the application of biometrics at airports docs/aci biometric...ensuring safe air travel. biometric...
TRANSCRIPT
� The Application of Biometrics at Airports
AIRPORTS COUNCILINTERNATIONAL
POSITIONPAPER
TheApplicationofBiometricsatAirports
PUBLISHEDBYACIWORLDHEADQUARTERS•GENEVA•SWITZERLAND
DearACIMembersandWorldBusinessPartners,
Withtheincreasingneedforsecurepersonalidentificationinthetravelindustryandspecificallyatairports,ACIbelievesthatitisimportanttohaveastrongairportpositiononbiometrics.
ICAO, in cooperation with its member States, has coordinated the impending introduction ofbiometricallyenabledpassportsforairtravellers.Itisimportantthatairportoperatorsunderstandthetechnologyandhavecontrolovertheissuesthataffectthem.Moreover,airportoperatorsareintheforefrontofeffortstoapplybiometrictechnologytopassengerfacilitation,especiallycheck-inandboardingprocesses.Lastly,staffaccesscontrolisamandatoryrequirementofICAOAnnex17,andaccesscontrolsystemsareincreasinglyusingbiometricstocheckidentity.
Thispositionpaperprovidesgeneralrecommendationsonthedevelopmentandimplementationofbiometricallyenabledprogrammesforbordercontrol,passengerfacilitationandstaffaccesscontrol.ItwasproducedbyaTaskForcesetupbyACI’sGoverningBoardwhichapprovedthepaperatitsmeetingon6November2005.
TheTaskForcedevelopedthedocumentkeepinginmindtherequirementsinallregionsoftheworld.Thedocumenthasbeenkepttoahighlevel,sincetherearemanyotheravailablesourcesofinformationonbiometrics,andthatstandardsaresetbyotherbodies–notablyICAOandISO.
Icommendthispapertoyouandurgeyoutoconsiderthepointshereinwhendevelopingbiometricsystemsatyourairport.
Sincerely,
RobertJ.Aaronson,DirectorGeneral
3
3
4
5
6
7
8
�4
� ACI Position Paper
AIRPORTS COUNCILINTERNATIONAL
Summary
ACI Position
Passenger Facilitation
Airport utilization of staff biometric credentials
Understanding biometrics
Consideration of ICAO recommendations
Application of biometrics1. Border control2. Passenger facilitation3. Security access control
Definitions
Tableofcontents
3 The Application of Biometrics at Airports
AIRPORTS COUNCILINTERNATIONAL
SUMMARY
ACIrecommendsthatbiometricsystemsbeingdeployedatairportsmustbe:
1. Interoperableacrossmultiplesystems 2. Performancebased 3. Applicableatairports 4. Fast 5. Efficient 6. Secure 7. Reliable 8. Scalable 9. CertifiedaccordingtoICAOandISOstandards 10.Consciousofenvironmentalrequirements/conditionsofeachlocation
ACIpositionACIrecognizesthebenefitsofusingbiometricstoconfirmpersonalidentityforbordercontrol,airportpassengerprocessingandairportaccesscontrol,toimprovesecurity,efficiencyandfacilitation. Identity can be verified by capturing a biometric sample from an individual,and comparingagainst reference data securely recordedonaMachine Readable TravelDocument(MRTD),a“smartcard”,orstoredinadatabase.Thesemethods, togetherwithAPP/API (seedefinitionsatend), canenhance security, speedupclearanceandalleviatedelaysatairports.
ACIencouragesallmemberairportstouseICAOstandardbiometricsintheirbordercontrol,passengerfacilitationandaccesscontrolimplementations,inordertoincreasesecurityandalleviatecongestion,aswellasincreasecustomersatisfaction.
ACIsupportstheworldwideuseofICAO’sinternationallystandardizedbiometricprogrammeforMRTDs,whichusesfacerecognitionastheprimarybiometricformachine-assistedidentityconfirmation.Inaddition,anoptionalsecondarybiometric,eitherfingerprintoriris,maybeaddedtotheMRTD.ICAO’sstandardMRTDandbiometricspecificationsarepublishedinICAODoc9303.
