Category: Industry News

A soft target is an ideal target for a would-be terrorist. It has been said that the bad guys only have to get it right once while those responsible for preventing a terrorist attack have to get it right all of the time. Sometimes, assessing how effective, or ineffective, your internal security programme is requires someone to play the role of bad guy in a covert simulated terrorist attack. What follows is an account of an event in which Ivan Luciani, plus a resourceful and determined accomplice, had to play such a role. The results and benefits of these exercises, when carried out on an ongoing basis, can have a significant impact in raising and maintaining staff security awareness.

It took a major terrorist attack on the other side of the planet to make it painfully obvious that aviation security, as we knew it, would have to change – quickly and drastically. Until that shocking day our aviation security programme’s primary focus was, among other things, preventing or dealing with a hijacking or the discovery of an explosive device onboard an aircraft. The threat posed by terrorists changed when they found a new way to wreak havoc in a manner previously unseen: using airplanes as weapons of mass destruction.

As we tried to figure out how the daring and unprecedented 9/11 attacks could have been carried out, questions about the effectiveness, or shortcomings, of our own security programme emerged. At the time I was Chief Pilot of a two-business jet aircraft, fifteen-member, Air Operator’s Certificate (AOC) holder based out of the Macao International Airport. Being the Chief Pilot of a relatively small AOC operation I wore several hats. This included overseeing the drafting and implementation of aviation security policies, processes and procedures. In that capacity I relied primarily on regulatory requirements as well as the industry’s best practices. As I sat in my office the day after the attacks reviewing our Flight Operations Manual’s aviation security chapter it became evident that our procedures were reactive in nature. Emphasis was placed on how the aircrew should respond to a hijacking event during flight or while still on the ground, as well as on actions the aircrew should take in the event that an explosive device was discovered onboard the aircraft.

None of our procedures would have prevented a would-be terrorist from using one of our business jets as a weapon of mass destruction, albeit a significantly smaller one compared to a large airline passenger jet. It was obvious that our understanding and application of security measures would have to be revamped – promptly – in order to cope with the new threat. It was then that, in conjunction with my most senior captain, we came up with a plan to assess how soft a target our company was at the time. The objective was to test our staff’s security awareness via a CEO-approved, four-week long, three-prong covert operation.

The Test: Our Covert Operation
First, and in coordination with airport security personnel, we targeted our aircraft by placing two unsealed, suspicious looking packages on board. We had a window of several days during which time the aircraft were not scheduled to fly and would remain inside the hangar. One of the packages was hidden in plain sight in the first aircraft’s baggage compartment. The other one was placed in the immediate vicinity of the second aircraft. Inside these boxes were items that resembled what we thought looked like crude bombs. We even wrote ‘bomb’ on the packages.

Second, over the course of several days we placed a total of five phone calls to various staff members (dispatchers, administrative personnel, and aircrews). The caller spoke with foreign accents not common to Macao, and persuasively requested information of a confidential nature. This information ranged from a request for someone’s personal phone number or address to specific details (date, airport, passengers) of an upcoming trip.

Lastly, we placed four suspicious looking envelopes, addressed to several key managers, including our CEO, inside the company’s mailbox. The listed sender of these envelopes were individuals from various countries known for having ties to terrorism. Inside the envelopes we placed a fair amount of talcum powder – giving it added weight and volume – and a piece of paper that said, “This envelope could have contained anthrax. Please see the CEO or the Chief Pilot.”

Two years ago Mark Vorzimmer, the Head of Security at Virgin America, received a LinkedIn affiliation request from two young Western Michigan University students, Gabriel Langley and Alexander Szalay, interested in going into the field of aviation law. Gabe and Alex were already pursuing a curriculum in aviation operations and management, and were specifically inquiring about areas falling into a cross-section of the two subjects – legal concerns related aviation operations and management.

Coincidentally, after a number of recent disruptive passenger events aboard Virgin America – one involving the lewd and lascivious behaviour of one individual causing a diversion and a real operational headache – the idea of a commercially and legally acceptable manner of preventing these types of passengers from ‘exposing’ themselves to other aircraft operator’s passengers seemed to offer an interesting challenge. This article is a collaboration of Vorzimmer, Langley and Szalay, after a series of discussions over the ensuing months proposing how this might be practically and legally accomplished.

