Tip of the iceberg?

Until comparatively recently, the adoption of sophisticated access control technologies such as biometric systems was based entirely upon the commercial or operational imperatives of end users. In other words, those systems were duly purchased on the basis of a more or less traditional cost-benefit analysis.

The impact of 9/11 has been to change this long-established form of evaluation by introducing a political dimension in which national Governments are pursuing policies (certainly in relation to ports and airports) where access to services will demand effective means of establishing conclusively the identity of individuals and the ability to cross-check this knowledge with intelligence data from a variety of sources.

With effect from 30 September this year, the United States extended these measures to include the compulsory photographing and fingerprinting of all foreign visitors at their port of arrival which, officials claim, will help to eliminate passenger fraud, increase security and minimise future inconvenience by establishing frequent traveller databases. The idea is not without precedent, it being similar to the ‘known customer’ system introduced for air cargo shipments^1.

Most industry practitioners regard these trends as necessary – even reassuring – developments, while others view the advent of biometric, machine-readable passports as the thin end of a wedge that will make it far easier to introduce measures such as national identity cards, while enabling the wider use of biometric technologies in areas ranging from driver registration through to fraud prevention.

In the short term, plenty of opportunities will arise to test and perfect the use of these systems in potentially less contentious areas. The introduction of biometric documentation for air travellers, along with the growing use of Automatic Number Plate Recognition for monitoring vehicles, for example, would seem to justify similar standards of identification for employees of ports, airports, transport operators and their contractors.

The pros and cons of just how far we should go down this particular security route will doubtless be the subject of considerable debate. The prospect that 9/11 may act as a catalyst for society-wide measures that could ultimately render benefit and credit card fraud much more difficult, or even impossible, will delight some and horrify others in equal measure. With this wider picture in mind, it’s interesting to study current security developments at our ports and airports.

The response: ‘Project Semaphore’

On 28 September, Prime Minister Tony Blair announced that a high-tech security programme to modernise and strengthen the UK’s borders – including the deployment of electronic embarkation controls – will be underway before the end of the year.

The £15 million pilot scheme known as ‘Project Semaphore’ is the first stage in the Government’s e-Borders programme aimed at bolstering border controls, and effectively involves recording people as they travel into and out of the UK. Initially, ‘Project Semaphore’ will target six million passengers per year travelling on a number of international air routes to and from the UK. It will make use of online technologies and advance passenger information provided by airlines to screen and record individuals as they enter and leave, in turn providing a comprehensive passenger movement audit trail.

This is the first phase of the full implementation of e-Borders from 2008. e-Borders is an initiative co-ordinated by the Home Office in partnership with border control, law enforcement and intelligence agencies. The e-Borders system will identify people who have boarded transport destined for the UK, check them automatically against databases of individuals who pose a security risk and maintain an electronic record of them having entered the country. The system will also enable UK authorities to record people leaving the country, thus helping to identify those who overstay their allotted time.

Initial routes for ‘Project Semaphore’ have been chosen by the border agencies (ie the Immigration Services, Her Majesty’s Customs and Excise and the police) on the basis of risk assessments. The project will test and confirm the technical and business process design for the main e-Borders programme, while delivering immediate operational improvements across participating agencies.

It’s hoped that the programme will rapidly expand to encompass all movements in and out of the country, thereby enabling tighter controls over potential security risks and providing clearer records of those entering and leaving home shores.

The Government is quite clear about the intentions behind ‘Project Semaphore’. Speaking in the House of Commons, Home Secretary David Blunkett stated: “The challenge is to safeguard our citizens against terrorism, serious and organised crime and illegal immigration, while at the same time facilitating entry for legitimate travellers – including the 90 million tourists and business visitors we receive every year. To do this the Government intends to adopt a modernised border control programme which will work alongside biometric identification cards. This will be a modern, high tech replacement for the outdated paper-based embarkation controls which were removed in 1994 and 1998.”

Immigration minister Des Browne added: “Access to information about passengers before they travel will help in the fight against illegal immigration, targeting document and identity abuses. It will also aid law enforcement and counter-terrorism. At the same time, the new technology will allow us to speed through low risk passengers, thereby helping British businesses and visitors to the UK.”

