IATA Asia-Pacific One ID Workshop€¦ · Housekeeping Washrooms Coffee & Tea. Valuables. Fire Alarm. Asia-Pacific One ID workshop 2 12 Nov 2018

IATA Asia-Pacific One ID Workshop

Singapore, 12 November 2018

HousekeepingWashrooms Coffee & Tea Valuables Fire Alarm

12 Nov 2018Asia-Pacific One ID workshop 2

Go to SSID: TrainingPassword: iatatraining


Competition Law GuidelinesThis meeting is being conducted in full compliance with antitrust and competition lawThe following Agreements and Activities are Prohibited Any collective agreement concerning prices or charges, allocating markets, territories,

customers, suppliers, agents, etc.It is Prohibited to disclose the following information Individual airline cost, rates, charges, surcharges or customer Individual airline intentions regarding increasing, reducing or reallocating aircraft capacity Sensitive commercial or proprietary information without consent

Delegates are cautioned that any discussion regarding topics outside the scope of the agenda,either on the floor or off, is strictly prohibited. The foregoing applies equally to email discussions,instant messaging and social media discussions


AgendaTime Agenda0900 Welcome & Introduction

0915 An overview of the One ID concept• Fundamental principles describing the envisioned end state • The key components of the solution• A roadmap for the next 15 years• Expected benefits for the various stakeholders involved

1030 Networking Break

1100 Attendee round table

• Information sharing by each location – own roadmap, end state and challenges

1200 Implementation case study 1

1230 Networking Lunch

1330 Concept of Operations

• Application of collaborative identity management and biometrics across the end-to-end passenger process


Agenda Time Agenda1415 Implementation case study 2

1445 Networking Break

1515 Technology perspective• Biometric recognition solutions• Identity management platforms• Mobile technologies

1600 Legal & governance perspective• Digital identity schemes• Privacy and data protection• Operational frameworks for multi-stakeholder collaborations

1645 One ID project activities• Work streams and program of work• How to get involved

1710 Recap & Closing


Introductions Name Organization Role


An overview of One ID concept

One ID: breaking the silos, within and across locations

12 Nov 2018 9

From to

Asia-Pacific One ID workshop

A fundamentally different approach

12 Nov 2018 10

Legacy Process

As early as possible in the process (ideally off-airport) Who are you? Are you who you say you are?

At every subsequent touchpoint We were expecting you,

we recognize you (biometrics),and we have already determined how to handle you in this process step

At every touchpoint Who are you? Are you who you say you are? How do we handle you?


12 Nov 2018 11

Passenger data confirmed & ID verified

Bag Drop

Border Control(outbound)

Security Access

Self-boardingBorder Control

(inbound) Authorization to travel on flight back

a single biometric travel tokenthrough all travel touchpoints


12 Nov 2018 12


Bag Drop


Security Access



private and publicstakeholders collaborate,

with the passenger in the center


Ready to Fly

12 Nov 2018 13


Bag Drop


Security Access


(inbound) Authorization to travel on

flight back

The passenger arrives at the airport “ready to fly”:- “confirmed” or “standby”

status- identity authentication- document/credential

authentication- admissibility- biometric enrollment

The passenger information travels ahead of the passenger and is shared with various stakeholders


Bag Drop

12 Nov 2018 14


Bag Drop


Security Access



• Hold baggage linked with passenger identity

• Self- or assisted bag drop with identity verification enabled by biometric recognition

• Optional capture of process data


Security Access

12 Nov 2018 15


Bag Drop


Security Access



• E-gate with identity verification enabled by biometric recognition; possibility of smart queuing

• Enabler for risk-based differentiated security screening



Outbound border control

12 Nov 2018 16


Bag Drop


Security Access



• Passenger background checks have already been performed

• Passenger may be authorized to cross the border without seeing an officer



Boarding

12 Nov 2018 17


Bag Drop


Security Access


(inbound) Authorization to travel

on flight back

• Biometric self-boarding



Physical touchpoints could be combined

12 Nov 2018 18


Bag Drop


Security Access


(inbound) Authorization to travel

on flight back

• Some physical touchpoints could be combined, removed or moved off -airport


Arrival and inbound border controls

12 Nov 2018 19


Bag Drop


Security Access



flight back

• Passenger information travels ahead of passenger

• Automated access management for priority lanes, dedicated lanes for trusted travelers, etc.