ACImemberairportsbelieve that the implementationofbiometricsatairportsshouldapplytechnology to simplify, streamline and enhance the passenger travel process, includingbordercontrolsandsecurity,whilereducingcosts.
4 ACI Position Paper
AIRPORTS COUNCILINTERNATIONAL
ACIencouragesICAOandgovernmentstocontinuetopromotetheuseoftheICAOgloballyinteroperablebiometricforMRTDsandtheuseofthegloballyinteroperabledataformatsforthethreebiometricsspecifiedintheICAOStandard(face,fingerprint,andiris).ItisequallyimportantthatbordercontrolagenciesandotherstakeholderspromotetheinstallationofICAOcompliantdocumentreadingsystems(aswellasbiometriccaptureandauthenticationsystems)atairportbordercontrolpointstoassistinidentifyingtherightfulholdersofMRTDs.
Passengerfacilitation1. Border control
ACIsupportstheuseofaninternationallystandardizedgloballyinteroperableandICAOselectedbiometricsforMRTDsandstandardisedformatsforbiometricdata.
ACIcallsforaharmonizedapproach,buildinguponICAOrecommendations,fortheuseofbiometricidentifiersinMRTDs.Additionally,biometricsystemsimplementedforbordercontrolmustbedesignedtoimpactpositivelyonpassengerflowsthroughtheairport.Implementationof such systems is recommended, for both arrival and departure processing (origin anddestinationairports).
The introduction of biometrics in MRTDs is a national security and immigration issue.Consequently thecostsofadapting infrastructureatairports inorder tobeable toacceptthese newdocumentsmust bebornebygovernments.However, airports should have theopportunity to take a role in financing the implementation of new systems as a potentialbusinessventure,whereareturnoninvestmentcouldbedeveloped.
2. Check-in and Boarding
Identifyingindividualsuponcheck-inandbeforetheyboardaplaneisextremelyimportantinensuringsafeairtravel.Biometrictraveldocumentreconciliationsystemsachievethisspecificfunction.Thebiometricsofanindividualshouldbeusedtoensurethatthepassengerboardingan aircraft is the same person as the one who checked in; if neces-sary, an individual’sbiometricdata canalsobematchedagainsta “watchlist” topreventundesirablepersonsfromboarding.
Fromcheck-incounterstoboardinggates,biometrictemplatescaneitherbewrittenontheboardingpass(ATBmagneticstripeand/or2Dbarcodes)ortransmittedbytheDepartureControlSystemnetwork, inwhich caseaprovisionaldatabase isneeded. Thisproceduretakeslittletimeandcanbecompletedduringthenormalcheck-inboardingprocess;thereforenoextrastrainisputonthecongestionoftheairport.
5 The Application of Biometrics at Airports
AIRPORTS COUNCILINTERNATIONAL
TheimplementationofbiometricsonaCommonUse(orairlinededicated)SelfServicekioskcanbeaviablewaytocapturethepassenger’sbiometricsuponcheck-in.
3. Passenger Security
Theairportshouldprovidethenecessaryknow-howandflexibilitytoachievetheintegration,automationandinteroperabilityofsecuritysystems,basedonbiometricrecognitiontechnology.Thistechnologyshouldsupportsmoothfacilitationandpassengerflowwithintheterminal.
Thegoalofairportsecuritysystemsshouldbetoensureunequivocalpassengeridentificationandtomonitorpassengermovementfromprofiling/check-in,throughtoboardingatthecorresponding gate. Passenger identity should be checked by the system against Interpolandnationalwatch-listsofcriminalsandterrorists.Thiswouldprovideasignificantincreaseinsecurity, relyingonbiometric identityconfirmationofpassengersateachcontrolpoint,fromcheck-inuntiltheyboardtherightaircraft,thusavoidingidentityswitchesortheuseoffraudulentdocuments.
The systems to be implemented should speed up the validation processes for individualsand their travel documents. In thisway,without unnecessary intrusion into apassenger’sprivacy, thepassenger shouldperceivebothahigher levelof securityandeasierpassage.Airportmanagementshouldallocatesufficienthumanandbudgetresourcestothetasksofimplementation,infrastructureadaptation,maintenanceandupgrading.
