- Email: [email protected]
Ready for take-off: how biometrics and blockchain can beat aviation's quality issues
FEATURE
Ready for take-off: how biometrics and blockchain can beat aviation’s quality issues
Irra Ariella Khi
Irra Ariella Khi, Zamna Biometric technologies have been embraced and adopted in aviation and international border control more than in any other industry. This is due to the emphasis on airline and border security and increasing pressure from governments to control and monitor immigration and the movement of people. However, biometrics are still not at the stage of universal adoption and face several significant barriers that need to be overcome. Iris scans, facial recognition and fingerprint readers have become much more commonplace in modern airports, and some of the more forward-looking pilot schemes have begun to completely replace the use of passports for passenger identification with biometric data. For example, Dubai Airport’s ‘Smart Tunnel’ project has demonstrated that facial recognition technology can replace the manual passport control process entirely, shortening it to 15 seconds and removing the need for human intervention1. Yet despite the increased use of biometric systems in airports, these solutions are still far from being widely trusted to accurately verify passenger data – in or before the airport. And while
New biometric technology could help to meet rising passenger expectations, just as airline passenger numbers continue to grow year-onyear, putting further strain on aviation infrastructure.
8
Biometric Technology Today
biometrics often play a complementary role in authenticating the physical aspects of passenger identity, manual biographic passport checks are still exclusively used as the primary method of passenger verification, with the exception of the Smart Tunnel system. We’ve still got some work to do before a seamless, biometric-based passenger experience – where travellers can move through the airport without any physical document checks – becomes a reality for us all. Still, there is no lack of enthusiasm for new technology within the aviation industry. In fact, the use of biometrics underpins the main crossindustry transformation project that the airline trade association, the International Air Transport Association (IATA), created in 2016: ‘One ID’. The aim of One ID is to create an “end-to-end passenger experience that is secure, seamless and efficient”, and it has the potential to address the key management challenges facing the airline industry: namely, passenger facilitation and security, plus government data regulations: • Passenger facilitation and security. Firstly, new biometric technology could help to meet rising passenger expectations for more efficient journeys. IATA research shows that the majority of passengers now find a queuing time of more than 10 minutes unacceptable, and increasingly prefer ‘ready-to-fly’ options such as validating travel documents and checking in bags from home before they head to the airport2. These rising expectations come as the number of airline passengers continues to grow year-on-year, putting further strain on aviation infrastructure. IATA’s ‘20-Year Air Passenger Forecast’ found that the number of travellers is set to double by 2037, reaching 8.2 billion people a year3.
There is therefore a critical need to use biometric solutions to manage this growing throughput of passengers while maintaining and improving both security and the passenger experience throughout all airport touchpoints. In the words of IATA director general Alexandre de Juniac: “Biometric recognition using the One ID concept modernises the airport experience for passengers and improves the efficiency and security of identification processes. Every traveller will appreciate the convenience of getting from the kerb to the gate without ever having to show a paper passport or boarding pass.”
“We’ve still got some work to do before a seamless, biometric-based passenger experience – where travellers can move through the airport without any physical document checks – becomes a reality for us all” • Government data regulations. One ID also responds to the increased pressure from international governments for airlines to provide more accurate information on passengers – namely APIS (Advance Passenger Information System) data – for the purposes of immigration, border control and national security decision-making. Airlines are also under increasing commercial pressure to comply with regulations in order to reduce the potential burden of hefty government fines each year. A build-up of these fines has a detrimental impact on an airline’s government relations, and can also impact their landing rights in a particular country. On top of that, One ID could reduce the onerous operational
January 2020
FEATURE costs of airport real-estate and airline staff, both of which are needed for manually checking each passenger’s documents.