• Travel document does not need to be presented/scanned

• Background checks for the passenger have already been performed and (s)he is authorized to cross the border without seeing an officer


Return trip

12 Nov 2018 20


Bag Drop


Security Access



flight back

• Passenger information could be retained for the return leg if passenger has travel reservation to fly out from the same airport

• This would greatly simplify the “ready to fly” principle on the return leg

• Consider legal implications and passenger consent


Application at Transfer: disembarkation, recognition of passengers, border controls if applicable, security screening and boarding

Application through various travel scenarios,both domestic and international

Application to broader travel and tourism industry

12 Nov 2018 21

And beyond …


What are we aiming to achieve?

12 Nov 2018 22

HarmonizationRecommended practices, Standards

Interoperability


Elimination of repetitive processes and reduction in the number of touchpoints, and thus shorter queues and reduced waiting times

Ultimately, enable passengers to arrive at the airport ready to fly in nearly every travel scenario

Translates into commercial opportunities for industry Increased attractiveness of air travel Improved competitive positioning

12 Nov 2018 Asia-Pacific One ID workshop 23

Why are we doing this – stakeholder benefitsSEAMLESS – improvements in passenger experience

Avoid or defer capex investment in airport terminal infrastructure

Staffing efficiencies and increased capacity by reducing time spent on manual ID checks

Other Costs associated with inadmissible passengers Minimum connection time (MCT) On-time performance (OTP)

Exposing exceptions earlier in the process Improved real-time visibility of where passengers are


Why are we doing this – stakeholder benefitsEFFICIENT – improved productivity, capacity and cost savings

Eliminate queues and crowds in airport landside areas

Reduce possibilities for individuals to cross borders under a false identity, and thus help combat human trafficking and other cross-border criminal activities

Risk based assessment and differentiated handling at border and security checkpoints Timely and qualitative API


Why are we doing this – stakeholder benefitsSECURE – improvements in border, aviation and airport infrastructure security

12 Nov 2018 26

How do we get from where we are today

…

… to where we want to go


12 Nov 2018 27

Key elements of One ID

Trusted Digital Identity

Collaborative Identity

Management Platform

Biometric Recognition

Operational Framework


global

multilateral

Scope of collaboration, and the underpinning processes & operational frameworks

Digital identity: e-passport, national digital ID schemes, Known Traveler schemes, private sector initiatives,ultimately a universal digital travel credential

Technology: evolution in biometric recognition, collaboration tools, systems interoperability, data security, etc.

Regulatory framework Closely linked with evolution in other areas of passenger

facilitation: future of passenger data, move towards e-visa, eTA, single window concept, etc.

Prioritization what should the One ID project focus on?

12 Nov 2018 28

The evolutionary roadmap is multi-dimensional

bilateral

local


Overview of the One ID concept

DIGI YATRAcase study of a digital travel credential

30 / © BIAL S&D / Digi Yatra

Digi Yatra: Conceptual passenger flow courtesy ofBIAL

12 Nov 2018


Digi Yatra Step 1: Create a DY ID online

• Passenger is directed to the DY secure website and registers his/ her profile in the Digi Yatra program by providing

• Name, phone number and e-mail address;

• Option 1: Passenger completes AADHAAR information on DY ID website

• Enters the OTP sent to the AADHAAR Linked Mobile • UIDAI sends a UID Token (72 Character) to the DY Platform, which

will be stored in with the pax profile as the “pseudo identifier” of AADHAAR ID. The UID token shall not be visible to the passenger;

OR• Option 2: Passenger enters other valid Govt. ID number;

• Enters the OTP sent to the mobile number as provided above;

• The Digi Yatra ID is automatically created, and a pax is allowed to edit the ID should they choose to;

• DY ID is sent to the passenger via SMS or e-mail for their reference;• Once pre-registration is completed, Passenger can enter DY ID number

for booking a ticket• The pre-registered DY ID needs to be activated through a ‘one-time’

registration at the registration kiosk at an airport (Step 2);

First Name John

Last Name Doe

E-mail ID [email protected]