Airportutilizationofstaffbiometriccredentials1. Access control for airport staff
ACIcallsuponnationalregulatorstotakeintoaccountthepotentialbenefitsofimplementingbiometrics systems for enhancing security at airports, particularly in identifyingpersonnelwithclearanceforsensitiveareasofairports.
ACI considers that regulators must determine the security objectives, but leave airportoperatorstoinvestigateandimplementthebiometrictechnologyforstaffaccesscontrolthatbestsuitsthelocalconditionsthatcharacteriseeachindividualairport;takingintoaccounttherobustness,interoperabilityandscalabilityofthesystemstobeimplemented.Thegoalshouldbethatonlybona-fidepersonnelhaveaccesstosensitiveareasoftheairport,andthatthesepersonnelhaveundergonedetailedbackgroundchecksforanycriminalhistory.
6 ACI Position Paper
AIRPORTS COUNCILINTERNATIONAL
2. Other systems
Biometricscanbeusedatairportstosecureandfacilitateavarietyofothersystemsthanbordercontrol,passengerfacilitationandaccesscontrol.Forexamplebiometricscanplayarolein:
•
•
UnderstandingbiometricsBiometricsisagenerictermusedtorefertoaphysiologicalorbehaviouralcharacteristicthatcanbemeasuredtoverifytheidentityofanindividual.Physiologicalbiometricsmeasurea part of an individual’s anatomy, e.g. fingerprint, hand, face, and iris; behaviouralbiometricsmeasureanactionperformedbyanindividual,e.g.voice,signature;inbothcasesthecharacteristicshavetobeidentifiable,universal,uniqueandpermanent.
Biometricscanbeusedto“verify”or“identify”aspecificindividual’sidentity.Verification(authentication)referstotheproblemofconfirmingordenyingaperson’sclaimedidentity(AmIwhoIclaimIam?).Identificationreferstotheproblemofestablishingandorauthenticatingasubject’sspecificidentity(seemoreformaldefinitionsatend).
Biometricsystemshaveaseriesofkeyprocessesthathavetobecompletedinorderto:1.allowapersontousethesystem.2.achieveverificationorauthenticationofauser’sidentity.
Employee background checks: as with corporate security, backgroundchecks have become increasingly vital to ensuring airport security. Airportauthoritiesshouldconductcriminalrecordverificationsusingfingerprint identi-fication for employees who deal with sensitive information or work on theapronsclosetotheaircraft.Goodmanagementpracticesandregulationsdictatethat recordchecksshouldbecompletedprior toemploymentorassignment toconfidential tasks. Fingerprint capture stations can enrol staff andmatch theirfingerprinttemplateswithlargeexistingforensicdatabases,makingbackgroundcheckseasier,fasterandmorereliable.
Logical access control: airports are increasingly dependant on computersystems and the Internet and are therefore exposed to network hacking. Thiscan be a major risk for airport operations and constitute a serious threat tocivilaviation.Biometric log-inonclient/serversoftwarecanaddthefunctionsnecessarytosecureanynetworkbiometrically.Logicalaccesscontrol,log-inandpasswordmanagement(singlesign-on),encryption,certificateactivationandPKIcompatibilityaresomeofthewaysairportnetworkandcomputersystemscanbesecured.
7 The Application of Biometrics at Airports
AIRPORTS COUNCILINTERNATIONAL
Thesekeyprocessesinclude:a.Enrolment–thecaptureoftherawbiometricb.Templatecreation–preservingthebiometricviatheuseofanalgorithmtoextracta template from the image captured that will subsequently allow the image to becomparedtoothersusingthesamealgorithm.c.Identification–takesnewbiometricsamplesandcomparesthemtosavedtemplatesofallenrolledusers.d.Verification–takesnewbiometricsamplesofaspecificuserandcomparesthemtooldsamplestakenfromthesameuser.