The International Air Transport Association (IATA) reports that “[S]ome 10,854 unruly passenger incidents were reported to IATA by airlines worldwide last year. This equates to one incident every 1,205 flights, an increase from the 9,316 incidents reported in 2014 (or one incident for every 1,282 flights)”. To be clear, these figures include only those incidents reported…and within that population, only those reported to IATA by their member carriers.

But why should an airline carry individuals who have been convicted of, or conspired to commit, violent or deviant acts against or in relation to aviation? Chances are most airlines don’t even deny transport to those who have committed violent acts on their own aircraft, let alone against or aboard another operators’ aircraft. Worse, a significant number of airlines do not even deny return transport to the very same individuals who commit violent acts on their outbound flights. Why? Perceived legal liability? The lack of an internal system to recognise and prevent such returning passengers?

What about the liability associated with injuries to, and sexual assaults against, your passengers and aircrew should these violent and deviant individuals act out on your flights? What about the safety of your unaccompanied minors? Would you really want a registered sex offender seated next to your eleven-year-old daughter? And what about the operationally disruptive, costly, and potentially dangerous diversions often occasioned by these types of people?

The following are some things aircraft operators should consider in taking steps to protect their passengers, aircrew, and aircraft from violent, deviant criminals.

Contract of Carriage
Firstly, what does your Contract of Carriage (CoC) say about your airline’s right to deny transport to those who have engaged in violent, objectionable, or other criminal behaviour, and to whom does it speak? Does your CoC language speak only to those who have engaged in such acts in the past (on your airline), or does it speak prospectively to all those who have simply entered into a ‘contract’ to fly on your planes by virtue of their having purchased an airline ticket prior to flying? All CoCs should do both, and for extra measure they should speak to those who have been convicted of committing certain crimes against aviation more broadly.

Internal Watchlisting
No policy or process to refuse transportation to anyone would be effective without the ability to recognise when such individuals attempt to make reservations on your airline. Since 9/11, airlines have been required to collect Personally Identifying Data (PID) from passengers, such as dates of birth, and most airlines have systems in place to not only recognise when certain individuals attempt to make reservations, but to even prevent completion of the booking process, forcing such parties to make actual (as opposed to virtual) contact in order to complete the booking. Other airlines permit such individuals to complete the reservations booking process, but then subsequently send alerts to pre-identified internal personnel tasked with responding to such bookings. Some simply accept bookings, but prevent check-in as a means of forcing such individuals into a face-to-face interaction with ticketing personnel who then alert internal security. In the main, the differences between these systems are driven by the technology an airline has in place.

In January 2016 I went from being an active airline pilot to becoming the Civil Air Navigation Services Organisation (CANSO) representative of ICAO for the Air Navigation Service Providers (ANSPs). This led me to consider aspects of aviation security that had not, as a pilot, previously been at the forefront of my concerns. In particular, one of the fastest growing threats facing the industry is that of cybersecurity. As the technology we implement becomes more sophisticated, so too does the threat from people with malicious intent. Using our own systems against us, these people are capable of disrupting airports, airline operations and even aircraft mid-flight. Although this threat is not only against aviation, the aviation industry has to make it a higher priority.

Air Traffic Management (ATM) is changing rapidly. The industry already makes great use of information and communication technology, but continuing innovation and greater cost-efficiencies are required while initiatives like SESAR and NextGen promote the spread of network-based technologies and integrated approaches. The planned introduction of System-Wide Information Management (SWIM) will see even greater exchanges of data, with the various systems becoming more closely integrated. There are clear operational benefits to these developments but also risks in the form of greater security vulnerabilities. Cybersecurity threats range from simple acts of digital vandalism to major cyberattacks. ATM must tackle cybersecurity by assessing the vulnerability of processes, assets and, particularly, IT infrastructure to criminal activities and attacks, whether these involve staff or outside parties. The wide range of potential cyber-threats and the integrated nature of modern ATM demand a holistic approach and the involvement of all ATM stakeholders.

What concerns ANSPs the most is the vulnerability of the IT systems that control the ever-growing traffic around the world. We rely on technology to safely manage flights and keep aircraft separated from each other. Around the world institutions and government agencies are looking into the problem, but a viable global solution is still distant. Upgrades in technologies over the last 20 to 30 years were introduced when cyber-threats were not a major issue, resulting in open and non-encrypted data transfers.