Mobile Number 1234567890

Option 1: Aadhar ID Enter AADHAAR #

Option 2: Other validGovt. ID

Enter Other Govt. ID #

Enter OTP ****

DY ID JohnDoe012345@DY

courtesy ofBIAL

12 Nov 2018Asia-Pacific One ID workshop31


DY Step 1: Create DY ID at Airport Enrolment Kiosks

• At the DY Registration Kiosk located at an airport, a passenger can register their profile by providing:

• Name, phone number and e-mail address;

• Passenger completes AADHAAR information at the Kiosk linked to the DY ID website;

• Kiosk captures passenger’s face and Iris in one single capture;• UIDAI validates the Passenger with AADHAAR Database;

• Sends a UID Token (72-character) to the DY Platform, which will be stored with the passenger profile as the “pseudo-identifier” of the AADHAAR ID;

• The Digi Yatra ID is created and a passenger is allowed to edit their ID should they choose to;

• DY ID registration is fully completed and facial biometric record updated;

• DY ID is sent to the passenger on SMS and e-mail for their reference;• Once registration is completed, a passenger can use the DY ID for any

future travel as the DY ID is fully activated;

First Name John

Last Name Doe

E-mail ID [email protected]

Mobile Number 1234567890

Aadhar ID Enter AADHAAR #

DY ID JohnDoe012345@DY

courtesy ofBIAL

12 Nov 2018Asia-Pacific One ID workshop32


Type 1: Passenger with DY ID (With AADHAAR UID token)• Scans boarding pass / e-ticket;• DY – biometric boarding system

(DYBBS) validates the ticket;• Kiosk captures iris and facial biometrics,

in a single capture;• AADHAAR validation happens;• Passenger profile updated on DY

PlatformType 2: Passenger with DY ID (With other valid Govt. ID)• Scans boarding pass / e-ticket;• DYBBS validates the ticket;• Kiosk captures passenger facial

biometrics;• Pop-up message is sent to CISF;• CISF staff checks & validates PAX ID; • PAX Profile updated to DY Platform;

Type 3: Passenger without DY ID*• Scans boarding pass / e-ticket;• DYBBS validates the ticket;• Kiosk captures passenger facial

biometrics;• Pop-up message is sent to CISF;• CISF staff checks & validates PAX ID;• DYBBS creates the local PAX dataset

Type 4: Passenger not willing to use biometrics**• Scans boarding pass / e-ticket;• DYBBS validates the ticket;• Pop-up message is sent to CISF;• CISF staff checks & validates PAX ID;• DYBBS updates itself for the non-

biometric passenger

• * - Minors will be tagged to parents;• ** - Passengers who don’t have a DY ID will need

to be verified by CISF staff each time they travel;

• Once in a lifetime enrolment for passengers with DY ID;

• Non DY ID passengers have to register at the Registration Kiosks every time they travel;

courtesy ofBIAL

12 Nov 2018Asia-Pacific One ID workshop33 DY Step 2: Registering at an Airport Enrolment Kiosk(One time)

Networking break


Attendee roundtable

Objectives Share own Roadmap/End state/challenges Identify common challenges Learn from each other Output

Capture key challenges and issues (whiteboard/flip charts) Address in the later sessions


Share with us…. Your objective and ‘End State’ Key drivers Roadmap How you will measure success Roadblocks


Summary Key challenges and issues


Implementation case study 1Changi Airport

Networking lunch


Concept of Operations

One iD Processes


01

Pre-Travel

02

Ticket Issuance

03

Check-in

04

Document Scanning

05

Authorization to proceed

06

Baggage Processing

07

Immigration exit control

08

Security Access

09

Security Screening

10

Flight Re-Booking

11

Boarding

12

Immigration entry control

13

Baggage Collection

14

Customs

Departure

Document Check

Arrival

FLIGHT

Transfer

A.1

Border Control

A.2

Baggage Collection

A.3

Customs & Quarantine

D.0Capture &

validation of Passenger

data

D.1

Ready to Fly

D.2

Bag Drop

D.3

Secure Area

Access

D.4

Security Screening

D.5

Outbound Border Control

D.6

Boarding

D.7

Transmit PAX data to Destination

One iD Processes


D.0Capture &


data

D.1

Ready to Fly

D.2

Bag Drop

D.3

Secure Area

Access

D.4

Security Screening

D.5


D.6

Boarding

A.1

Border Control

A.2

Baggage Collection

A.3


Level 2 business process maps havebeen developed for every process step

Example 1 : Check-in / Ready to fly (To Be)


The majority of passengers arrive at the airport “ready to fly”. The legacy terminology “check-in” will disappear in favor of “ready to fly” which includes several of the constituent elements of the check-in process and more, such as:

The passenger has “confirmed” or “standby” status for the flight and, if confirmed, has assigned seating.