Theseprocessescanalsobedevelopedasfollows:
Enrolmentprocess,theindividualprovidesasampleofthebiometricwhichiscapturedbyadevice(e.g.acameraorascanner).Informationisextractedfromthissampletocreateabiometricrepresentation(template)whichisrecordedonastoragemedium(e.g.chiporbarcode).
Authentication/verificationprocess:Theindividualprovidesasampleofthebiometricpreviously recorded on the storage medium. The representation created from thissample is compared to the (stored) reference representation. As no two biometricrepresentationsareexactlyidentical,theauthenticationprocessmustdeterminewhetherthesamplesareaclosematch.
In terms of the main objective of biometrics systems, i.e. the authentication process, thechallenge is toachieveahigh levelofaccuracy in the identity confirmationofanygivenindividual.Thisinvolvesdevelopingasystemthatminimizestwokeyproblems:
Incorrectlymatchingasamplebiometricrepresentationofoneindividualwiththereferencebiometricrepresentationforanotherindividual(False Acceptance Rate).
Failingtorecogniseamatchbetweenasamplebiometricrepresentationofanindividualwiththereferencebiometricrepresentationofthatsameindividual(False Rejection Rate).
ConsiderationofICAOrecommendationsICAOhasdevelopedstandardsforbiometrically-enabledMRTDs.Thesestandardsconcernpassports(sometimesknownas“e-passports”)andrelateddocumentssuchasvisasandIDcards,forbordercontrolpurposes,butmayalsobeutilizedbyairportsdevelopingbiometricsystemsforotherpurposes,beitforpassengerfacilitationoraccesscontrol.
1.
2.
1.
2.
8 ACI Position Paper
AIRPORTS COUNCILINTERNATIONAL
Regardingthechoiceofbiometrictechnologyforbordercontrol,thedirectiongivenbyICAOisthatfacerecognitionistheprimarybiometricidentifier,assuringglobalinteroperability,andoneortwoadditional,butoptional,biometricidentifiers-fingerprintand/oriris–asdecidedbyeachissuingState.
For purposes other than border control, it may not be necessary to use more than onebiometrictechnology,asthiswillriskmakingthesystemsmorecomplex,bothforpassengersandoperators,andincreasingthecost.
ApplicationofbiometricsBorder control
Ingeneral, the introductionofbiometrics inMRTDs isagovernment issue therefore thisimpliesthatthecostsofadaptingthepassportcontrolboothsatairportstobeabletoacceptthesenewdocumentsmustbebornebygovernments.
Guidance for the use of biometrics for border control
PerformanceTheperformanceofabiometricallyenabledbordercontrolsystemshouldbedeterminedbythenationalregulatorsinaccordancewiththestandardssetbyICAO.Akeyfactorintheperformanceofanysystemisthatitmustimprovethepassengerprocessingtimeandenhancethethrough-putofpassengers.
Whendesigningandimplementingthesystem,theairportoperatorandbordercontrolagencies shouldalsoensure that thesystemcontains fall-backprocedures in theeventthatapassengerisnotrecognisedbythesystemandmustbemanuallyprocessed.
StandardsThebiometricstandardsforMRTDsaresetinternationallybyICAOandimplementedbynationalBorderControlagencies.ACImemberssupporttheadoptionofthesestandardsinternationally.Common standards forprivacyanddataprotection shouldbedefinedbetweentheappropriateagenciesofeachState.
FacilitiesEventually,biometricsystemswillneedtobeinstalledatallairportswherethenationalauthoritieswishtobenefitfromthem,andshouldbemanagedtocomplementthemoretraditionalidentificationprocedures.Airportsurgetheregulatoryagenciestoconsultandcoordinateonplanninganddesignofthelayout,andintegrationoftheBorderControlfacilitieswithintheexistingairportspaces.
� The Application of Biometrics at Airports
AIRPORTS COUNCILINTERNATIONAL
ACInotesthattheidealfacilitywouldbeagateorbooththatiscapableofreadingandcapturinga single ormultiple ICAO standardbiometricswhichmaybe included in apassenger’straveldocument.
