VFS Global
Company type | Private company |
---|---|
Founded | Mumbai, Maharashtra, India (July 2001 ) |
Headquarters | Zurich, Switzerland |
Area served | Worldwide |
Key people |
|
Number of employees | 3,769 (30 June 2015) |
Parent | Kuoni Travel |
Website | www |
VFS Global is an outsourcing and technology services specialist for governments and diplomatic missions worldwide.[1] The company manages visa and passport issuance-related administrative and non-judgmental tasks for its client governments.
VFS Global’s offices and operations across the world are certified with ISO 9001:2008 for Quality Management System, ISO 27001:20013 for Information Security Management System and ISO 14001:2004 for Environmental Management System.
VFS Global is a wholly owned subsidiary of the Kuoni Group, a public-listed company headquartered in Zurich, Switzerland. The shareholding or governance structure of VFS Global has not been made public.
History
VFS Global was established in Mumbai in 2001, when it set-up three Visa Application Centres for its first client government – the United States of America. By 2005 VFS Global served eleven governments – including the United Kingdom, Australia and Canada. In 2007 it won its first global account – that of the Home Office- UK Visas & Immigration (formerly UK Border Agency) – for operations across 33 countries.
VFS Global works predominantly with a user-pay revenue model where it receives its service fee directly from visa applicants, in addition to the visa fees which are remitted to the diplomatic mission.
Data security
A security flaw in the VFS Global managed online application website for the British Foreign & Commonwealth Office resulted in up to 50 000 visa applications from India, Nigeria and Russia being publicly accessible.[2][3] The security flaw was known since December 2005, but the Foreign and Commonwealth Office website was only shut down after an investigation in May 2007 following reports in the media.[3][4] The security breach was first reported by an Indian applicant[5] in December 2005 after which no effective remedial action was taken by either VFS nor UKvisas, the joint Home Office and Foreign & Commonwealth Office unit which runs the UK's visa service through British diplomatic posts overseas. The same applicant went public in May 2007 after he noticed that his earlier warnings were ignored.
The report[6][7][8] of the investigation by the Independent Investigator, Linda Costelloe Baker highlighted organisational failures by both VFS and UKvisas. The report also recommended that the VFS online visa applications not be resumed for applications from India. This has since been replaced by the secure online applications made available directly at the Visa4UK official government website of the UK Border Agency. Baker also mentioned in the report that following this incident, UKvisas conducted extensive testing and found no evidence that data had been stolen or misused.[citation needed] VFS underestimated what was necessary in order to protect personal data to the levels expected by the UK Data Protections Act. After this incident, several visa application level checks were put in place. Technical processes were also upgraded later to check the records of the online application site.
In November 2007, the UK Information Commissioner's Office announced that it had found the Foreign Office in breach of its obligations under the Data Protection Act 1998. The Information Commissioner's Office required the Foreign Office to sign a statement[9] that it would comply with the Data Protection Act and would not reopen the VFS UK visa online facility. It has been reported by The Guardian[10] that as a result of this ruling, the Foreign Office would review its relationship with VFS and seek to significantly reduce its outsourced work, especially in the area of IT. Consequently, applicants from India today need to apply directly at the Visa4UK official government website for online visa applications. After the report was issued, VFS introduced various measures to ensure safe and secure business environment. One of them was to make all its centres ISO compliant.[11]
Since this incident several governments have been critical of VFS Global's abilities and have raised concerns over security.[12] "There's the accountability issue, the privacy issue and why are we outsourcing to a for-profit entity something that belongs in the security mandate?" asked Victor Wong, executive director of the Chinese Canadian National Council. Liam Clifford of global visas, told The Sunday Telegraph: "Once you put this work in the hands of private companies overseas, you no longer have the same protection."
VFS Global's security flaws were called into question again in July 2015 when their online visa forms for Italy allowed users to see the personal information of other applicants, including their date of birth, passport details and addresses, if they mistakenly input the ID number of another person when logging into the system.[13]
Market dominance
It is reported[by whom?] in south east Asia that VFS own staff at its collection offices attempts to abuse its dominant status by making their own rules with visa applicants.[citation needed] This includes entry criteria to the VFS centres and also level of assistance offered to applicants.[14]
In June 2014, it was reported[by whom?] that VFS Global is being investigated by the South African Competition Commission regarding allegations of market dominance by VFS Global in the visa support services market to foreign embassies.[citation needed] The Commission's spokesperson Themba Mathebula stated that the commission’s screening unit had completed its preliminary investigation and submitted its report, recommending further formal investigations into VFS.[15]
References
- ^ "VFS Global". www.vfsglobal.com. Retrieved 15 October 2015.
- ^ Melissen, edited by Jan; Fernandez, Ana Mar (2011). Consular affairs and diplomacy. Leiden: Martinus Nijhoff Publishers. p. 136. ISBN 978-90-04-18876-1.
{{cite book}}
:|first1=
has generic name (help) - ^ a b Bollard, Mark (18 May 2007). "Indian problem could be worldwide". The Register. Retrieved 27 April 2015.
- ^ "Exposed: Indian visa application data accessible to anyone with a web browser". Daniweb.com. 20 June 2012. Retrieved 13 September 2012.
- ^ "Open Circuit: Identity Leakage: Trust VFS to reveal all". Sanjibmitra.blogspot.com. 10 May 2007. Retrieved 13 September 2012.
- ^ "Report of The Independent Investigation" (PDF). Fco.gov.uk. 5 November 2009. Retrieved 13 September 2012.
- ^ "Investigator ridicules UK visa site". The Register. Retrieved 13 September 2012.
- ^ "U.K. government slammed over bug in outsourced Web site". Computerworld. 10 August 2007. Retrieved 13 September 2012.
- ^ "Foreign Office in breach of the Data Protection Act" (PDF). Information Commissioner’s Office. 13 November 2007. Retrieved 13 September 2012.
{{cite journal}}
: Cite journal requires|journal=
(help) - ^ Bobbie Johnson (14 November 2007). "UK government failed to protect privacy of online visa applications; guardian.co.uk". London: Guardian. Retrieved 13 September 2012.
- ^ "Travel & Hospitality: VFS Global - Express Computer". Expresscomputeronline.com. 13 October 2008. Retrieved 13 September 2012.
- ^ "Private firm's work with visas raises concerns". Toronto: .thestar.com. 13 October 2008. Retrieved 13 September 2012.
- ^ Saeed Kamali Dehghan (17 July 2015). "Users' data compromised after technical glitch at Home Office contractor". The Guardian.
- ^ Make sure your UK Visa Application is not refused because of VFS (Thailand) Ltd. Thaiscare.com (2011-10-02). Retrieved on 2015-03-30.[dead link]
- ^ Donnelly, Lynley (27 June 2014). "Visa services under investigation". Mail & Guardian.