Three key challenges Of course, the vision of One ID cannot be realised until the need for manual identity checks is vastly reduced – which is why data quality will play a critical role in both passport and biometric checking processes4. Let’s consider the three data management challenges to the widespread adoption of biometric technology and how they might be overcome: 1. Data standardisation and verification. If biometrics are to be widely adopted, both airlines and government authorities must be able to trust that the biometric data provided on passengers is both accurate and high-quality. There are two root causes of the current scepticism here: a lack of standardisation of passenger biometric data; and the lack of a reliable source against which that biometric data can be validated for accuracy and integrity. In addition, there is the challenge of connecting biometric data with the passenger’s biographic/passport data (known as API or advance passenger information). Combine this with the increased public scrutiny on personal data security, and the scale of the problem becomes clear. A number of biometric pilot schemes are underway in airports around the world, but they are all independent – using different technologies, biometric markers, data standards and processing techniques. And while the International Civil Aviation Organisation (ICAO) has established a standard for biometric data, alongside biographic/passport data, not every country adheres to these rules and principles. Until a comprehensive standard is adopted and consistently deployed, any biometric verification process will always be limited, since the biometric data produced or verified by any single airline, airport or government can never be wholly trusted by another. This has forced the industry to default to traditional manual passport data as a source of both trust and verification for passenger IDs. And currently there is no standardised way to either verify or connect passport and biometric data in order to identify a passenger: an ePassport along with a biometriccomparing capability could solve that, but there is still a need for passengers to enrol each time, and still no aggregation of verifications that can be shared within the industry. A consistent standard for biometric data will undoubtedly come to the fore as biometric hardware systems mature, and as governments and airlines further progress their pilot programmes into full adoption. These efforts can, of course, be speeded up, so long as close collaboration can
January 2020
Due to the highly valuable personal data they hold, airlines are particular targets for data breaches. In the industry’s biggest security incident to date, an attack on Cathay Pacific left 9.1 million customers exposed.
be established between airlines, biometric technology providers and passenger data regulators. However, the key problem the industry faces with standardisation is not around data structures, but the absence of cross-industry sharing protocols and schemes that would allow that data to be shared in the first place.
“Until a comprehensive standard is deployed, any biometric verification process will always be limited, since the biometric data produced or verified by any single airline, airport or government can never be wholly trusted by another” 2. Secure data sharing. No data can currently be securely shared between different airlines and government agencies, and therefore it cannot be validated for accuracy and integrity by either party. This is the case for both biometric and biographic/passport data. Without a trusted system for sharing any type of information, airlines and governments maintain it siloed across their own systems. This means the same passenger’s data must be checked and re-checked manually. These repeated checks result in delays at airports, with passengers queuing at various checkpoints, waiting for their documents to be scanned several times over. This is regardless of how many times the passenger has travelled before, even if that individual is connecting onto another flight on the very same day, or even if that second flight is with the same airline. This inability to securely share data is one of the main barriers to One ID and means that, even if biometric data is of high quality and in a standardised form, it still has to be re-validated as a one-off occurrence by each airline and government agency every time that person travels. In other words, there is currently no way to put the hard work of one data check in the service of the next check. The difficulty of sharing biometric data between multiple parties is worsened by the fact that the information is – rightly – protected under data privacy laws, such as the General
Data Protection Regulation (GDPR) in Europe. So while more sophisticated data sharing will aid verification and improve the passenger experience, the protection and control of the personally identifiable information (PII) involved is paramount, and the highest standards of data security have to be upheld in any system that is sharing biometric data for passenger validation. Regulators’ increasing focus on the security of personal and public data is reflected in public opinion. Recent high-profile consumer data breaches have propelled this issue into mainstream public awareness, raising legitimate concerns as to what personal biographic and biometric data is being collected and shared – and how it can be used and mis-used, whether by international governments or private companies. Furthermore, due to the highly valuable personal data they hold, government agencies, travel companies and airlines are particular targets for data breaches. In recent years, we’ve seen a number of such cases: the US Government’s database of its security-cleared employees was successfully hacked by a hostile foreign government; Marriott Hotels exposed 383 million sensitive data records in one of the largest data breaches in history; and an attack on airline Cathay Pacific left 9.1 million customers exposed in what was the airline industry’s biggest security incident to date. Linking biometric data to an individual’s existing personally identifiable biographic data, such as their passport, will create an even more sensitive data set, and therefore an even more appealing target for attackers. So before any standardised system of sharing biometrics can be rolled out, the industry has to agree on a solution that addresses the data security concerns of regulators and passengers. 3. Biometrics meets the blockchain. This challenge of how to successfully and securely share biometric data for validation can be resolved by applying blockchain technology. The blockchain principles of decentralisation and immutability, coupled with its ‘privacy-by-design’ approach, make it the ideal solution to data standardisation, verification and security challenges. By utilising blockchain, a record can be made each time any biometric data is validated or queried. When it is successfully validated, reputational value builds and can also be recorded. Conversely, when biometric data presents repeated errors, its reputational value can be lowered. When combined with blockchain’s inherent immutability, this means that airlines, airports and international governments can be confident in the accuracy and validity of any data, using blockchain to corroborate its reputational value. What’s more, blockchain’s system of decentralised storage and management means data verification can be secured and re-secured at each stage
Biometric Technology Today
9
FEATURE of the process, assuring data provenance with no single point of compromise and no central store. Essentially, the blockchain process involves making records of data verification that would make no sense to anyone unless they were in possession of the original data. According to independent security testers, using blockchain enables tech companies to create systems that would take millions of years to breach. Its privacy-by-design approach, as advocated in the GDPR, means systems can be built around an un-compromisable concept of data security, rather than having security elements added in retrospect. Innovative technologies, that combine blockchain and privacy-by-design to ensure improved biometric data accuracy without exposing underlying personal data, are already readily available on the market.
