If you don’t already possess a biometric passport (and according to the Home Office around four million of us do), then it will certainly be the only option when your current passport expires in the next few years. By then, ID cards with similar chips may well have been introduced (the current timetable plans for the first cards to be issued in 2009). Like it or not, it seems that biometrics will infiltrate our everyday lives (see box), and our facial measurements and fingerprints will become as indispensable as a password or house key.
Since October 2006 all new passports produced in the UK contain a biometric chip, designed to incontrovertibly link the holder to the passport, and therefore perform two essential roles – firstly confirming the identity of the individual, and secondly detecting counterfeit or manipulated documents.
So what exactly is a biometric passport, and how does the technology behind it work? At first glance there is little difference between a biometric e-passport and the machine-readable EU passports that have been in circulation in the UK since the late 1990s (see The history of the UK passport, overleaf), except for a small symbol at the bottom of the front page. This symbol signifies that biometric information is held on an embedded microchip, effectively a digitally encoded “map” of the holder’s facial measurements (distance between eyes, nose, mouth, ears, etc) taken from the holder’s photograph – hence the need for a clear passport photograph to be provided in the first place. The biometric image, along with the personal details of the holder found on page 31 of his or her passport, is then added to the microchip, which can be scanned by a reader at security checkpoints to confirm the identity of the holder.
Inevitably there have been concerns regarding the introduction of these e-passports, including claims by anti-ID organisations such as NO2ID that they have managed to clone the biometric information from a passport, so that it could be used on a fake one. There’s no doubting that there is technology out there that makes this possible, but the government’s response is that even if the biometric information can be copied, it can’t actually be altered. This leaves someone looking to travel under a cloned biometric passport with first having to copy the information from the original (requiring them to be in very close contact with it), and then changing their appearance to look enough like the digital photograph so that trained security staff wouldn’t notice the difference. Not impossible, but equally not that likely.
Detractors also complain that making our personal details available in an electronic format will make it easier for authorities to hold information about us on databases, but of course at present there is no more information held on the chip than there is printed on the penultimate page of the passport (and via the machine-readable strip). There is talk of fingerprints and iris scans being added to the biometric chip in the future (Germany has decided to add fingerprint scans to their biometric passports this year), although this still seems to be some way off in the UK.
More worrying for regular business travellers though, is the uncertainty of how long these biometric chips will actually last under the strain of frequent opening, closing, stamping and scanning. The National Audit Office has recently reported that the chips have just a two-year warranty, a fifth of the lifetime of a regular passport, and only time will tell if travellers will be left stranded at security checkpoints with faulty passports.
Of course, e-passport checks are not the only forms of biometric border control currently being developed worldwide. As the technology becomes supposedly more reliable and certainly more cost-effective, a flurry of services have cropped up designed to make the process of identity-checking more efficient. In September last year Scandinavian Airlines (SAS) announced a biometric solution which “tags” their passengers to the baggage they have checked in. Customers simply scan their finger at the bag-drop facility, which tags the piece or pieces of baggage to their fingerprint. Then at the gate they scan their finger again to prove that the same person is indeed boarding the plane. Ingegerd Olsbro-Fehrm, project manager for the service, says: “As an airline we must adhere to EU regulations to ensure that the person who hands in a piece of checked baggage is the same person who travels on the flight, and the biometric solution provides a smooth process for this.”
Olsbro-Fehrm adds that, while the biometric check is not compulsory (the current laws do not allow for this), the service has been very well received by both passengers and personnel alike. From an original trial at Lulea airport in Sweden, the service has now been rolled out across the country, with Denmark due to follow this spring – the airline also wants to extend it to Norway, although an imminent law change concerning the use of biometrics is needed before this can happen.
SAS points out that, aside from helping it to fulfil obligations on checked-baggage ownership, introducing an automated security check will save passengers time at the airport, and may eventually lead to paperless travel as a finger scan effectively replaces the boarding pass.
It is partly with queue reduction in mind that a recent biometric trial was carried out at London’s Heathrow airport. MiSense, a service available for Terminal 3 Emirates and Cathay Pacific passengers bound for Dubai or Hong Kong, encouraged travellers to record their fingerprint biometric details at check-in, in return for less queuing at security checks.
Around 2,000 passengers trialled the voluntary service, which involved using a self-service machine next to the main check-in desks, where they first scanned their passport and then their finger in order to attach its biometrics to the flight. At the security gate it was then just a simple process of re-scanning their finger and inserting the boarding pass, which automatically opened the gate for the passenger to pass through to the departure lounge. As a final check just before boarding the passenger scanned their finger on a hand-held reader to ensure that the same person was boarding the plane (similar to the SAS service). Stephen Challis, head of product development for BAA, says: “MiSense serves the dual purpose of taking a person’s ID and locking it to their journey, while at the same time simplifying the security process and reducing queuing times. We have exceeded our targets in terms of the number of people trialling this service.”