SWIM will be based on Service Oriented Architecture and open and standard mainstream technologies meaning it will be vulnerable to all kind of interferences. Prior to full implementation, we need to ensure it is secure enough to maintain the integrity of the system.

ADS-B (Automatic Dependent Surveillance – Broadcast), is a surveillance technology in which an aircraft determines its position via satellite navigation and periodically broadcasts it, enabling it to be tracked. Information can be received by ATC ground stations as a replacement for secondary radar. It can also be received by other aircraft to provide situational awareness and allow self-separation via TCAS (Traffic Collision Avoidance System). However, ADS-B is also a non-encrypted data link. It has been shown that it is possible to project virtual aircrafts via ‘spoofing’. Although one extra target on a radar screen might not be a problem, multiple false targets might create a safety hazard. How does an air traffic controller react when his radar screen is filled with virtual targets? How do pilots react when their TCAS system reacts to virtual aircraft?

Rising passenger expectations and the need for improved security effectiveness in the face of an evolving global threat create urgent demand for checkpoint transformation. This transformation is informed by data, streamlined through process, enabled through technology innovation, and driven by collaboration between airports, government agencies, and industry. Realising truly transformative checkpoint evolution relies on action and change at all points across the aviation ecosystem. Alex Mirkow and P.J. Rivera offer their perspective on a checkpoint transformation approach that can meet both security needs and customer demands through collaborative transformation across the aviation ecosystem.

Imagine a seamless, no-touch security screening process that enables you to quickly move through security, having time to enjoy all of the amenities that modern, global airports have to offer. You arrive at the airport via a car-share service that automatically sent your estimated arrival time to your airline (and shared flight updates with you during transit), and you quickly undergo biometric identity verification (you enrolled at home earlier in the week) after stepping foot into your terminal – no need to scramble for your boarding pass or wait in line to get your documents checked. You then use your smartphone to navigate to the checkpoint that’s not only closest to your gate, but also the one with no line. Then, rather than untie and remove shoes, jackets, and scarves, all while trying to navigate your carry-on luggage to the X-ray machine, you simply walk (at your own pace) through the first open passenger lane, placing your luggage through a parallel screening lane (no lifting required), all with plenty of time to spare. You then navigate to the nearest preferred passenger lounge (via your smartphone, of course!), relax before your flight, order your favourite snack and catch up with your emails, all before your smartphone notifies you that it’s time to board. You proceed to your gate, seamlessly passing through border check (since your information was sent when your biometrics were scanned upon entering into the screening process), and get ready for take-off.

True checkpoint transformation that enables this type of seamless, customised passenger screening experience requires attention to all facets of the aviation ecosystem – each and every piece of the aviation passenger journey. It cannot be achieved alone by simply focusing on one part of this journey; rather, checkpoint transformation is achieved through close collaboration between ecosystem stakeholders, including airports, airlines, and government and private sector innovators, and the integration of data, technology, and process components.

Airports embarking on a checkpoint transformation journey should balance their focus across the aviation ecosystem and carefully consider the evolving requirements of the passenger journey and checkpoint screening experience:
– Technology innovation that enables a seamless screening experience
– Improved resource allocation that focuses attention on the highest risk passengers
– Process optimisation that maximises screening efficiency and passenger satisfaction
– Data integration that informs and enables all points of the passenger journey

Achieving this type of transformation depends on coordination and partnership with a wide array of aviation stakeholders to enable a seamless screening process. It relies on thoughtful collection of data that allows greater understanding of who is travelling, and when.

It leverages innovations in technology, including the use of biometrics and facial recognition, behavioural detection technologies and methodologies, and advanced screening capabilities such as computed tomography (CT), millimetre wave, and variable screening algorithms. And, it is promoted by thoughtful design that creates agility, flexibility, and seamless flow throughout the airport.

The use of online payments in trade has grown immensely in the last couple of years. We are now at a point where online transactions represent the majority of all airline ticket purchases, resulting in a large amount of personal and financial information, particularly card data, being stored on the internet. Cybercriminals break into databases, download credit card information and then sell this information on the dark web, a collection of websites that are publicly visible but hide the server or IP details that run them. Fraudsters then use this stolen card data to buy airline tickets, causing huge damages for travel service providers. Shalini Levens proffers a solution.

