Features

Future travel

The world is rapidly evolving towards a new digital society with all the advantages and disadvantages. An example is Estonia transforming to e-Estonia. Viewing the website it is stated that returning to the map of Europe it was seen as a challenge to build new technology infrastructure from scratch and seize this unique opportunity to create low-cost, cutting-edge systems based around accessibility and efficiency.

As a human to travel in this new digital environment first we need to take a step back. To make the journey you have to “be” a person. Society first acknowledges a persons existence and identity through birth registration. The right to be recognized as a person before the law is a critical step in ensuring lifelong protection and is a prerequisite for exercising all other rights under which obtaining a passport.

Where do we stand today? Globally, the birth of 166 million children under age 5 have never been recorded. One in four children under age of 5 do not officially exist. High levels of birth registration are found even in some of the world’s poorest countries

The adoption of the Sustainable Development Goals by the United Nations General Assembly in September 2015 placed birth registration firmly on the international development agenda. It included a dedicated target: provide legal identity for all, including birth registration, by 2030.

The prediction about developments in the digital landscape is that mail and text messages will remain the same or decrease and the use of the app will increase sharply. Connectivity will greatly improve with accessibility anywhere in the world. The old paper reality is being converted to a digital environment. Technology is developing more fast than legislation can keep up with.

The European Commission has submitted a proposal for a digital identity card. The ID card must also be valid as an ID card, driver’s license or passport. In 2020 experiments were conducted for the virtual identity document (vID). The Eidas 2.0 regulation has now been drawn up by the EU, which indicates that every EU member state must offer a digital wallet to its citizens. EC advocates boosting research and innovation in the EU by allocating 100 billion euros to the multi-year budget from 2021 to 2027. According to Brussels, it will be “the most ambitious EU program to date.”

Looking at the aviation industry, the International Air Transport Association has developed industry standards together which will bring the aim of having travelers arrive at airports ready-to-fly one step closer to reality. The newly released Recommended Practice on Digitalization of Admissibility will enable travelers to digitally prove admissibility to an international destination, avoiding a stop at the check-in desk or boarding gate for document checks. Under the so-called One ID initiative airlines are working with IATA to digitalize the passenger experience at airports with contactless biometric-enabled processes.

rograms are already in use in various airports enabling travelers to move through airport processes such as boarding without producing paper documentation because their boarding pass is linked to a biometric identifier.

The digitalization of admissibility standard will advance the realization of One ID with a mechanism for passengers to digitally obtain all necessary pre-travel authorizations directly from governments before their trip. By sharing the “OK to Fly” status with their airline, travelers can avoid all on-airport document checks.
In the context of data security the passengers remain in control of their data and only credentials (verified approvals, not the data behind them) are shared peer-to-peer (with no intermediating party). Manual processing options will be retained so that travelers will have the ability to opt out of digital admissibility processing.

Looking at the passengers in general they want technology to make travel simpler. Being able to prove their admissibility to their airline before they get to the airport is a major step forward. In a practical way it means that the future traveler has to be able to create a verified digital identity using their airline app on their smart phone. Using their digital identity, they can send proof of all required documentation also to destination authorities in advance of travel. Receive a digital ‘approval of admissibility’ in their digital identity/passport app. Share the verified credential (not all their data) with their airline. Receive confirmation from their airline that all is in order and go to the airport

Looking at governmental movements towards new forms of border control with the use of Digital Identity many are current around the world with public-private cooperation. Some example are Happy Flow; An innovative passenger process in Aruba in which the passenger only has to show his passport once in the terminal. Using facial recognition, the passenger can then check in, drop off the luggage, cross the border and board the plane without having to show the passport or boarding pass again. Seamless Flow an innovative project by the airport, government and airlines. The aim is to create a seamless passenger process. A Trial was started for boarding with facial recognition. Travelers traveling with a certain airline company could participate in a facial recognition boarding trial. The trial is part of the first phase to make travel with facial recognition fully possible in the long term. After checking in, participants in the trial will be escorted to one of the special registration kiosks. Here the passenger’s passport, boarding pass and face are scanned. This is followed by passport control. When boarding, a scan is made of the face at the gate. This is compared with the scan that was made when registering. When the face is recognised, the gate opens and the passenger can board immediately. This means more convenience for the traveler and a better flow at the airport. And to mention a bit more the pilot “Known Traveler Digital Identity” service, which will facilitate paperless border clearance between Canada and The Netherlands. The pilot will be based on the issuance of a digital identity – a Passenger Data Envelope – for each passenger prior to departure, including the self-service enrollment of their biometrics via a dedicated application. The identity is authenticated by the participating governments, which then virtually travels between the two countries, pre-approving the passenger to clear the border on arrival as a “Known Traveler”, meaning seamlessly, without needing any checks besides a quick face scan on-the-move.

Major risks when using digital identity are identity theft or fraud. Identity theft occurs when someone uses another person’s personal identifying information, like their name, identifying number, or credit card number, without their permission, to commit fraud or other crimes. The term identity theft was coined in 1964. Since that time, the definition of identity theft has been statutorily defined throughout both the U.K. and the U.S. as the theft of personally identifiable information. Identity theft deliberately uses someone else’s identity as a method to gain financial advantages or obtain credit and other benefits. And/or to cause other person’s disadvantages or loss. The person whose identity has been stolen may suffer adverse consequences, especially if they are falsely held responsible for the perpetrator’s actions. Personally identifiable information generally includes a person’s name, date of birth, social security number, driver’s license number, bank account or credit card numbers, PINs, electronic signatures, fingerprints, passwords, or any other information that can be used to access a person’s financial resources.

This means that there is a heavy pressure to protect personal data. The terms data protection ‘by design’ and ‘by default’ are often used. What do they mean?
By design means that companies/organisations are encouraged to implement technical and organisational measures, at the earliest stages of the design of the processing operations, in such a way that safeguards privacy and data protection principles right from the start. By default, companies/organisations should ensure that personal data is processed with the highest privacy protection. For example only the data necessary should be processed, short storage period, limited accessibility) so that by default personal data isn’t made accessible to an indefinite number of persons (‘data protection by default’).

Some examples of privacy by design are the use of pseudonymisation (replacing personally identifiable material with artificial identifiers) and encryption (encoding messages so only those authorised can read them). And of data protection by default to encourage A social media platform to set users’ profile settings in the most privacy-friendly setting by, for example, limiting from the start the accessibility of the users’ profile so that it isn’t accessible by default to an indefinite number of persons. References are Article 25 and Recital 78 of the General Data Protection Regulation(GDPR)

Tackling identity fraud is mostly about prevention. Prevention is mainly better than cure. The impact of identity fraud on victims is not only financial, but also emotional. If people or organisations fall victim to identity fraud, they need to be able to repair the damage as soon as possible.

A few tips/clues to protect your Digital identity are; Always check the web address (URL) before logging in. Create hard-to-guess passwords. A piece of knowledge, even to this day, all over the world the most used passwords are; 12345 and/or password01… Never share log in details with others. Always perform software updates immediately. Use virus scanner and do not use open WiFi networks.

Back to the passenger. What will be the worst thing to happen while traveling in future? That the battery of your smartphone is empty…

By Willem Mudde, Director of MAPS International, Willem is a consultant with extensive experience in border security, project and program management, aviation, and maritime security