Challis adds that, while any eventual product may differ from the trialled service, it is a useful process in looking at what works and what doesn’t and extracting the successful elements. He also points out that the technology could have wide-ranging possibilities, including services outside border control (see box page 54). “If the technology is good enough to securely check people coming into and going out of the country, then it will certainly be good enough to trust when you’re doing your weekly shopping,” he says.
Indeed the technology is so advanced that it can pick up pulse readings from users’ fingers, so there should be no need to worry about someone “stealing” your finger and passing it off as their own – as unlikely as that might seem.
While MiSense was just a short-term trial (for now at least), the US based “Clear” biometric solution is a full-blown commercial product, already up and running at five terminals (Cincinnati, San Jose, Indianapolis, Orlando and New York JFK T7), with further services soon to be rolled out at JFK’s T1 and T4, Newark’s Terminal B, and Toronto Airport. Promoting its service firmly as a time-saving, hassle-reducing product for members, Clear aims to pre-screen regular travellers prior to departure, meaning fewer checks are needed at the airport. Members fill in an application form online – including details such as full legal name, previous addresses, height, etc – then present themselves at one of Clear’s enrolment kiosks (there are several city-centre locations including the Grand Hyatt in New York), to have their fingerprint scanned.
Providing the application is cleared by the Transport Security Administration (TSA), a biometric card will be issued. The Clear member can then use this card to access dedicated security lanes at participating airports, which cut queuing times partly because of the lower numbers of people using them, but also because of technology which in most cases is able to scan footwear without it being removed. The service costs US$99 per year, including a US$28 TSA vetting fee, and Clear claims to have enrolled more than 35,000 members into the scheme since it started.
These examples are just the tip of the iceberg in terms of biometric technology being introduced at airports worldwide – Australia has its own Smartgate technology using facial recognition for immigration purposes, while Amsterdam’s Schiphol and Dubai’s International airports have offered iris-recognition and fingerprint biometric cards respectively for several years.
Of course with such rapid development, and the relative lack of co-ordinated schemes between individual countries and airports, frequent travellers could find themselves spending more time enrolling in schemes than they save by using them.
There’s little doubt however that fingerprint, iris and facial biometrics are here to stay, and in the long run it should help make international travel both safer and more efficient for the regular traveller – a prospect we should all be able to face with equanimity.
Pointing the Way
The recent advances in biometric technology mean that a whole host of everyday products and services can now be protected at the touch of a finger – quite literally. Any item on which important, accessible data is stored is potential rich pickings for the modern-day thief, and manufacturers have reacted to this threat by including biometric fingerprint readers on several business laptops (see “Lighten up”, Business Traveller December 2006 / January 2007).
Not only does this protect against wrongful access to the data, but it can also remove the need for the user to remember a number of passwords in order to access their files – even the most forgetful of employees is unlikely to misplace their fingers. And it’s with memory in mind that companies have also started offering a biometric alternative to the humble house key. Previously the domain of the MOD and other high-threat research and development facilities, locks which can only be opened by authorised fingerprints can now be fitted for private individuals, eliminating the risk of keys being forgotten, lost, or more worryingly, stolen. The technology has become so commonplace that a biometric door lock can start from as little as £200 (plus the cost of a locksmith to install it).
Biometrics have even entered the world of your weekly shopping – three branches of the Co-op in Oxfordshire have introduced a biometric payment system called Pay-by-Touch, a biometric identification and payment service which allows customers to pay for their shopping by touching their finger on a scanner at the till. When the system recognises the shopper’s digit, the bill is charged to their pre-registered debit card – customers can even add the group’s loyalty card to their profile, so points will be added automatically each time they “pay by finger”.
More Information
Laptops with biometric readers toshiba.com, lenovo.co.uk
Biometric door lock providers biolock-uk.com
Pay-by-Touch technology y3k.com
Quick facts
- Anyone holding a UK biometric passport can request to see the information held on their microchip free of charge, by visiting one of the seven IPS regional offices.
- More than 50 countries have or are in the process of introducing biometric passports. In the UK the cost of a standard ten-year e-passport is currently £66, compared with £41 in France, £96 in Belgium and £163 in Japan.
- Malaysia was the first country to introduce biometric passports, back in 1998.
- The Nicaraguan biometric passport has 89 security features, including holograms and “bidimensional barcodes”, and is considered virtually forgery-proof.
- More than 40 million adult passports and seven million child passports have been issued in the UK in the past ten years (statistic obtained from the IPS as of May 2006).
Contact
Identity and Passport Service passport.gov.uk
Scandinavian Airlines flysas.com
MiSense biometric trials misense.org
Clear Registered Traveller flyclear.com
Smartgate customs.gov.au
Schiphol Airport Privium card schiphol.nl
Dubai Airport e-gate card bti-uae.com/egate