According to surveys done by Cybersource, the annual damage for all airlines combined is 1.4 billion dollars. It is also estimated that between 1% and 2% of all booking attempts on an airline website are fraudulent. Therefore, it is fair to say that the airline industry has faced an unexpected battering from card fraudsters and has had to reorganise rapidly to face this unforeseen threat.

In retrospect, there have been certain key developments that, collectively, have led to a turnaround in the industry and a reduction in opportunities for the potential fraudster. Airlines are now in greater control of their payment operations, which has resulted in a considerable reduction in credit card fraud. The most important development has been the ability of fraud analysts to exchange information through meetings and secure online forums. This information includes structured personal data such as names and e-mails that need to be validated against a database, as well as guidelines and best practices that are shared informally.

Some of the meetings and online forums are for members only, while others are open to verified fraud analysts and professionals from any accredited organisation. A well-known open forum in the industry is FraudChasers, which facilitates a platform for fraud analysts to chat, share information and to have one place to post information about upcoming meetings. For an individual who may be the only fraud-fighter in their organisation these forums are like a life-support machine.

Additionally, on a strategic level, the travel sector has created an industry-wide body where executives can meet and coordinate actions, both regionally and globally. There is a regular programme of working groups that takes place at venues across Europe, Asia-Pacific, North America and beyond. Key to the success of both personal and corporate collaboration is that people from different organisations continue to meet regularly face-to-face. Connections of trust, once formed, can last a long time online, but occasional meetings in person reinforce and develop that trust.

The next step in industry-wide collaboration is sharing data. When the working group is small, this can be done via e-mail, but once groups start to grow, automation is essential. The need arose for groups to establish steering committees to choose a neutral technology supplier who develops the various online forums and databases. One of the requirements was that the data-sharing technology itself had to be cloud-based and highly secure. Hence, it has to enable businesses to submit and share suspected fraud data legally, while always retaining ownership of the data. Through this, a merchant can remain completely in control of its data, even after it has shared it.

The need for this capability led to the development of Perseuss, a secure community platform where merchants can legally share information about encountered fraud cases. It allows merchants, such as airlines, to verify their own sales data to identify any suspicious transactions. This data sharing platform including analysis, reporting, scoring and e-mail age verification. The database is enriched and developed with a high degree of participation and input from working fraud analysts so the screens and layouts blend naturally into the operational workflow. This increases efficiency and improves decision-making.

Merchants who provide travel services rely on a vast network of partners to make the payment process proficient. Among these partners are payment service providers, software suppliers, banks, card schemes, industry associations, legal entities, national police forces, as well as international law enforcement agencies. The travel industry had the foresight long ago to involve all of these bodies in the global war against card fraud.

Co-operation between travel companies and law enforcement agencies in the international battle against fraud has been very fruitful during 2016. Through this partnership, a plan is being developed to organise ‘Days of Action’ against credit card fraudsters, which will increase in frequency until they become an everyday norm.

by Philip Baum

There is always news, and much of it is depressing. We have been saddened this year with the passing of sporting legends such as Muhammad Ali, Arnold Palmer and Johan Cruyff, as well as musical icons David Bowie, Prince and Leonard Cohen. Political leaders who were the newsmakers of the 20th Century have also made their exit – King Rama IX of Thailand (Bhumibol Adulyadej), Elie Wiesel, and, so much part of aviation security history, both Shimon Peres and Fidel Castro.

It has been a year of new challenges, some of which, such as the outbreak of the Zika virus in January, we, as individuals can do little about. However, 2016 has also been a momentous year from a geopolitical perspective and many are asking whether the lessons learned from World War II have, perhaps, been forgotten? Or, and arguably worse, intentionally disregarded? We seem to have become immune to human suffering and intent on going down a xenophobic, self-protectionist route. So much for multi-culturalism.

