Earlier this summer, more than a dozen bipartisan senators signed an amendment to the FAA reauthorization bill calling for a pause on the TSA’s further deployment of facial recognition technology until the program is reviewed and approved by Congress. Although the Senate voted to pass the bill without the amendment, the debate over the use of biometrics in air travel will continue. TSA’s facial biometric technology has been deployed in over 80 airports to date, with plans to target over 400 airports in the coming years. This is an exciting transition that leverages innovative technology to improve aviation security, but it also speaks to larger issues such as consumer identity security, who gets to set the rules, and what we should keep in mind as biometric technology is officially rolled out.
Consumers living in today's high-tech world are constantly faced with trade-offs. They must choose between convenience and privacy, ease of use and data security. While this has been standard procedure in technology development and adoption for the past two decades, a new social contract now exists between technology companies and consumers. Consumers are not willing to accept full risks to their privacy and data security when using technology, and the technology community needs to realize this. As technology advances and biometric authentication becomes intertwined with automation, artificial intelligence, data storage, and other 21st century innovations, consumers are becoming increasingly skeptical about the risk-reward trade-off.
Concerns about the potential misuse of biometric technology are legitimate. Companies have made headlines around the world for scraping users' images from social media sites to create “identity” databases without the individuals' consent. More recently, Immigration and Customs Enforcement (ICE) and Customs and Border Protection (CBP) were sued for failing to provide documentation outlining how they share biometric and other foreign national data with the governments of Latin American countries. Such practices only exacerbate consumer concerns about privacy and security.
At the same time, cybersecurity attacks and identity theft are rampant. Pausing the TSA's biometric rollout would not only slow down the passenger identity verification process, impacting travel convenience, but could also expose passengers to identity fraud, theft, or more serious security threats.
Biometrics is already making waves in the travel industry, with companies incorporating the technology into their systems. For example, the TSA has rolled out biometrics in over 80 US airports, enabling a seamless, contactless travel experience. This momentum cannot be stopped; pausing at this point will not help and will only delay the inevitable. Biometric technology is here to stay, but there is still time to put in place guardrails and principles to enable informed, transparent, and secure biometric solutions for the travel and aviation industry.
Organizations that use and provide biometric authentication, like the TSA, have a responsibility to respect individuals' identities and treat them with the utmost care and caution. No one's identity should be sold, nor should it be collected without their explicit, informed consent. Individuals should have the power to decide how their biometric data is used to make their lives easier and safer.
Developers and users of biometric technology are at the forefront of establishing a new social contract between technology companies and consumers. The steps the industry takes today will have a lasting impact on both the safety of the technology and the public's perception of its use. The pillars on which biometric technology must rest are clear:
Data security and privacy are fundamental. Consent must be informed and not buried in terms of use. Transparency about how data is stored, used and deleted is non-negotiable.
For consumers to benefit from the efficiency and security that travel biometrics offer, they need to be confident that the solution to which they entrust their most personal characteristics is based on these principles. A full understanding of how biometrics work, the value they provide, and the potential risks they pose is critical to your ability to provide informed consent. Informed consent opens the door to greater transparency in how biometric technology is used in travel and is central to holding the TSA and airport security around the world accountable. Only then can we begin to restore the trust that has been eroded by companies that view identity as a commodity to be bought and sold.
Trade-offs regarding the use of technology require a nuanced, balanced evaluation based on facts and principles. Used carefully and ethically, biometric authentication while traveling can be of great help. Consider how other industries are leveraging biometrics for this purpose: In 2018, Indian police used facial recognition technology to reunite 3,000 missing children with their families in just a few days.
Similarly, Australia's Crown Casino uses voluntary biometric authentication to keep problem gamblers out of the casino. The system monitors people entering the casino and matches their faces against a photo database of problem gamblers who have voluntarily requested to be barred from entering certain locations. If the system finds a match, staff are notified to verify the person's identity.
Just recently, Mastercard announced it would step up its promotion of Community Pass, a digital platform that stores digital identities and wallets on smart cards to help people in developing countries access government and humanitarian services, in order to reach 100 million users across Africa.
These positive use cases should be celebrated and serve as a blueprint for a transparent, ethical and knowledgeable approach to biometric authentication in travel, building a strong foundation for consumer trust.
Head of Business Development and Strategic Marketing at Thales
Neville Pattinson is Head of Business Development for the Thales Group's DIS Identity & Biometric Solutions team based in Arlington, Virginia. Pattinson specializes in digital identity solutions including smart cards, e-passports, various biometric technologies and mobile digital identity, and is a thought leader in maintaining the security, privacy and authenticity of identity credentials. He can be found on LinkedIn and Twitter (X).
Neville Pattinson's latest posts (see all)
Source link