Looking into ‘Project IRIS’

The work carried out over the next five years by the United Kingdom Passport Service, in partnership with other Government departments and agencies, will be crucial in the fight against identity fraud as we build the base for the compulsory national identity card scheme

There’s a clear message here for the security industry and others involved in the transport sector that the potentially intrusive elements of security must be offset by advantages for bona fide travellers. Indeed, that very principle is at the heart of a parallel initiative designated ‘Project IRIS’ (Iris Recognition Immigration System) – a secure, automated border entry system using iris recognition technologies to speed up the admission of pre-assessed bona fide travellers which is due to be piloted towards the end of the year and be fully operational come next summer.

Following shortly behind, the UK Passport Service (UKPS) is planning to implement a facial recognition image biometric in the British Passport book from late 2005 or early 2006. The biometric is intended to help counter identity fraud (eg duplicate issues) and to verify the identity of the holder. From the introduction of national identity cards, all passports for British citizens will be renewed or issued to the ID card standard.

Of late, the UKPS has been supporting the work of the International Civil Aviation Organisation (ICAO) in developing international standards for biometric deployment. The ICAO nominated facial recognition as the primary biometric for travel documents, with iris pattern and fingerprint recognition as secondary (but not mandatory) options. In line with ICAO recommendations, the UKPS will deploy contactless integrated security media of sufficient capacity to allow storage of the facial image and at least one additional biometric identifier. A contactless chip necessarily includes an aerial to allow close proximity readings.

An Integrated Change Programme

On 11 November last year the Home Secretary announced that the UKPS would run a biometric enrolment pilot in collaboration with the DVLA, the Immigration and Nationality Directorate and the Home Office Identity Cards Programme Team. The pilot would evaluate issues surrounding biometric recording using facial recognition, iris patterns and fingerprints. Over six months, it would enrol 10,000 volunteers across several locations (and include the use of mobile units) to ensure a representative coverage of the population.

The trial began on 26 April at the London Passport Office, also taking place at the Newcastle Registrar’s Office, the City of Leicester’s Main Post Office, Glasgow’s local DVLA Office and various other locations served by a mobile unit.

At a meeting of G8 ministers earlier this year, the Home Secretary won agreement to take forward urgent work to agree common standards for the use of biometrics, and ensure that the technology being developed is compatible throughout the eight leading industrialised nations. The likely spread into the wider world of measures to control access at ports and airports was also made clear in April with the publication of the UKPS’ Corporate and Business Plan for 2004-2009 (in which are described its long term strategies for tackling fraud). Specifically, the plans set out an Integrated Change Programme designed to provide the necessary foundations for the launch of a UK identity card scheme.

At the time, Home Office minister Beverley Hughes commented: “The work carried out over the next five years by the UKPS, in partnership with other Government departments and agencies, will be crucial in the fight against identity fraud as we build the base for the compulsory national identity card scheme. Identity crime is a growing threat both here and abroad, facilitating illegal immigration, benefit fraud, illegal working and terrorist activity. It’s only by thinking ahead and starting this work now that we’ll be able to tackle this menace, and ensure that the UK is in a position to face up to the technological and law enforcement challenges of the future.”

Access control: different concepts

The Government’s much-talked about plans to introduce a national ID card make it perfectly clear that the traditional concept of access control as a choice for the end user is moving towards a compulsory system based on personal identification. It’s also a system that will not solely be used for securing our ports and airports.

Unveiling the Government’s plans, David Blunkett commented: “We all have a right to live in a free and open society. We are used to accepting people at face value, trusting them to be who they say they are. However, recent events have brought home just how much the need for trust and confidence actually requires us to move beyond this. We must grasp the opportunities offered by new biometric technologies which allow for a new level of identity verification.”

The Home Secretary continued: “ID fraud is a growing crime, costing the country more than £1.3 billion every year. Multiple or false identities are used in more than one third of terrorist-related activities, and in organised crime and money laundering. It’s therefore more crucial than ever that we’re able to ascertain and verify peoples’ identity in a robust way. The public understands that, and this is why there’s a high level of support for national ID cards. There has been a growing recognition that, rather than threatening our vital freedoms, ID cards would actually help preserve them.”

The Home Secretary’s beliefs will certainly be tested in the months and years ahead. Undoubtedly, the security industry’s own experiences arising from pilot projects at UK ports and airports will play a decisive role in influencing public acceptance – or otherwise – of the potentially limitless applications for access control technology.