One ID’s mission IATA’s One ID relies on coupling accurate passenger biographic data (known as APIS) with the early authentication of each passenger’s biometric identity, followed by instant biometric recognition at every touchpoint thereafter. With every successful verification, the data’s authenticity grows, and the need for extra and repeated manual checks is eliminated. In practice, this combination of biometrics and blockchain negates the need for passengers to present multiple documents at multiple touchpoints throughout their airport experience. Using blockchain, tech companies can create innovative decentralised solutions that can secure passenger data. Then, assuming international standardisation and regulation, the reputational score of the data could become the basis of shared insights between airlines and governments, who would in turn be able to trust that the validation and re-validation is accurate. As a result, wherever in-person checks still have to be performed, the data verification process will allow airlines and government agencies to focus on screening passenger behaviour rather than verifying biographic/ passport data, making the checking process at airports and borders much more efficient. IATA also suggests One ID can meet passengers’ desire for ‘ready-to-fly’ options – in other words, presenting and validating their biographic and biometric details from home. Passengers could use a mobile device to submit their personally identifiable information directly to the necessary parties (such as airlines, immigration, border control) ahead of their journey, further shortening the validation process at the airport. This ability could bring major benefits to airlines, which are increasingly required to provide accurate passenger information to government agencies ahead of the flight. This currently poses a major challenge for airlines as they are wholly 10
Biometric Technology Today
IATA’s One ID is an ambitious vision for the airport of the future, based on combining accurate biographic data and biometric technology for passenger verification.
reliant on correct data being provided by passengers, 50% of whom make mistakes when submitting their API data. For example, consider the role that passenger data plays in helping airlines and governments establish whether that traveller’s data matches a valid visa or ETA (electronic transit authorisation). Today, biographic data alone is used to establish whether the passenger has the right status to travel to a particular country or destination. Increasingly, this could be established using both biographic and biometric data as part of One ID. In the context of passenger ETAs and visas, ensuring data accuracy and validity will become increasingly important across Europe as the EU prepares to introduce its ETIAS (European Travel Information and Authorisation System). This will require passengers from visa-free countries – such as the US, Canada, Australia, New Zealand, and possibly soon the UK – travelling into the Schengen area to hold a valid ETA authorisation. Airlines will also be required to establish that the passenger has the correct status prior to boarding. ETIAS is intended to speed up and modernise border procedures in the EU. However, without better systems for validating passenger data ahead of the flight, staff will be forced to manually check passports in order to cross-reference ETIAS details once the passenger arrives at the airport. This will potentially create queues and slow down the system; in some cases it means that passengers may be informed too late that they do not have a valid ETIAS and won’t be able to fly on the day. Without accurate passenger data, there is no reliable way to establish their status or check whether they have a valid ETA. Combining biographic data alongside biometrics would drive the industry towards better passenger identification, and towards realising the aim of One ID. Airlines will know that the data they are provided with ahead of the flight is accurate, and no passenger will need to be off-loaded or manually re-processed due to a data error.
Airport of the future In summary, IATA’s One ID is an ambitious vision for the airport of the future, based on combining accurate biographic data and biometric technology for passenger verification.