Whendesigningafacility,therearemanypointstoconsider.Systemperformanceisavitalelement;however,specialattentionmustbepaidtotheflowofpassengersthroughthe layout / footprint of the systemwithin the airport’s facilities. In order to cater forthis important facilitation aspect, the design of the system should reflect ergonomicconsiderations.Twootherimportantitemsarethattheprocessshouldbeself-explanatory-theusageofthesystemshouldbeintuitivetoalluserstoavoidslowprocessingtimes,and the systemsshouldmeetpassengers’ requirements related toculturalandhygienefactors.
TechnologyFor themost part, the choiceof technology is determinedby the regulatoryagencies.However,inordertofacilitateinteroperability,agenciesshouldconsiderutilizingexistingairportcommunicationssystemsandinfrastructurewhenimplementingtheir technology–i.e.databases,communications,cabling,network,etc.
CostsAirportsrequestthattheregulatoryagenciesconsultthemandcoordinatewiththemonthecostsanddesignof the systems tobe implemented.The introductionofautomatedsystemsshouldnotsubjecttheairporttohighercoststhanconventionalbooths,suchasthecostofadditionaloradjustedinfrastructure.CostsmustbebornebytheagenciesandNOTbyairports,forexampletheairportsarewithintheirrightstochargearentalfeetotheagenciesonusageofairportfacilitiesandinfrastructure.
Passenger facilitation
Theuseofbiometricsforpassengerfacilitationwillbenefitaircarriers(whichmayusetheminthefirstinstancetoprovideahigherlevelofservicetotheirpremiumpassengers,andmembersoftheirfrequentflierprogrammes)andgovernmentauthoritiesthroughtheuseofICAOandISOMRTDstandards.Airportoperatorsmayalsobenefitfromtheuseofbiometricsystemstoimprovepassengerthroughput;however,theimpactontheairport’spassenger handling capacity will be largely dependent on how air carriers decide todeploybiometricsystems.A“common-user” interfaceapproachforbiometricsbenefitsairportoperatorsforcheck-in,securityscreening,passengersegregationboardingandborderclearance.Aproliferationofdifferentbiometricsystemsamongstaircarriersandbetweenaircarriersandbordercontrolauthoritieswouldnotdeliveranimprovementinpassengerhandling.
�0 ACI Position Paper
AIRPORTS COUNCILINTERNATIONAL
Checkingthatapassenger’sidentityisconsistentthroughoutalltheprocesses-check-in,bordercrossing,passengersecuritycheckandboardingtheaircraft-isthekeytoensurethattherightpersonisboardingtherightaircraftandthatthepersonboardingisalsothesamepersonwhohasundergonealloftheearlierprocesses.Ifthepassengerusesthesametokeninalltheseprocesses,itisquiteobviousthattherearebenefitstobegained.
Astheuseofatraveldocumentisrelativelywidespreadinotherprocessesatairports,andevenwithinairlineprocesses,itcanbeforeseenthatMRTDswithbiometricidentifierswill swiftlybe incorporated into theseprocesses.Thenormalchainofprocesses thatapassenger undergoes at anairport shows that a passport is not only used for bordercontrol;thecheck-inprocesshasalinkwiththepassportasdoestheboardingprocess.Airportoperatorsandaircarriersshouldworktogethertoensurethatregulatorsapplythesamebiometricidentifiersforbordercontrolasforthecheck-inandboardingprocessesinordertofacilitatequickerpassengerflows.
Intermsofaircarrierfrequentflierprogrammes,airportoperatorsencourageaircarrierstoemploycommonusersystemstoavoidtheproliferationofbiometricsystemsatdedicatedself-servicecheck-inpointsanddedicatedcheck-inandboardingcheckpoints.Theuseofcommonbiometricrepresentationsforaircarrierfrequentflierprogrammesshouldbeconsidered.TheintegrationofICAOStandardMRTDswithICAOselectedbiometricsintotheairlineprocessmayrenderredundanttheneedtouseanairlinefrequentfliercard.