The human tragedy in Aleppo that is unfolding as I write makes for graphic television imagery, yet how many of us are actually doing something about it? We, as a society, respond similarly to the plight of the refugees risking their lives to cross the Mediterranean to European shores. Anybody who has visited Yad Vashem in Jerusalem, the Kigali Genocide Memorial in Rwanda, the Tuol Sleng Genocide Museum in Cambodia or Holocaust memorials and exhibits around the globe will have exited them with that feeling of frustration that people knew but did nothing, or even self-disgust that they were personally aware of the plight of people on distant shores, but failed to act. Out of sight, out of mind. And it is against that backdrop that we are seeing a surge in right-wing activism. We don’t really want to see…

Many commentators have recognised the groundswell of angst in Western society, yet few acknowledged its scale until the anti-immigrant rhetoric of UKIP (the United Kingdom Independence Party) managed to win over more than 50% of the British electorate who actually voted and set the country on course for Brexit. The immediate rise in racial, anti-Semitic and homophobic incidents in the aftermath of the decision to ‘Leave’ was sickening.

Less than half a year later, an even greater seismic result emerged in the United States with the election of Donald Trump and Indiana Governor Mike Pence as its 45th president and 58th vice president. As Trump vows to ‘make America great again’, the rest of the free world has looked on in abject horror at the thought of a seemingly misogynistic racist as its de-facto unelected leader. I am sure that there are a few readers who might have voted Republican, and I respect your exercising your democratic right to do so, but I have yet to meet a single European who is anything other than disgusted that Trump – a man who can even make jokes at a political rally about people with physical disabilities – will be entering the White House. “Great again”: in whose eyes? Whilst I admit I am not optimistic, one hopes the reality of his taking on the awesome responsibility of being Commander-in-Chief may make the, as one commentator put it “imperfect candidate with a near-perfect message” temper the rhetoric and build bridges between nations and communities.

Eleven days after the US election, a meeting was held by the alt-right movement in Washington DC, in which its leader, Robert B. Spencer, spoke in a style one could only equate with Hitler at a Nazi rally. He ended with the words, “Hail Trump! Hail our people! Hail victory!”, but it might as well have been ‘Sieg Heil’. I urge you to watch a clip of excerpts of the meeting at http://www.youtube.com/watch?v=1o6-bi3jlxk posted by The Atlantic. Can we really continue to justify such freedom of speech?

The political landscape in Europe is indicative of a surge in right-wing activism. In Germany, the AfD (Alternative für Deutschland) emerged, only three years ago, on an anti-Euro platform and morphed into an anti-immigrant party; more specifically, anti-Islamic with a proposal for banning the construction of mosques on German soil. Its leader, Frauke Petry, has even spoken of turning guns on people who try to enter Germany illegally. In France, the National Front, led by Marine Le Pen, is now a mainstream political party and many think that her chances in next year’s presidential elections are quite ‘good’. Le Pen has celebrated the success of both the Brexit and Trump election campaigns and is urging French voters to reject the EU and use the ballot box to vote to restrict immigration. General elections in both France and Germany in 2017 will be further barometers of the political winds of change.

Italy is also on course for a referendum of membership of the European Union, whilst in The Netherlands, the Party of Freedom is advocating the closure of Muslim schools and even the recording of the ethnicity of Dutch citizens. In Greece, Golden Dawn has, like the National Front in France, become a major player in the Greek parliament and, despite being branded by many as neo-Nazi and having many of its leaders arrested and charged with criminal activity, they continue to be gaining widespread support, exacerbated by the country’s geographical location putting it on the frontline for handling trans-Mediterranean migrants.

X-ray screening is an inherent part of the security process at airports, let alone in other sensitive areas, such as courts or prisons. In the European aviation sector, security officers operating X-ray machines are mandated to undergo training for six hours every six months. Sandrina Ritzmann and Claudia Lüchinger discuss why training of X-ray image interpretation is extremely important, what role computer-based training (CBT) plays and what characteristics and aspects are important for high-quality CBT.

Depending on the number of passengers or cargo handled, security officers (screeners) deal with X-ray images for several hours a week. So do they still need training? The answer is yes. Research has shown that visual knowledge of threat items and their appearance in X-ray images (so-called knowledge-based factors) is one essential prerequisite for good X-ray detection performance. This knowledge has to be acquired and maintained through regular training as the X-ray image often differs substantially from the regular appearance of an object Thus, training is needed to ensure that security officers know which items are prohibited and what they look like under X-ray examination in order to successfully detect them. A number of scientific studies have shown that computer-based training (CBT) can significantly improve the X-ray image interpretation competency of screeners.

