What is the key to seamless travel?

How might end-to-end passenger facilitation using a single token become the solution to enable economical and sustainable growth at airports…?


Airports, governments and airlines are increasingly looking to create synergy between the airport stakeholders responsible for passenger facilitation through a seamless process. The number of passengers over the next 20 years is predicted to double and as such airports and airlines must prepare for this growth while attending to more demanding passengers in a competitive environment. Annet Steenbergen, Co-Founder and First Coordinator of the Aruba Happy Flow project for the Government of Aruba and Bart Schermer, Partner in consultancy, Considerati, discuss how end-to-end passenger facilitation using a single token is becoming the solution to enable economical and sustainable growth at airports.


Governments are increasingly open to join such a co-operation with private parties at airports. Authorities such as immigration, customs and police face increasing international terror threats and security risks that demand them to strengthen the control of air borders. At the same time they are responsible for handling these predicted passenger growth numbers in combination with the challenge of budget constraints. The answer for airport stakeholders is a new level of cooperation that eliminates double checks, stops and reduces waiting time by reusing one secure identity check through the use of a biometric token. Thereby transforming passenger facilitation into a fast, fun and easy process that allows for a more efficient and economical use of infrastructure and resources.

The trend towards end-to-end passenger facilitation solutions has great potential for the future of air travel, but requires stakeholder cooperation embedded in a strong legal foundation, transparent governance and unequivocal data protection and data privacy. Meeting these preconditions may seem a daunting task as it entails airports, airlines and governments to take their relationship to a new level. However once stakeholders embark on their seamless journey they will soon realise that you need to arrange legal, governance and data, and privacy protection issues in order to sustainably reap the benefits for all involved.

A seamless passenger flow scenario

A seamless flow, which connects the different checks a passenger takes at an airport, involves linking information via a shared or hosted platform, mobile solution or by using the information infrastructure of one of the stakeholders. The purpose is to transform the different steps into one uniform process, which makes it easy and quick to use for passengers, but with a secure identity check at the basis of it. To give an example let’s look at a possible scenario for end-to-end passenger facilitation using a biometric single token for which we take some inspiration from the Aruba Happy Flow concept we have been involved in developing.


Imagine having the choice to check in for a flight either on a mobile device or at a check-in kiosk and for the next steps, to boarding of your flight, only having to show your face to be identified and allowed to proceed. Such a seamless flow is possible, but must be based on a secure identity and passport check. A passenger can enrol this seamless passenger flow by using their mobile device or the check-in kiosk to authenticate their passport whilst the camera matches their biometrics with the biometric data in the passport chip. The use of a mobile device is possible if it is equipped with RFID technology to safely read the chip in an e-passport. The camera will then take a photo of the passenger to be stored in a personal data envelope that virtually travels with the passenger along his airport journey. The photo will be used for biometric identification at bag drop, immigration, lounge access and boarding. The passenger experiences a uniform process whereby each step offers a fast and efficient identity check without the repetitive and cumbersome showing of passport and boarding card. For the airline, airport and government agencies this process provides them a secure identity check up to boarding the flight and also real-time information on the status of the passenger and the process.

Imagine having the choice to check in for a flight either on a mobile device or at a check-in kiosk

The facilitation of this seamless process is a shared platform between airline, airport and government, which doesn’t store any data other than this personal data envelope during the passenger’s journey. Such a shared information platform provides benefits for all, but also carries with it certain responsibilities.

Privacy by Design

Pivotal to the start of any data sharing project is the adherence to the principle of ‘Privacy by Design’. As more and more data is shared among different entities, privacy is a growing concern. Furthermore, in the European Union, Privacy by Design will become mandatory with the introduction of the General Data Protection Regulation in 2018. Privacy by Design means that privacy and data protection are considered key requirements in the design of IT systems and business processes that support seamless passenger flows. Simply put, it stands for the sharing of data only on a need-to-know and allowed-to-know basis.

In the case of a seamless flow, which involves the connecting of the airline, airport and government processes, the data integrity of the participating partners and the passenger must never be compromised. Also, the applicable privacy and data protection laws and regulation of the country where the airport is based, as well as those the joining airline(s) adhere to, have to be taken into account.

When designing the information infrastructure for the seamless flow the Privacy by Design principles should be integrated from the start in order to comply and be prepared for any future additions to the system, be it partners (more airlines) or features (e.g. mobile enrolment, retail, pre-clearance).