Standardisation and international regulation are the next steps towards the widespread adoption of biometrics in the airline industry. However, biometrics alone cannot provide the seamless passenger experience envisioned by One ID. It’s important that first, the biographic API data is accurate, of the highest quality, and can be shared and validated by airlines and governments. This is where blockchain can play a crucial role in both securing and sharing these sensitive data sets. Blockchain alone is not the answer, and neither is accurate biographic data – but together, they are the first step towards One ID. Only when blockchain and biometrics are jointly deployed can there be assurance of accuracy and trust in identifying each physical passenger. Without this level of data quality, the adoption of biometrics as part of One ID will not be possible. Yet without innovative solutions, the dual problem of data protection limitations and the technical inability to share data between biometric providers will continue to limit any data quality. Accurate, trusted and re-trusted data alone can meet the demands for comprehensive biographic and biometric processes, both in the aviation industry and beyond.
About the author Irra Ariella Khi is the CEO and co-founder of Zamna (formerly VChain Technology), which provides the first venture-backed blockchain security solution for the aviation industry. Zamna’s patented, GDPR-compliant Identity-as-a-Service (IDAAS) solution connects the data sets of airlines, governments and security agencies, reducing the need to check physical passenger IDs in airports. Irra has co-authored Zamna’s first three patents, and leads the deployment of its software to major international airlines and governments.
References 1. ‘Dubai airport trials “Smart Tunnel” that allows passengers to clear passport control in 15 seconds’. Arabian Business, 11 October 2018. Accessed December 2019. https://www.arabianbusiness.com/ transport/406044-dubai-airport-trials-smarttunnel-that-allows-passengers-clear-passportcontrol-in-15-seconds. 2. IATA. ‘2016 Global Passenger Survey’. https://www.iata.org/publications/store/ Documents/GPS-2016-Highlights-Final.pdf. 3. ‘SAP and VChain execs discuss how technology is changing the travel experience’. Aviation Business, 12 May 2019. Accessed December 2019. https://www.aviationbusinessme.com/ airports/technology/18757-sap-and-vchainexecs-discuss-how-technology-is-transformingthe-passenger-travel-experience. 4. IATA. ‘One ID’. https://www.iata.org/ whatwedo/passenger/Pages/one-id.aspx.
January 2020
Ready for take-off: how biometrics and blockchain can beat aviation’s quality issues
Irra Ariella Khi
Irra Ariella Khi, Zamna Biometric technologies have been embraced and adopted in aviation and international border control more than in any other industry. This is due to the emphasis on airline and border security and increasing pressure from governments to control and monitor immigration and the movement of people. However, biometrics are still not at the stage of universal adoption and face several significant barriers that need to be overcome. Iris scans, facial recognition and fingerprint readers have become much more commonplace in modern airports, and some of the more forward-looking pilot schemes have begun to completely replace the use of passports for passenger identification with biometric data. For example, Dubai Airport’s ‘Smart Tunnel’ project has demonstrated that facial recognition technology can replace the manual passport control process entirely, shortening it to 15 seconds and removing the need for human intervention1. Yet despite the increased use of biometric systems in airports, these solutions are still far from being widely trusted to accurately verify passenger data – in or before the airport. And while
New biometric technology could help to meet rising passenger expectations, just as airline passenger numbers continue to grow year-onyear, putting further strain on aviation infrastructure.
8
Biometric Technology Today
biometrics often play a complementary role in authenticating the physical aspects of passenger identity, manual biographic passport checks are still exclusively used as the primary method of passenger verification, with the exception of the Smart Tunnel system. We’ve still got some work to do before a seamless, biometric-based passenger experience – where travellers can move through the airport without any physical document checks – becomes a reality for us all. Still, there is no lack of enthusiasm for new technology within the aviation industry. In fact, the use of biometrics underpins the main crossindustry transformation project that the airline trade association, the International Air Transport Association (IATA), created in 2016: ‘One ID’. The aim of One ID is to create an “end-to-end passenger experience that is secure, seamless and efficient”, and it has the potential to address the key management challenges facing the airline industry: namely, passenger facilitation and security, plus government data regulations: • Passenger facilitation and security. Firstly, new biometric technology could help to meet rising passenger expectations for more efficient journeys. IATA research shows that the majority of passengers now find a queuing time of more than 10 minutes unacceptable, and increasingly prefer ‘ready-to-fly’ options such as validating travel documents and checking in bags from home before they head to the airport2. These rising expectations come as the number of airline passengers continues to grow year-on-year, putting further strain on aviation infrastructure. IATA’s ‘20-Year Air Passenger Forecast’ found that the number of travellers is set to double by 2037, reaching 8.2 billion people a year3.