Guidance for the use of biometrics for passenger facilitation
Theabovediagram isagraphical representationof the variouspassengerprocessingstepsinwhichabiometricsolutioncanbeaddedtofacilitatethepassengerflowthroughthe airport. Each one of these biometrics solutions should complement the others, sothat the same biometric data and token can be used throughout the system. Whenfeasible,airportsand theirstakeholders inone locationshouldworkwithairportsandthe stakeholders in other locations, to develop interoperable systems that will allow apassengertotravelfromonelocationtoanotherusingthesametraveltoken.
Diagram courtesy of Fraport; based on Simplifying Passenger Travel (SPT) Programme’s Ideal Process Flow
�� The Application of Biometrics at Airports
AIRPORTS COUNCILINTERNATIONAL
Performance AllsystemsimplementedatairportsshouldallowpassengerstobeprocessedaccordingtoICAOwithinthetimesnotedinRecommendedPractices3.36and3.39foundinICAOAnnex9–Facilitation.Theseareasfollow:
3.36 Recommended Practice.— Contracting States, in cooperation with aircraft operators and airport management, should establish as a goal a total time period of 60 minutes in aggregate for the completion of required departure formalities for all passengers requiring not more than normal processing, calculated from the time of the passenger’s presenting himself at the first processing point at the airport (i.e. airline check-in, security control point or other required control point depending on arrangements at the individual airport).
Note.— “Required departure formalities” to be completed during the recommended 60 minutes would include airline check-in, aviation security measures and, where applicable, the collection of airport charges and other levies, and out-bound border control measures, e.g. passport, quarantine or customs controls.
3.39 Recommended Practice.— Contracting States, with the cooperation of aircraft operators and airport operators, should establish as a goal the clearance within 45 minutes of disembarkation from the aircraft of all passengers requiring not more than the normal inspection, regardless of aircraft size and scheduled arrival time.
Standards and TechnologyThebiometricstandardsforMRTDsandotherofficialtraveldocumentsaresetinternationallyby ICAO and should be used in an interoperable manner for passenger facilitation.Whendevelopingasystem,theairportandallotheragenciesshouldconsidertheuseofICAO-standardbiometrics,andifpossiblethesamedocument,e.g.passporttofacilitateintegrationandavoidduplicationofsystems.
Airportsrecommendthattheimplementationoftechnologiesforbiometricsbedonewithcommonusetechnologies,i.e.thatalldevicesinstalledbeinteroperableacrossamultitudeofairlinesystems.Itisalsorecommendedthatthepre-existingairportinfrastructurebeusedbystakeholdersfortheimplementationofbiometricsystems.
CostAirports recommend that new systems being implemented should be designed usingreadily available “Commercial off-the-shelf (COTS)” technology. Airlines are stronglyencouraged to use shared solutions and will be responsible for the TOTAL cost of aproprietarysystem.However,airportsmaywishtoconsideraroleinfinancingacommon-usesystemfortheairport(andpotentialupgrades),asabusinessventure.
�� ACI Position Paper
AIRPORTS COUNCILINTERNATIONAL
Data protectionNationalregulatorsshouldadoptapolicywhichbalancesthegoalsofprotectingpersonaldatawhenusedandprocessedforbiometricsystemswiththepotentialbenefitsthatsuchsystemscandeliverintermsofincreasingsecurityforthepassengerandfacilitatingmoreefficientpassengerflows.Airportswillworkwith stakeholders toensure theprotectionof all shared data and will abide by any national or local data protection laws andpolicies.
Security access control
Airportsreservetherighttodeterminewhichbiometrictechnology(equipmentandtemplate)isappropriatefordeploymentintheirstaffaccesscontrolsystemandinfrastructure.
Initsmostbasicform,airportsecuritymanagersarelookingforasolutionwhichensuresthat flight crewandairportpersonnelarepositively identifiedor verifiedandgrantedappropriateaccessintosecurityrestrictedareas.Untilnow,airportsecurityforstaffaccesshasbeen reliantona seriesof triedand testedprocedures coupledwith conventionaltoken or PIN-based access control security solutions. With the recent emergence ofbiometricidentificationtechnologyanewcapabilitycanbeintroduced,enablingsecuritymanagerstoallowaccesstosecureareasonthebasisthattheyareabletoidentifywhoanindividualis,asopposedtowhattheyarecarryingorwhattheyknow.
