Securing One ID: ACI and IATA’s next big bet for seamless movement of passengers at airports

The DNA of tomorrow’s airports

For airports to run profitably while handling exploding passenger traffic with shrinking capacities, and managing multiple stakeholders while delivering a seamless experience, they cannot bank on the current ways of doing business.

• How can we reduce the documentation and identification time taken at every touchpoint?
• How do we make passenger movement smoother, faster and more efficient?
• How can we move more activities off-site?
• How do we use space more efficiently?
• What technology investments can optimise resources?
• How do we improve data-sharing between multiple stakeholders in a secure way?

These are some of the questions aviation experts are asking with increasing urgency.

The International Air Transport Association’s (IATA) and Airport Council International’s (ACI) New Experience in Travel and Technologies (NEXTT) initiative is a step towards conceptualising and building the future airport that leverages technology to address these concerns. One of the building blocks of NEXTT is One ID.

In this POV, we explore the benefits of One ID for airports and the pressing need to secure it given passenger and regulatory concerns around data privacy and security.

What is One ID?

One ID is a document-free process based on identity management and biometric recognition, similar to social security numbers or Aadhaar. Under One ID, every passenger will have a unique, lifetime ID for air travel that enables a frictionless and paperless experience. This ID can be used across all channels of interaction in an airport, across multiple stakeholders from security check (government), to check in (airlines), to immigration (government), to shopping (retailers) – both online and in person.

The One ID advantage

One ID can deliver three key benefits for airports – improve passenger experience, improve throughput, and increase non-aeronautical revenue.

Boost passenger experience

An IATA study found that a queuing time of more than 10 minutes is unacceptable to passengers. Today, it can take anywhere between 45 minutes to two hours to get to your gate from the time you walk in to an airport. One ID can cut down the time taken at interaction points, reduce queues and make the flow of passengers easier throughout the terminal.  

Improve capacity utilisation

The IATA predicts that there will be 8.2 billion flyers by 2037. With passenger traffic rising exponentially, airports are constantly struggling with capacity issues. One ID can help airports create extra capacity and increase passenger throughput with the same infrastructure by enabling data-sharing to help make throughput-related decisions. For example, if you know how many people will drive to an airport and at what times, you can implement dynamic pricing for parking.

Optimise revenue streams

Finally, One ID’s masked, privacy-protected data can prove invaluable in increasing airport revenues.

Data suggests that for every minute a customer is in a retail area and not stuck in a queue, their non-aeronautical spend increases by 2.5 per cent. While One ID reduces queue time, it also allows retailers and other airport operators to securely access masked passenger preference data to customise offerings and increase revenues. It helps improve the understanding of passenger profiles while protecting passenger privacy.

With obvious advantages, airports are definitely willing to adopt One ID. However, the road to adoption is not so easy.

System standardisation and the data security conundrum

To enable a global One ID, there needs to be widespread adoption that depends on two factors – standardisation and security. Unless all biometric systems and datasets are standardised and in sync, providing seamless identification across geographies will be a challenge. For the fragmented pilots now available, you may go through a great experience in one country to only land in another and having to produce your paper IDs again.

An even bigger challenge to One ID adoption is the security. The whole concept is centred on sharing and verifying passenger information securely. Increasing regulations around protection of personal data such as GDPR have also put tighter controls on the handling of personal information. In light of recent data breaches, people themselves are jittery about sharing data. Unless a secure data-sharing system is in place, passenger data will remain in siloes and One ID will remain a dream.

Securing the future of One ID

While blockchain has potential applications in solving the challenge of secure transactions, we believe a more robust cyber-security approach is needed to build trust in the system.

A comprehensive approach would be to mask passenger data and disclose it only where needed and allowed. For example, when the passenger is making a transaction, only the information vital for that particular transaction is made available. At no point in this journey will the passenger be asked to share their One ID number with any stakeholder. The validation will happen purely on biometrics.

At Wipro, we are working with industry players to create a trusted ecosystem. Our Identity Management Framework is designed on the principle of ‘decentralised AI’ to enable a seamless passenger experience through the airport by setting trust networks among diverse stakeholders in public and private domains. These trust networks are based on zero knowledge proof and will only consume or share the required amount of passenger identity information needed to help process the transaction and ensure privacy in line with GDPR norms.

The identification, authentication and access are based on a biometric solution. At every transaction, a code is generated to act as a link between One ID and the transaction triggered by the validation of a biometric system.

Assurance levels defined by the by ISO/IEC 29115 Standard describe the degree of confidence in the processes leading up to and including an authentication. This enables the stakeholders in the network to process the transactions at each handshake and provides assurance to the individuals for processing.

Ultimately, One ID is a trust framework that allows aviation stakeholders access to a dependable digital identity. Without a holistic security framework in place, the whole concept of sharing data across borders and to multiple stakeholders is fallible.