The COVID-19 pandemic has been a terrible crisis for the U.S. aviation security community. Thousands of airport and airline workers have lost their jobs. As of this month, 15 TSA staff have died as a result of the disease.
But while we can never lose sight of these human and economic costs, the pandemic could be a catalyst for positive and truly revolutionary changes across the aviation security enterprise. The drivers for these changes are clear. First, minimizing interactions between passengers and TSA staff has become a top priority. At the same time, TSA needs to maintain a high level of operational readiness – threats to aviation have not receded. And finally, all stakeholders have a vested interest to make the passenger experience better – and encourage the traveling public to return to airports.
We predict these COVID-19 related drivers could dramatically change critical TSA activities – passenger identity verification, on-person screening, and accessible property screening – and transform passenger experience at U.S. checkpoints over the next 10 years.
One of us is a former senior TSA executive who had to balance the constraints of the federal acquisition process with opportunities to innovate alongside TSA’s aviation partners, the airlines and airport operators. The other is a former executive in the security screening technology manufacturing industry who had to balance working under the federal acquisition regulations with customer requirements and the need to make a profit. We’ve remained active in the aviation security community, and together we have a realistic sense of what is needed – and possible.
In this first of three articles, we will focus on the passenger identity verification process and will highlight how biometrics and the use of state-of-the-art ID tokens can simplify access controls and will be leveraged for a seamless travel experience.
Passenger Identity Verification: Biometrics Becomes a Key Part of the Equation
Passenger ID verification is the process in which the TSA Travel Document Checker (TDC) must verify the authenticity of the presented form of ID (driver’s license, passport, military ID, etc.), verify the passenger who presented the ID is a match for the ID that was presented, validate the passenger’s flight reservation status and the passenger’s Secure Flight vetting status, and finally, direct the passenger to the proper security screening lane.
Until recently, all these steps were handled manually by a Transportation Security Officer (TSO). Now, in over 120 airports out of approximately 440 TSA-regulated airports, this process has been partially automated by the deployment of new Credential Authentication Technology (CAT). CAT provides an enhanced fraudulent ID detection capability and confirms the identity and flight information of the traveler. Prior to the COVID-19 pandemic, the TSO would ask the passenger to provide their photo ID and the TSO would insert the photo ID into the CAT unit where the ID is scanned and analyzed. However, TSA recently modified the process to allow the passenger to insert the photo ID into the CAT unit eliminating a touch point between the TSO and the passenger.
2 Years: Facial Recognition Tech Widely Deployed at TSA Checkpoints
Using CAT to validate a driver’s license is only phase one. TSA has been working on improving CAT functionality to include even more of a self-service component. TSA is now developing and testing what is being called “CAT-2”. CAT-2 will allow for verification of a passenger’s identity by comparing their biometric facial image (via camera capture) against the image on their ID. It is possible that within two years, assuming the successful implementation of facial matching capabilities and successful operational testing, CAT-2 could begin to be deployed to airports. This would represent the first widespread deployment of facial recognition technology at U.S. airport checkpoints.
5 Years: Your Face Becomes Your ID
In five years, it may not be necessary for passengers to present their driver’s license or other forms of identification at TSA checkpoints. Building on CAT-2 functionality, specifically the capability of comparing biometric facial image against an image on an ID, the verification of a passenger’s ID could be made between comparing the biometric facial image and a database of facial images, rather than having a passenger present a photo ID for comparison purposes. Of course, this will require putting adequate cybersecurity and data privacy safeguards in place. However, it is worth noting that today, with the implementation of the Real ID Act, state governments are already moving in this direction. Real ID established minimum security features and bars federal agencies from accepting any ID that does not meet those specifications. All the documents presented by Real ID applicants for identity and residency verification must be scanned and stored in a state DMV database, including birth certificates, Social Security cards, and photo IDs.
What does this mean for aviation security? A future TSA passenger identity verification system could be tied directly into the state’s DMV databases. This would eliminate the need to present any form of ID for access into the security screening area – in other words, a passenger would use their face as their ID.
10 Years: Identity Verification and Smartphone Technology Convergence
In the past 10 years, smartphones have become ubiquitous and are now used for an ever-growing number of activities. We expect that within the next 10 years, all smartphones will have the ability to securely capture biometric information, verify the authenticity and presence of the person providing that information (to protect against deepfakes), and to carry a unique biometric token.
What does this mean for TSA operations at checkpoints?
First, it could significantly make it far easier for passengers to enroll in TSA Pre-Check. Today, all passengers have to enroll in person at a TSA Pre-Check enrollment center. But in the future, a passenger could provide all their vetting information, including fingerprints for a criminal background check, and conduct a screening interview via their smartphone.
Second, and more dramatically, the convergence of next-generation identification verification technology and smartphones could enable a truly “seamless” passenger experience. A passenger could check in for a flight at home or on the way to the airport via their smartphone. And with the ability to verify their identity and associate their boarding pass information with their biometric identity, they could – in theory – go from curb to gate, through the entire baggage drop, checkpoint screening and boarding processes, without having to present any physical documents. The barriers to making this scenario a reality are not technological – but it may take a decade to create the safeguards and to integrate the systems needed to make this approach work across all U.S. airports.
The aftermath of the COVID-19 pandemic has changed and will continue to change airport operations and the passenger experience. TSA operations are also changing (in our view, for the better). Although the adoption of biometrics and smartphone applications within the aviation security environment has been slow to date, it will accelerate and give TSA new tools to increase their operational effectiveness and improve passenger experience.
Steve Karoly is Executive Vice President of K2 Security Screening Group and former Acting Assistant Administrator for the Transportation Security Administration’s (TSA) Office of Requirements and Capabilities Analysis. Karoly also served as the TSA’s Deputy Assistant Administrator for the Office of Security Capabilities and CBP’s Chief Engineer and Director of Systems Engineering for the Office of Technology Innovation and Acquisition (OTIA). Andrew Goldsmith was Vice President of Global Marketing at Rapiscan Systems and is now CEO of AGX Marketing (agxmarketing.com), a consulting firm focused on the homeland security technology sector.