The use of a credential with an employee’s biometric template for access control isextremelyimportantsince,unlikethepassengerhandlingprocess,accesscontrolpointsforemployeescanbeautomatedandthereforedonotnecessarilyhavetobemannedbysecuritystaff,unlessotherwiserequiredbynationallaw.
Biometric technology for securityaccesscontrol inairportshasbeenappliedrelativelyslowlyduetofourkeyfactors:
1.
2.
3.
“Over-promise”andunder-deliverybybiometrictechnologyvendors.Thisissuehasalreadystartedtodisappearasvendorsbecomeawarethatforatechnologytobeadoptedonamassscale,the‘customer’mustbemadeawareoftheweaknessesaswellasthestrengthsofthetechnologytheyrepresent;alltoooften,trialsdonotfulfiltheexpectationsofsecuritymanagers.
Fast progress of biometric technology capabilities. This factor is being mitiga-ted as the leading biometric contenders for various application areas becomeapparent;however,anelementofrisk–albeitaninformedrisk–willalwaysexistintheselectiondecision.
Lackofabiometric interoperabilitystandard.This factor isbeingaddressedbythevendorsandthebiometricsindustryingeneral,becausetheyunderstandthatairportswanttobeabletoutilizedifferentpiecesofhardwarewithintheirexistingaccesscontrolsystem.
�3 The Application of Biometrics at Airports
AIRPORTS COUNCILINTERNATIONAL
4.
Regardingthelastpoint,itisaconcernofsomeairportoperatorsthattheuseofbiometricsystemsforcontrollingaccessofemployeestothesecurityrestrictedareaofanairportonlymakessenseiftheterminalareaistheonlyareaconsidered“critical”.Thisisbecauseaccesscontrolpointstothesecriticalpartsmustbecontrolledbysecuritystaff,whomustscreenemployeesforprohibiteditemsandcanthereforealsoidentifythemastheypassthrough the checkpoint. Biometric systems canhelp security staff toperformemployeeidentificationaseffectivelyaspracticedforbordercontrol.
For the reasons above, ACI considers that the role of national regulators must be todetermine the security objectives, whilst taking into account the potential benefits ofbiometricssystemsforenhancedsecurityinairportstaffaccesscontrol.Thechoiceandapplication of biometrics for access control security at airports, however,must be leftto airport operators.Airport operatorsmust beable to investigate and implement thebiometric technology thatbest suits each individual location,and furthermoremustbeable to determine whether the implementation of biometric technologies can delivertangiblebenefits,asopposedtoothersecuritymeasures.
Guidance for the use of biometrics for security access control
PerformanceTheprimary reason to incorporatebiometric technology intoanairportaccesscontrolsystemis theability tovalidate the identityof theemployeewhohaspossessionof theID credential. This will significantly improve security at all access points and airportemployeechecks.
Nationalregulatorsmustprovideaminimumlevelofperformanceforanysecurityaccesscontrol point. The airport is then responsible for ensuring that the system meets theperformancerequirementssetbytheregulatorsandcomplieswithallapplicablenationallaws.
Standards and TechnologyWhendevelopingplansfortheimplementationofasecurityaccesscontrolsystem,airportsshouldbesuretoincorporatetheneedsoftheirtenantsinthedesignofthesystemsaswellaslettenantsplayaroleindevelopingandsettingthestandardsfortheequipmentdesignedfortheirspecificlocations,asthesemayvaryfromairporttoairport.
In order to ensure the ease of development and implementation of an access controlsystem,airportsshouldbeinvolvedinthedevelopmentofregulatorystandardsfromthebeginning.Thiswillallowthepointofviewoftheairportoperatortobeincludedinthestandards.
Thelackofacohesiveapproachfromregulatingbodies.Thisfactoris thebiggestcauseforconcern:withouttheappropriatelevelofguidancefromregulators,airportswillremainintransigentonthedecisionofadoptingbiometrictechnology.
�4 ACI Position Paper
AIRPORTS COUNCILINTERNATIONAL
CostAirports recommend that new systems being implemented should be designed usingreadilyavailableCOTStechnology.Airportsmaywishtoconsideracostrecoveryschemewherebysystemuserswillbechargedfortheusageoftheaccesscontrolsystemorataminimumforthedevelopmentofthetokenbeingused.
