Know your enemy

No-one argues that aviation security is a luxury. Now that there is a blueprint for a major advance, the world must implement it

Security is an unavoidable component in an air transport journey. Nobody likes it, but everybody accepts the need for it.

Security measures, in the way the airlines and travellers understand them today, were non-existent before the mid-1970s. The only organisations interested in checking passengers were immigration officials. Immigration's objectives are no different today, but now passengers, pilots and all airside employees need security checking every time they are "processed" for embarkation or access.

The most dramatic wake-up call for an industry that thought it had a security system in place was the Pan American World Airlines sabotage over Lockerbie, Scotland, in December 1988. That shocked European airport and airline security providers in much the same way that the 11 September attacks did for those in the USA. But despite system improvements since then, it is still clear that a determined terrorist has a chance - however much the risk has been reduced - of getting on board an aircraft. Even though there are many "softer" targets than aviation, the industry still seems irresistible to those who want to spread alarm and despondency. Perhaps terrorist groups want to make the point that, even when society goes to great lengths to protect itself, no-one is safe. That is the converse of US President George Bush's promise that terrorists can never be safe.

There are many components in a security system, but the means to defeat identity fraud is one. If this ability could be guaranteed, known dangerous people would find it impossible to travel internationally by air using somebody else's travel documents, or forged ones.

Now, after working for several years with agencies all over the world, the International Civil Aviation Organisation has drawn up a blueprint for a globally interactive system that could make identity fraud almost impossible. Its components - machine readable travel documents (MRTD), combined with personal biometric identification - have been under discussion for years, as much for speeding passenger processing as for improving security.

But now, through ICAO, the world has decided on the equipment specifications and the methodology for operating such a system. The agreed components are MRTDs in which the holder's encrypted biometric and identity details are stored in an embedded, readable microchip, combined with the technology to check the biometric characteristics of the person presenting the document and compare it with the data in the chip. The basic biometric would be computerised facial recognition. If states want to store more than one type of biometric, the additional choices are fingerprints and retinal scans. For example, the USA may wish to include fingerprints in its registration process because that is its recognition device for those with criminal records.

Existing MRTDs that work with bar codes or magnetic strips would not have the storage capacity for biometric data. Another function carried out at airports that can clearly benefit is immigration checking. Any international passenger knows that, on entry to some foreign countries, their identities are checked against a list of people the authorities are seeking, or who would be barred from entry. So nothing would change in principle. The system would become more watertight in practice, because identity checks could be made against extensive databases. Having more than one biometric stored would confer the additional advantage, to the individual, of reducing the chance that the system could confuse him or her with someone else.

Could databases be an optional extra? Surely it is enough just to know that the person who presents the document is the person recognised by the scanners? The answer is no. One of the functions of a passport is that it should be a genuine record of an identity and background check, the details of which are held by an official records office. Otherwise it would be as worthless as a forged banknote. It would be up to individual states to decide whether they wish to share their database with other states. Civil liberties groups in particular might regret that a system like this should be necessary, but other liberties are threatened by not using it.

Implementation will require massive investment and much work, starting with the state organisations that background-check and register applicants for travel documents, then by airlines, airports and security agencies. But the blueprint exists. All those agencies that continually remind us how vital security is no longer have an excuse to delay its implementation.

Source: Flight International