Advantages of Computer-based Training
Given the fact that training is needed, the next question is: what kind of training is optimal to enhance the X-ray image interpretation competency of screeners? The type of training required depends on the skill that needs to be acquired. To specifically target the visual knowledge of prohibited items, CBT has several advantages over face-to-face classroom training, practical training, or training on-the-job (although these forms are certainly useful for other skills). One advantage of CBT lies in its function as a standardised training tool; once a training system has been implemented, it can be used effectively by a large number of people. Furthermore, individual progress is flexible and not dependent upon an instructor or other trainees (as it would be in a class setting) allowing for higher training efficiency. The flexibility of CBT is also important because it facilitates the implementation of distributed practice (whereby, for example, every X-ray screener might receive 20 minutes training every week); general research on human learning and training has shown that regular, distributed practice sessions leads to better results than ‘massed’ practice (several hours of training once every few months). Another important aspect of CBT is its capacity for progress measurement and skill assessment. For instructors in a face-to-face setting, it is very challenging to measure progress or assess skills in an objective and reliable manner, especially when dealing with a large group of people. CBT also provides direct user interaction and feedback, which can easily make it more motivating than instructor-centred training.

Administration features of CBT systems provide various instruments to the administrator to target and monitor users’ performance; the management tools enable setting training goals and the continuous reporting provides an overview of each user’s training behaviour, training hours and results.

However, not every CBT programme is worth implementing just for the sake of it. There are important aspects to consider when the quality of CBT is assessed. Two facets will be highlighted in more detail below.

Security screening at airports is today an integrated and expected part of air travel that no-one really questions (unless the waiting times are too long). The components required to perform screening are – of course – screeners, screening technology equipment and passengers and staff. The security equipment used has evolved significantly and its performance has taken huge steps since the earliest times of screening. There are however two factors that remain unchanged: firstly, we, as human beings and our abilities and skills, and secondly, the fact that even the best screening equipment is limited to delivering information required for the screener to make a decision. All security critical decisions are ultimately made by the security officer. Screening performance relies as much today on the human factor as it did 50 years ago and on the ability and competency of the security officer to make the right decision. In this article Dan Larsson discusses what factors affect screener performance and how technology can have an effect on our ability to ensure that the tool remains sharp at all times.

A wise man or woman once said, “The human mind works in mysterious ways”. It is sometimes difficult to grasp just how complex these ways are. Because, deep down we are still humans that rely on instinct and natural reflexes to survive in the sometimes very challenging environments we live in. This is especially true in an unfamiliar environment, where we have the ability to instantly react to the unknown and, initiate the ‘flight’ or fight’ response. We also have an ability to diminish and disregard risks if the same ‘unknown’ were to appear in a familiar environment where we feel safe and comfortable. This is because the perception and assessment of risk always has been necessary for mankind to explore, learn, develop, and thrive. Those abilities and perceptions, still affect our decision-making abilities and choices in our everyday life. They also affect the way a screener regards the classification of an item in an X-ray image as potentially, dangerous, suspect or harmless. A screener who, for some reason, perceives the situation as dangerous, e. g. a high level of threat, is maybe more likely to find a dangerous object than the same screener who perceives the situation as calmer and more peaceful.

We will, for the foreseeable future, depend on the human mind as the final and ultimate tool in security screening. We therefore have to have a comprehensive understanding of the factors that influence the security screener and how they are influenced by their perception of risk, confidence in the security equipment, the working environment and, last but not least, the impact of management and leadership. Screener performance also depends on the environment he or she works in, with influencing variables including noise, lighting, temperature, working hours, etc. This article will however focus on factors that have an effect on the screeners’ understanding of risk in the assessment of screened objects and persons, and how the technology used can affect this.

The probability that a screener detects a certain dangerous object depends on four factors (apart from the object itself): ability, attitude, environment, and technical equipment. We shall refer to them as ‘Screener Performance Factors’. Ability, attitude, and environment change over time, whilst performance levels of technical equipment are more or less constant in the short term.

Screener Performance Factors
There is an interrelationship between screener performance factors. Understanding the technology used and its limitations is crucial to successful operational performance. The user/machine interface is further complicated by technology that, on one hand, can make the screener more alert and have confidence in that technology, but on the other hand ‘trust’ the technology too much.