There is therefore a critical need to use biometric solutions to manage this growing throughput of passengers while maintaining and improving both security and the passenger experience throughout all airport touchpoints. In the words of IATA director general Alexandre de Juniac: “Biometric recognition using the One ID concept modernises the airport experience for passengers and improves the efficiency and security of identification processes. Every traveller will appreciate the convenience of getting from the kerb to the gate without ever having to show a paper passport or boarding pass.”
“We’ve still got some work to do before a seamless, biometric-based passenger experience – where travellers can move through the airport without any physical document checks – becomes a reality for us all” • Government data regulations. One ID also responds to the increased pressure from international governments for airlines to provide more accurate information on passengers – namely APIS (Advance Passenger Information System) data – for the purposes of immigration, border control and national security decision-making. Airlines are also under increasing commercial pressure to comply with regulations in order to reduce the potential burden of hefty government fines each year. A build-up of these fines has a detrimental impact on an airline’s government relations, and can also impact their landing rights in a particular country. On top of that, One ID could reduce the onerous operational
January 2020
FEATURE costs of airport real-estate and airline staff, both of which are needed for manually checking each passenger’s documents.
Three key challenges Of course, the vision of One ID cannot be realised until the need for manual identity checks is vastly reduced – which is why data quality will play a critical role in both passport and biometric checking processes4. Let’s consider the three data management challenges to the widespread adoption of biometric technology and how they might be overcome: 1. Data standardisation and verification. If biometrics are to be widely adopted, both airlines and government authorities must be able to trust that the biometric data provided on passengers is both accurate and high-quality. There are two root causes of the current scepticism here: a lack of standardisation of passenger biometric data; and the lack of a reliable source against which that biometric data can be validated for accuracy and integrity. In addition, there is the challenge of connecting biometric data with the passenger’s biographic/passport data (known as API or advance passenger information). Combine this with the increased public scrutiny on personal data security, and the scale of the problem becomes clear. A number of biometric pilot schemes are underway in airports around the world, but they are all independent – using different technologies, biometric markers, data standards and processing techniques. And while the International Civil Aviation Organisation (ICAO) has established a standard for biometric data, alongside biographic/passport data, not every country adheres to these rules and principles. Until a comprehensive standard is adopted and consistently deployed, any biometric verification process will always be limited, since the biometric data produced or verified by any single airline, airport or government can never be wholly trusted by another. This has forced the industry to default to traditional manual passport data as a source of both trust and verification for passenger IDs. And currently there is no standardised way to either verify or connect passport and biometric data in order to identify a passenger: an ePassport along with a biometriccomparing capability could solve that, but there is still a need for passengers to enrol each time, and still no aggregation of verifications that can be shared within the industry. A consistent standard for biometric data will undoubtedly come to the fore as biometric hardware systems mature, and as governments and airlines further progress their pilot programmes into full adoption. These efforts can, of course, be speeded up, so long as close collaboration can
January 2020
Due to the highly valuable personal data they hold, airlines are particular targets for data breaches. In the industry’s biggest security incident to date, an attack on Cathay Pacific left 9.1 million customers exposed.
be established between airlines, biometric technology providers and passenger data regulators. However, the key problem the industry faces with standardisation is not around data structures, but the absence of cross-industry sharing protocols and schemes that would allow that data to be shared in the first place.
