The big debate in the aviation security industry today is the question of which is better: behaviour-based security or data-based security? The answer, of course, is that both are critical. The limitation of this argument is that data-based security is neither defined nor standardised. Delving into this data-based security issue begs a myriad of questions that are difficult for a carrier to answer, such as: Can data alone provide operational security? Can data be transformed into information that is actionable? How will this work? What are the requirements? Is there regulatory value? The deeper we dive the more questions arise. Philip Baum explores one carrier’s initial step into the foray of data-based security for aviation and explains how the carrier determined that a web-based platform should be the cornerstone of a comprehensive security programme.
The evolution of the Secure Flight system in the United States required passengers to enter unique identifiers, marking the first opportunity for airline systems to substantively differentiate passengers. One carrier, found itself able to seize upon several opportunities to strategically use TSA-required data to monitor a multitude of risks in the operational environment, add value by implementing their own security systems and, in fact, to monitor the TSA and their actions.
For what I trust are wholly understandable reasons, it is not necessary to actually name the carrier which has effected this initiative, but as the system they have developed may be a model for the future of web-based tools for data-mining and automation of airline security systems and, in the interest of sharing best practices, I invite you to review this model and determine applicability to your systems.
Industry not Keeping Pace
The industry norm is today as it has been since pre-9/11: for passenger risk to be identified at the ticket counter, without advance notification. It comes as a surprise to the agent, who is thereafter responsible for the passenger’s handling, each time a passenger is initially prevented (inhibited) from checking-in. What is unfortunate about this scenario is that airline reservations systems hold valuable data that uniquely identify passengers travelling to, from and within the United States and many other countries. To date, the TSA has spent $43.38 million on the Secure Flight programme. It runs a multitude of scrubs against watchlist data and performs analytics to evaluate risk. Similarly many governments have adopted systems tailored for their pre-arrival immigration purposes in the form of systems known as APP or IAPP systems and in the US, the Customs and Border Protection (CBP’s) APIS Quick Query system at the cost of unknown millions. All of these systems deliver clearance results to the airline reservations system. It is these results that present the first opportunity for a carrier to capture this data from their own systems to identify risks in advance of departure. Clearance results can be displayed for managers to engage in risk-reduction activities that are operationally cost-effective and, for regulatory purposes, are also measureable in terms of international standards: IATA’s Operational Safety Audit (IOSA) and Security Management System (SeMS).
Web-based Systems are Key
At the time Secure Flight development work was required, one carrier identified a return on investment opportunity to analyse passenger clearance results data to increase its operational security and regulatory compliance. A web-based platform was designed to extract, manipulate and display security data from the reservations system onto a Dashboard (see Fig. 1 opposite) and to drive multiple automated reporting systems designed to add value, reduce risk and support the operation.
The platform begins by extracting passenger clearances to populate a database. Inhibited responses are then run against the TSA’s watchlists. It is from this data that the value added systems begin.
[s2If is_user_logged_in()] READ FULL STORY >>> [/s2If] [s2If is_user_not_logged_in()] [message_box title=”To READ the full article in our digital edition you need to be a registered subscriber to the magazine – If you are NOT then goto the SUBSCRIBE section of the site first before you can login” color=”green”]