
- Higgins’ e-mail account contained communications between Higgins and “approximately 150 students, each of whom had entered and remained in the United States on an F-1 student status.” The e-mails contained students’ identity information, tests to be taken and classes attended, and e-mails verifying that Higgins and his associates did what they were paid to do.
- Prices ranged from $1,200 to $1,500 for different school requirements, such as final exams, math and English placement exams, classwork, and the taking of the English proficiency exam (required to obtain an F-1 visa) and Writing Proficiency Exam (required to graduate as an F-1).
- Higgins and his associates gained access to school testing centers by using the foreign students’ personal identifying information on counterfeit California driver’s licenses. He would arrange to meet the foreign student to collect a portion of the fee and obtain full name, address, date of birth, student identification number, and student’s major. That information would be used to obtain a counterfeit driver license then used for entry into classrooms and test-taking centers.
- The case began when Daly City Police “retrieved” a dropped blue wallet with seven fake California driver’s licenses that belonged to Higgins’ nephew in October 2007. Each of the seven fake IDs had Higgins’ nephew’s photo and different names.
- Law enforcement queries produced “positive results.” All seven names belonged to F-1 foreign students who had entered on student visas and attended schools in central California.
- In December 2009, a search warrant was issued for Higgins’ home in Orange County where his computer and 60 fake California driver’s licenses were found bearing photos of Higgins and his associates and foreign student names. The affidavit supporting the warrant remains under seal.
The Four UAE Students. Separate criminal complaints filed against the four UAE students are all supported by affidavits from an ICE Special Agent involved in the case from a Daly City police referral. All describe the law enforcement database queries (no details provided), e-mail communications, visa applications and issuance dates, U.S. entries and departures, schools attending, and majors sought. Facts include:
- The four students are as follows:
- Khalid Butti Khalifa Mohamed Almehairbi (with two pseudonyms listed)
- Mohamed Khalfan Hazeem Taresh Almehairi
- Ibrahim Salem Khalfan Almansoori
- Saeed Mohamed Hilal Zayed Alfalahi
- For the four students, there were eight student visas sought and seven issued and 42 entries and departures, for a total of 50 contacts with immigration authorities. Two students had seven entries and departures each, the other two 13 and 15 respectively.
- The complaints indicate that Almehairi was the only defendant to have a student visa application rejected. He sought a student visa in October 2006 that was not granted. He tried again in January 2008, and that request was granted.
- At no point do immigration records indicate these individuals were ever referred to secondary screening.
- None of these students would have retained their student status but for support from Higgins’ fraud ring.
- Each of the eight student visas sought was applied for at the U.S. Embassy in Abu Dhabi, UAE.
- All four defendants are listed in immigration records as natives and citizens of the UAE.
- The first entry into the United States by these four students was September 2006. The last entries for all four were either on January 8, 9, or 10, 2010.
- All four students entered at LAX airport for each of the 19 entries. Departure locations are not listed.
- Two students appear to have been traveling together. They both attended schools in Irvine, Calif., with majors in “business administration, management, and operations.” Their course of study was to conclude in 2010. Although exact flights are not provided, Almehairbi and Almansoori had the exact same LAX arrival and departure dates as follows:
- August 18, 2008, arrival at LAX as an F-1 nonimmigrant student, and departure on December 19, 2008.
- LAX re-entry on January 10, 2009, and departure May 28, 2009.
- LAX re-entry on August 5, 2009, and departure November 24, 2009.
- LAX re-entry on January 10, 2010.
- Note: the 9/11 “muscle” hijackers all entered the United States in pairs, likely to support and act as look-outs for each other.
The case continues to be investigated. So far, according to ICE, the scheme only involved foreign students paying Americans to attend class and take exams for them, using fake California driver licenses listing the name of the foreign student with a photo of his American replacement. For what reason, either ICE does not know or will not say. With money from what source, we are not told. Nor are we told why the FBI was involved with a case that looks from the surface to be about conventional immigration and document fraud.