Data protectionNationalregulatorsshouldadoptapolicywhichbalancesthegoalsofprotectingpersonaldatausedinbiometricsystemswiththepotentialbenefits thatsuchsystemscandeliverin terms of increasing security for the airport. Airports will work with stakeholders toguaranteetheprotectionofallshareddataandwillabidebyanynationalorlocaldataprotectionlawsandpolicies.
�5 The Application of Biometrics at Airports
AIRPORTS COUNCILINTERNATIONAL
Definitions:Advance Passenger Information (API):
Standardizedbiographicaldatacollectedandtransmittedtotheimmigrationauthoritiesof the countryofdestinationprior toapassenger’sarrival inorder to expedite thepassenger’s clearance. API data can include: full name of traveller, date of birth,sex, citizenship or nationality, travel document type including country of issue andnumber.
Biometric:Ameasurable,physicalcharacteristicorpersonalbehaviouraltraitusedtorecognisetheidentityandverifytheclaimedidentity,ofanenrolee.
Biometric Data:Theinformationextractedfromthebiometricsampleandusedeithertobuildareferencetemplateortocompareagainstapreviouslycreatedbiometrictemplate.
Biometric Sample:Rawdatacapturedasadiscreteunambiguous,uniqueandlinguisticallyneutralvaluerepresenting a biometric characteristic of an enrolee as captured by a biometricsystem.
Biometric System:Anautomatedsystemcapableof:a.Capturingabiometricsampleb.Extractingbiometricdatafromthesamplec.Comparingthespecificbiometricdatawiththatcontainedinthebiometrictemplated.Decidinghowwellthetwosamplesmatche. Indicating whether or not an identification or verification of identity has beenachieved
Biometric Template:Data,whichrepresentsthebiometricmeasurementofanenrolee,usedbyabiometricsystemforcomparisonagainstsubsequentlysubmittedbiometricsamples.
Doc 9303:The ICAO standards publication that defines specifications forMRTD’swhich allowcompatibilityandglobalinterchangeusingbothvisualandmachinereadablemeans.
Enrolment:The process of collecting biometric samples from an individual and the subsequentpreparationandstorageofbiometrictemplatesrepresentingthatindividual’sidentity.
�6 ACI Position Paper
AIRPORTS COUNCILINTERNATIONAL
Extraction:Theprocessofconvertingacapturedbiometricsampleintobiometricdatasothatitcanbecomparedtoareferencetemplate.
Fast track systems:expedited registered traveller systemsbasedon theuseofabiometric to identifyauserasa“knowntraveller”thereforeallowinghim/hertobeacceleratedthroughtheregularairportprocesses.
Global Interoperability:thecapabilityofdifferentsystemsindifferentlocationsaroundtheworldtoexchangedata, to process data received from other systems and to utilize that data in theidentificationandverificationprocess.
Identification/Identify:Theone-to-manyprocessofcomparingasubmittedbiometricsampleagainstallofthebiometrictemplatesonfiletodeterminewhetheritmatchesanyofthetemplates.Theone-to-manyapproachseekstofindasingleidentityfromadatabaseratherthantoverifyaclaimedidentity.
MRTD:MachineReadableTravelDocument
One-to-Few:Thecomparisonofasinglebiometricsampletoasmallnumberofbiometrictemplatesinadatabase.
One-to-Many:Thecomparisonofasinglebiometricsampletoalargenumberofbiometrictemplatesinadatabase.Thisprocessisusedforidentificationpurposes.
One-to-One:Thecomparisonofasinglebiometricsampletoasinglebiometrictemplate.Thispro-cessisusedforverificationprocesses.
Token:Aphysicaldevice thatcontains informationspecific to theuser/holderVerification/Verify:Theprocessofcomparingasubmittedbiometricsampleagainstthebiometrictemplateofasingleenroleewhoseidentityisbeingclaimed,todeterminewhetheritmatchestheenrolee’stemplate.