“Until a comprehensive standard is deployed, any biometric verification process will always be limited, since the biometric data produced or verified by any single airline, airport or government can never be wholly trusted by another” 2. Secure data sharing. No data can currently be securely shared between different airlines and government agencies, and therefore it cannot be validated for accuracy and integrity by either party. This is the case for both biometric and biographic/passport data. Without a trusted system for sharing any type of information, airlines and governments maintain it siloed across their own systems. This means the same passenger’s data must be checked and re-checked manually. These repeated checks result in delays at airports, with passengers queuing at various checkpoints, waiting for their documents to be scanned several times over. This is regardless of how many times the passenger has travelled before, even if that individual is connecting onto another flight on the very same day, or even if that second flight is with the same airline. This inability to securely share data is one of the main barriers to One ID and means that, even if biometric data is of high quality and in a standardised form, it still has to be re-validated as a one-off occurrence by each airline and government agency every time that person travels. In other words, there is currently no way to put the hard work of one data check in the service of the next check. The difficulty of sharing biometric data between multiple parties is worsened by the fact that the information is – rightly – protected under data privacy laws, such as the General
Data Protection Regulation (GDPR) in Europe. So while more sophisticated data sharing will aid verification and improve the passenger experience, the protection and control of the personally identifiable information (PII) involved is paramount, and the highest standards of data security have to be upheld in any system that is sharing biometric data for passenger validation. Regulators’ increasing focus on the security of personal and public data is reflected in public opinion. Recent high-profile consumer data breaches have propelled this issue into mainstream public awareness, raising legitimate concerns as to what personal biographic and biometric data is being collected and shared – and how it can be used and mis-used, whether by international governments or private companies. Furthermore, due to the highly valuable personal data they hold, government agencies, travel companies and airlines are particular targets for data breaches. In recent years, we’ve seen a number of such cases: the US Government’s database of its security-cleared employees was successfully hacked by a hostile foreign government; Marriott Hotels exposed 383 million sensitive data records in one of the largest data breaches in history; and an attack on airline Cathay Pacific left 9.1 million customers exposed in what was the airline industry’s biggest security incident to date. Linking biometric data to an individual’s existing personally identifiable biographic data, such as their passport, will create an even more sensitive data set, and therefore an even more appealing target for attackers. So before any standardised system of sharing biometrics can be rolled out, the industry has to agree on a solution that addresses the data security concerns of regulators and passengers. 3. Biometrics meets the blockchain. This challenge of how to successfully and securely share biometric data for validation can be resolved by applying blockchain technology. The blockchain principles of decentralisation and immutability, coupled with its ‘privacy-by-design’ approach, make it the ideal solution to data standardisation, verification and security challenges. By utilising blockchain, a record can be made each time any biometric data is validated or queried. When it is successfully validated, reputational value builds and can also be recorded. Conversely, when biometric data presents repeated errors, its reputational value can be lowered. When combined with blockchain’s inherent immutability, this means that airlines, airports and international governments can be confident in the accuracy and validity of any data, using blockchain to corroborate its reputational value. What’s more, blockchain’s system of decentralised storage and management means data verification can be secured and re-secured at each stage
Biometric Technology Today
9
FEATURE of the process, assuring data provenance with no single point of compromise and no central store. Essentially, the blockchain process involves making records of data verification that would make no sense to anyone unless they were in possession of the original data. According to independent security testers, using blockchain enables tech companies to create systems that would take millions of years to breach. Its privacy-by-design approach, as advocated in the GDPR, means systems can be built around an un-compromisable concept of data security, rather than having security elements added in retrospect. Innovative technologies, that combine blockchain and privacy-by-design to ensure improved biometric data accuracy without exposing underlying personal data, are already readily available on the market.
One ID’s mission IATA’s One ID relies on coupling accurate passenger biographic data (known as APIS) with the early authentication of each passenger’s biometric identity, followed by instant biometric recognition at every touchpoint thereafter. With every successful verification, the data’s authenticity grows, and the need for extra and repeated manual checks is eliminated. In practice, this combination of biometrics and blockchain negates the need for passengers to present multiple documents at multiple touchpoints throughout their airport experience. Using blockchain, tech companies can create innovative decentralised solutions that can secure passenger data. Then, assuming international standardisation and regulation, the reputational score of the data could become the basis of shared insights between airlines and governments, who would in turn be able to trust that the validation and re-validation is accurate. As a result, wherever in-person checks still have to be performed, the data verification process will allow airlines and government agencies to focus on screening passenger behaviour rather than verifying biographic/ passport data, making the checking process at airports and borders much more efficient. IATA also suggests One ID can meet passengers’ desire for ‘ready-to-fly’ options – in other words, presenting and validating their biographic and biometric details from home. Passengers could use a mobile device to submit their personally identifiable information directly to the necessary parties (such as airlines, immigration, border control) ahead of their journey, further shortening the validation process at the airport. This ability could bring major benefits to airlines, which are increasingly required to provide accurate passenger information to government agencies ahead of the flight. This currently poses a major challenge for airlines as they are wholly 10
Biometric Technology Today
IATA’s One ID is an ambitious vision for the airport of the future, based on combining accurate biographic data and biometric technology for passenger verification.