Pivotal to the start of any data sharing project is the adherence to the principle of ‘Privacy by Design’.

The Privacy by Design process starts with a thorough Data Protection Impact Assessment (DPIA) that identifies potential data protection and privacy risks. Doing a DPIA ensures that risks are addressed before contracts are signed and systems are built. It is easier to change an idea than it is to change a finished system. Furthermore, a DPIA sheds light on the question of who is responsible for each part of the seamless flow. Building on the results of the DPIA the next step is to structure the cooperation in such a way that each party collects, uses and shares data in a way that is within their legal remit. After ensuring that the data flows are compliant with data privacy laws, the final step is to make sure that the systems and business processes actually support privacy compliance.

Organising a new level of airport stakeholder cooperation

How should this new cooperation between public and private stakeholders be organised?

Simply developing an IT system and connecting the partners will not suffice. For it to succeed the long existing silos at airports will need to connect and work together at a next level. This does not mean each stakeholder needs to compromise their responsibilities and objectives. On the contrary, the cooperation in a seamless flow passenger facilitation will compel the joining public and private partners to define their respective authority (and limits there of) evidently as the conditional preamble.

There are three factors that precede the successful implementation of a single token seamless flow: Legal agreement, IT infrastructure ensuring data privacy and data protection, and a shared and mandated governance structure.

Legal agreement

All parties that fulfil a role within the seamless passenger flow must be in agreement as to what their respective roles are within the seamless flow and what data they are allowed to collect, process and share, based on applicable privacy and data protection legislation. This agreement must be laid down in a cooperation agreement, which is the foundation for the seamless flow.

IT infrastructure

Airport operations are not static and this calls for a stable, secure yet agile IT infrastructure. This infrastructure must fulfil the functional requirements of a seamless passenger flow (i.e. efficient, fast, secure and traveller-friendly), but also the non-functional requirements of privacy and data protection.

Governance and mandate

As the IT infrastructure needs to be agile, so does the decision-making process that is responsible for the system. It is therefore crucial that when working in a partnership with a shared system and in an operational environment any change to that system should not bring it to a halt. Communication and reporting between the airport partners needs to be embedded in a governance structure in order to help the mutual understanding of issues and a timely response to them.

Starting from the legal agreement that governs the cooperation between the stakeholders, practical governance structures need to be in place to facilitate and expedite the cooperation. By having a mandate, three-level governance structure decisions can be taken by the airport stakeholders involved:

  • A working group on operational level to signal problems and opportunities
  • A working group at policy/middle management level to analyse and translate these to policies and decision of which some they should mandates to take to preserve agility. Bigger issues should be proposal for decision by the top management level steering group
  • A steering committee with higher management representatives deciding on critical and strategic issues.

Evidently the members of these working groups representing the airport, airlines and government agencies need to also be supported by and well positioned within their own organisations. A shared reporting structure on the operation will also add to the transparency and clear communication between the partners.

The investment may financially vary between stakeholders, but airlines, airports and governments alike will have their operation and reputation at stake and have to share the burden. A disciplined governance structure is therefore pivotal to carry the cooperation to make it sustainable and durable.

A win-win situation leading to a true airport eco system

The realisation that simplifying passenger facilitation and making it truly passenger centric serves the airport stakeholders involved equally will drive seamless single token solutions worldwide. All stakeholders need to address the anticipated growth in air travel with the same objective; any solution needs to be economical, efficient and secure. It is in these shared goals that airports, airlines and governments will come together and reshape passenger facilitation.


Annet Steenbergen is co-founder and first coordinator of the Aruba Happy Flow project for the Government of Aruba. She has had more than 20 years international experience working in the field of border control, border management and public private cooperation at airports. In 2016 Annet took on the chair of IATA’s Passenger Facilitation Working Group and has a seat on the IATA’s Passenger Experience Management Group. Besides her work for the Government of Aruba she is a consultant on passenger facilitation innovation with a strong focus on single token end-to-end solutions.#


Bart Schermer is a partner at Considerati. He advises multinationals and governments on privacy and data protection. Bart holds a doctorate in law and wrote his PhD thesis on the privacy aspects of the use of artificial intelligence for law enforcement purposes. Apart from his work at Considerati, Bart is an associate professor at the University of Leiden, Faculty of Law (eLaw research group) and a fellow at the E.M. Meijers Institute for Legal Studies. Furthermore, he is a member of the Advisory Council on International Affairs (Human Rights committee).


Send this to a friend