Ability
This factor is dependent on recruitment, selection, and training. The task of being a security screener is the most demanding and difficult one you can find at an airport. Screening is an activity of industrial proportions. At our busiest airports, hundreds of thousands of passengers are screened every single day. There is a constant pressure to be effective, friendly, and not to take any risks. To find the right people to accomplish this task is a serious challenge. Testing and very thorough interviews together with a careful look at references are necessary. This can be difficult in an environment that sometimes has a high employee turnover rate, but in my experience, if you don’t get it right from the start, you will never get it right later.

Training is not just about obtaining the practical skills required. It also has to include the concept of risk in aviation and an understanding of how the human mind relates to risk. It has to promote a professional attitude to the risks involved.

Advances in technology, scalability, and improved mobile devices are now enabling use cases that were previously thought impossible. The airport environment is a particularly interesting market for biometrics as the use cases splits into two distinct threads – even though they are very much intertwined. On one hand we have over eight million people travelling world-wide, every day, for business or pleasure who are seeking an enhanced travel experience. On the other hand we have a dynamic, ever changing, universal border security environment which is demanding streamlined border control processes and enhanced border protection technologies to support international and domestic security efforts. Automated border control processes which accurately confirm the identity of travellers by the use of self-service biometric touch points which offer quick, reliable authentication of each passengers travel documents, and guarantees that the passenger holding it is the rightful owner, by matching the passport chip’s photo with a live photo, for example, are now becoming common place at many international airports.

The term ‘biometrics’ is derived from the Greek words ‘bio’ meaning life and ‘metrics’ meaning to measure. Although automated biometric systems have only become available over the last few decades, due mainly to significant advances in the field of computer processing, there is no doubt that the technology is now here to stay. The International Standardisation Organisation (ISO) defines biometric recognition as “automated recognition of individuals based on their biological and behavioural characteristics”, and biometric characteristics as “biological and behavioural characteristics of an individual from which distinguishing, repeatable biometric features can be extracted for the purpose of biometric recognition”.

Many of these new automated techniques however, are based on ideas that were originally conceived hundreds, even thousands of years ago. The process stems from a social context of belonging to a group or family where associates rely on their memory to recognise peculiarities such as appearance, voice and shared knowledge. Recognition identifies children, friends and foe, and is inherent in all species. This simple task has become more challenging as populations increased and as more convenient methods of travel introduced many new individuals into once small communities. Most identification processes are associated with the collection of physical data. Our eyes, and to some extent our hands and ears, collect the data; the brain processes the data collected and attempts to make a match with stored information. When we look at another face our eyes scan the face for distinguishing characteristics. The more prominent the characteristics the easier it will be to remember that person. Traditionally, identification has been based on physical attributes such as eye colour, hair and skin colour, scars, birthmarks, tattoos, height, and weight for example. Thumb prints in wax, letters of introduction, signatures, references from known associates, and birth certificates are traditional forms of identification and are still used today. As identity moved from a social context towards being an economic requirement the process became more complex. Names and surname were used from 1066 and in 1538, during the reign of Henry VIII, parish priests started to keep registers of births, deaths and marriages. In 1870 Alphonse Bertillon, clerk at the Prefecture of Police in Paris, produced the first method of identifying individual criminals by fingerprints, and in 1892 Englishman Sir Francis Galton proposed biometric indices for facial profiles. Other methods such as social behaviour, code names, biodynamic chips, tags and monitoring anklets are also used for identification purposes.

As the human population, economic community and threat environment has developed and become more globalised so too has the complexity surrounding the issue of identity and its appropriate management. Birth certificates, naturalisation papers, passports, and other government issued documents prove citizenship, but are not enough with the sophistication of forgery in documentation and identity related crime. Positive and reliable identification of humans is now a much more important topic in most government and commercial organisations and one which is intensifying. With increased emphasis on security, there is a growing and urgent need to identify and authenticate people both locally and remotely on a routine basis in a more robust manner.
With the advent of computing power these methods are now traditionally characterised into three groups; knowledge based – secret information that only you know, such as a passwords and PINs; token based – something you have in your possession such as a key or token; and biometric information – an individual’s unique physiological or behavioural characteristics including face, fingerprint, palm print, voice, gait and signature. In knowledge based systems users tend to choose passwords and PINs which are guessable and I’m sure we’re all guilty of writing down our passwords, storing them in wallets or near our computer, using the same password or PIN for different systems and sharing passwords. With token based systems keys and cards may be lost, stolen, forgotten, duplicated and shared.