The foreign students benefitting from the ring’s fraud came from Saudi Arabia, the United Arab Emirates, Lebanon, Kuwait, Turkey, and Qatar. According to the Associated Press story on this bust, $34,000 was paid to Higgins’ associates to take a full course load for “a Saudi Arabian student named Mohammed Ali Alnuaim.” Despite the high prices, however, the fraud was pretty shoddy. For example, in one case, a blonde American female’s photo was placed on a fake ID bearing an Arabic male name. But shoddiness does not matter when SEVP does not provide sufficient information for universities to assure the identity of the foreign students registering, and the universities admit they do not verify the identity of those in classes or those taking tests. Any ID will do, pretty much, when identity is never assured on campus … or at least this ring got away with it for seven years.
9/11 Commission and SEVP
Underlying almost every 9/11 Commission identity-related border recommendation is the essential point that identity assurance must be redundant in program architectures. Specifically, “The job of protection is shared among these many defined checkpoints. By taking advantage of them all, we need not depend on any one point in the system to do the whole job.” (9/11 Commission Report, p. 386) What was not said, but is essential, is that each point in the system must do its whole job. The issue of student visas was covered in 9/11 and Terrorist Travel, mainly concluding that if SEVP had been in place when the 9/11 pilots were entering, departing, and re-entering the United States, SEVP could have revealed that the student visas two claimed to have did not actually exist.
In the case of SEVP, the program is robust until the student arrives at college. This is because SEVP requires foreign students admitted to U.S. schools to go to a foreign consulate and apply for a visa. During that process, 10 fingerprints and a digital photo are taken (as with all visa holders). When the student seeks entry into the United States, the visa photo pops up with the border screening tool US-VISIT, and another digital photo is taken. That info of entry is then relayed to the student’s school. All is redundant and fine to this point; identity fraud is near impossible once the student is in the system.
However, once the student gets beyond the port of entry and registers at school — assuming he or she shows up — SEVP loses its ability to verify students’ identities. Instead, SEVP simply reports that an individual presenting ID with the foreign student’s name has registered. Why? Because SEVP does not permit the schools to view the photo accompanying the name when the student registers. (This is the same problem E-Verify has in that employers have no access digital photos taken with driver’s licenses, so they cannot verify that the person standing before them is the same person who was issued the ID.) Nor are the schools required to send back the student ID photo they take when the student registers. Thus, ICE has no notice of the identity swap, and no lead to fraud. Instead, the foreign student remains “clean” in the system despite the identity fraud. For this reason, identity fraud rings like the one run by Higgins can run rampant for years.
A simple solution would be to require schools to provide digital photos with foreign student registration, and have those photos returned to SEVP for compliance determination. The universities thus are simply doing a function they do anyway — taking student photos for school-issued IDs — and relaying them back to the federal government. Schools would not be required to conduct identity assurance; that responsibility would remain with the federal government. They would just be supplying data that completes the SEVP identity assurance architecture as supported by 9/11 recommendations. Of course, this will not solve the problem of test-taker swapping if colleges still refuse to check IDs at such instances, but at least more blatant abuses of SEVP will not be as easily tolerated, leads can be developed, and more often than not, the counterfeiters will be discouraged from using this scheme so flagrantly.
As we discussed in our report 9/11 and Terrorist Travel, the higher education lobby is powerful. It managed to fight off implementation of SEVP from 1996 until shortly after 9/11. It did so despite the fact that SEVP put no new requirements on schools, but simply streamlined a required but outdated paper system of foreign student reporting to the federal government. Their claim before 9/11 was that SEVP would be unduly burdensome and costly. The real reason, I learned as a counsel to the Senate Judiciary Subcommittee on Technology and Terrorism, had more to do with the fact that, like airlines, U.S. colleges want to have their cake and to eat it too: They want foreign visitor revenue, but they do not want to take any responsibility for the fact that encouraging foreign visitors, while a often boon for our economy and our democratic values, also brings about risks regarding immigration and national security.
If we want robust, streamlined foreign student visitor program, it is absolutely essential that each point in the SEVP system do its whole job. As long as schools in the SEVP program are not required to provide digital images of the foreign students registering at their school, the last point in the system — and the place that actually tracks the student’s attendance and major — is not doing its whole job. If the status quo continues, the counterfeiters will continue to abuse the type of loophole that Al Qaeda relishes — legitimacy in appearance only.