reliant on correct data being provided by passengers, 50% of whom make mistakes when submitting their API data. For example, consider the role that passenger data plays in helping airlines and governments establish whether that traveller’s data matches a valid visa or ETA (electronic transit authorisation). Today, biographic data alone is used to establish whether the passenger has the right status to travel to a particular country or destination. Increasingly, this could be established using both biographic and biometric data as part of One ID. In the context of passenger ETAs and visas, ensuring data accuracy and validity will become increasingly important across Europe as the EU prepares to introduce its ETIAS (European Travel Information and Authorisation System). This will require passengers from visa-free countries – such as the US, Canada, Australia, New Zealand, and possibly soon the UK – travelling into the Schengen area to hold a valid ETA authorisation. Airlines will also be required to establish that the passenger has the correct status prior to boarding. ETIAS is intended to speed up and modernise border procedures in the EU. However, without better systems for validating passenger data ahead of the flight, staff will be forced to manually check passports in order to cross-reference ETIAS details once the passenger arrives at the airport. This will potentially create queues and slow down the system; in some cases it means that passengers may be informed too late that they do not have a valid ETIAS and won’t be able to fly on the day. Without accurate passenger data, there is no reliable way to establish their status or check whether they have a valid ETA. Combining biographic data alongside biometrics would drive the industry towards better passenger identification, and towards realising the aim of One ID. Airlines will know that the data they are provided with ahead of the flight is accurate, and no passenger will need to be off-loaded or manually re-processed due to a data error.
Airport of the future In summary, IATA’s One ID is an ambitious vision for the airport of the future, based on combining accurate biographic data and biometric technology for passenger verification.
Standardisation and international regulation are the next steps towards the widespread adoption of biometrics in the airline industry. However, biometrics alone cannot provide the seamless passenger experience envisioned by One ID. It’s important that first, the biographic API data is accurate, of the highest quality, and can be shared and validated by airlines and governments. This is where blockchain can play a crucial role in both securing and sharing these sensitive data sets. Blockchain alone is not the answer, and neither is accurate biographic data – but together, they are the first step towards One ID. Only when blockchain and biometrics are jointly deployed can there be assurance of accuracy and trust in identifying each physical passenger. Without this level of data quality, the adoption of biometrics as part of One ID will not be possible. Yet without innovative solutions, the dual problem of data protection limitations and the technical inability to share data between biometric providers will continue to limit any data quality. Accurate, trusted and re-trusted data alone can meet the demands for comprehensive biographic and biometric processes, both in the aviation industry and beyond.
About the author Irra Ariella Khi is the CEO and co-founder of Zamna (formerly VChain Technology), which provides the first venture-backed blockchain security solution for the aviation industry. Zamna’s patented, GDPR-compliant Identity-as-a-Service (IDAAS) solution connects the data sets of airlines, governments and security agencies, reducing the need to check physical passenger IDs in airports. Irra has co-authored Zamna’s first three patents, and leads the deployment of its software to major international airlines and governments.
References 1. ‘Dubai airport trials “Smart Tunnel” that allows passengers to clear passport control in 15 seconds’. Arabian Business, 11 October 2018. Accessed December 2019. https://www.arabianbusiness.com/ transport/406044-dubai-airport-trials-smarttunnel-that-allows-passengers-clear-passportcontrol-in-15-seconds. 2. IATA. ‘2016 Global Passenger Survey’. https://www.iata.org/publications/store/ Documents/GPS-2016-Highlights-Final.pdf. 3. ‘SAP and VChain execs discuss how technology is changing the travel experience’. Aviation Business, 12 May 2019. Accessed December 2019. https://www.aviationbusinessme.com/ airports/technology/18757-sap-and-vchainexecs-discuss-how-technology-is-transformingthe-passenger-travel-experience. 4. IATA. ‘One ID’. https://www.iata.org/ whatwedo/passenger/Pages/one-id.aspx.
January 2020