Airport terminals have long provided protestors with a safe and effective environment for spreading international awareness of an array of issues. More often than not, demonstrations are conducted peacefully, causing little to no interruption of services and procedures, but what are the risks associated with protests in an airport setting? Lucy Rawlings discusses these issues and considers whether our right to protest is impinging on the effectiveness of our security measures.

Airports have a long history of attracting protest groups who use them as a stage for a global audience to hear their concerns. Many airports, including London Heathrow, have stated that they ‘support the right to peaceful protest’ within their doors as long as they do not disrupt the safe and smooth running of the airport. In many respects this is admirable; they are supporting the right to freedom of speech and freedom to protest, without which we would not have many of the liberties we exercise today: equal opportunities, women’s right to vote, or the right to join a trade union. But, in the current climate, with a focus on security increasing, at what point do we view these protests as a potential threat and declare airports to be an inappropriate venue for public demonstration? At what point do ‘off-airport issues’ become an ‘on-airport challenge’ and a threat to the safety of those who enter the parameter?

Airport protests are often staged by groups whose issues are not airport-related as they are seen as an effective method of reaching a broad and international audience. Airports are also considered a safe environment for protesters themselves since the police are unlikely to storm a terminal or turn water cannons on protestors – as they did on the student protestors on the streets of London in 2010, or use tear gas and pepper spray, as they did during July this year against civil rights protestors in Arizona – for fear of damaging the airport or causing harm to travellers and employees. In recent years many laws have been passed, which limit the number of places in which groups are allowed to protest, often requiring permits or limiting them to certain public spaces. Generally, a permit is required for a protest to be staged at an airport and they are often granted providing the protest is to be conducted in a contained and peaceful manner. However, many protests take place in a ‘hit-and-run’ style, whereby the protestors enter, cause a disruption, and either abruptly leave, are arrested, or escorted from the premises. This raises concerns around the ability of risk-imposing individuals to enter the airport undetected and cause a disturbance. Genuine protestors are, generally, harmless, but they are an example of how easy it could be to enter and cause greater harm, or to potentially use a protest as a front for an attack.

There have been many examples of these ‘hit-and-run’ protests occurring in airports all over the world, some causing damage and others merely a disturbance. On 25 June 2013, five men dumped human faeces at the entrance to Cape Town International Airport. Witnesses described how the men arrived in a black car, unloaded containers covered in blue plastic bags, put them onto a trolley and brought them to the airport’s entrance where the contents were dumped. Some was also spilt near the escalators leading to the airport’s restaurants. One of the men explained that, by staging their protest at the airport, they were hoping to send a message to the United Nations that, “The city does not care about the health of black people”. The men and those in their community, understood to be known as ‘Europe’, an informal settlement in the Guguletu township bordering Cape Town International Airport, had been living with unsanitary toilet facilities, which they explained had been filled up for three months. Airport operations were not affected by the incident, but the men were arrested.

It would be safe to say that this protest would have made an impact on those unfortunate enough to witness, and smell, it. However, aside from that, protests which occur in this way create a significant distraction for airport security, staff and travellers. While these men were being dealt with someone with greater negative intent could have seen this as an opportune moment to act and, with security staff distracted, go undetected and cause greater damage than may have occurred otherwise, if at all. In this case one must also question how these men managed to bring such questionably shaped and wrapped containers into the airport grounds unchallenged.

In August 2014, a similar style was taken by LilithS, a Belgian feminist activist group, when they poured hundreds of litres of fake blood in the main entrance to Liege Airport and over some of the check-in desks. The blood was to symbolise what they believe to be the ‘slaughter’ of Palestinians in Gaza by Israel, and they targeted the airport to protest its alleged facilitation of the transport of arms to Israel. The members wore T-shirts bearing the colours of the Palestinian flag and the slogans ‘Terrorism is real’, and ‘Free Palestine’. Behind the main site of their protest they hung a banner declaring, ‘How many tons of weapons for so many litres of blood?’. Aside from creating a potential distraction, these women caused criminal damage to the airport. Should this be tolerated? It is a key consideration for the future of protests held at airports.