Where applicable, the authenticity of the passenger’s identity has been validated [is this passenger who (s)he says (s)he is?]

Where applicable, the authenticity of the identity document/credential has been validated [is the credential valid, genuine and has it not been tampered with?]

The passenger’s admissibility has been validated [is the passenger authorized to travel to destination?]

The passenger is biometrically enrolled such that (s)he can be biometrically recognized at subsequent touchpoints. Ideally, this enrollment would persist across multiple trips, or better, would be rendered unnecessary as it ultimately replaced by a government-issued digital travel credential.

[Subject to review with the One iD Expert Groups]

D.0Passenger

Data

Biometric Enrollment of Passenger

Ready to Fly Kiosk

Identity/Flight recconciliation

Create IMP record

Mobile Enrollment

App

@ Home

D.2Bag-Drop Process

Exception Process

IMPRecordcreation

Identity Authentication / Enrollment

D.3 Secure Area

Access

No Checked Bag

@ Airport

Biometric Enrollment of Passenger

Identity/Flight recconciliation

Identity Authentication

Example 2 : Boarding (To Be)


• Before closure of the flight; if a PAX is missing; there should be the opportunity to check where was the last touchpoint of the Passenger and whether baggage was checked in or not.

• E.g. If PAX have checked baggage but have not yet passed security; decision from carrier could be to proceed to offload of the luggage. If linked with other services; the airline could even know if the PAX is still at the Lounge or on its way.

• Under a One ID process; there is no need to wait for the Boarding to trigger the no-fly procedure; this could be done ahead of the process (ready to fly) or even at the Security Access control.

• Automated Process would lead to more efficient Boarding procedures while removing the need to physically present travel documents and/or credentials.

D.5 Border Control

Proceed to gate

Exception Process

Access e-Gate

Update IMP record

Proceed to Boarding

IMPProcess Stamp

Retail & Lounge Access

Exception Process

Identity Verification

No Boarding Decision

D.6B Gate

Screening

“Ready-to-fly” and off-airport processing How to avoid on-airport enrolment

Roles & responsibilities of stakeholders A question of trust, but may also be embedded in regulation

E.g., identity and document authentication

Parallel processes (biometric vs non-biometric) Exception handling Parts of the population with special requirements Cross-border information sharing Technical infrastructure Trust / operational frameworks Legal considerations including privacy and data protection


Challenges

Discussion


Tasks Identify key requirements to achieve the desired end state

at each process; Identify interim possible solutions; Identify what are the challenges and issues in adopting the

interim solutions and discuss how they can be tackled



Bag Drop


Security Access



Authentication and enrolment: How can it take place?

49

Ready to fly How can stakeholders authenticate one’s

identity and one’s travel document? Under the current operation, what can be done as interim measures? Using existing touchpoints?

How can travel authorization take place? Is ETS the only enabler? What can be done where ETS or iAPI is not in place yet?

Should processes be different for nationals and foreigners?

Can enrolment be removed or moved off-airport? How can enrolment take place today?


50


Bag Drop


Security Access



Is a regulatory change needed?

51

Bag drop Can One ID process fulfill the

requirements of AAA check? Are regulatory changes

needed? What regulatory changes are

needed?

52


Bag Drop


Security Access



How can it be different?

53

Security access How will One ID process

impact security access control process?

54


Bag Drop


Security Access



How can Immigration trust the single token created earlier?

55

Border Control What are the Immigration

requirements to be met in order to use the biometric token created earlier in the journey to perform the immigration checks?

56


Bag Drop


Security Access



Is a regulatory change needed?

57

Self-boarding Can One ID process fulfill the

requirements of AAA check? Are regulatory changes

needed? What regulatory changes are

needed?

58


Bag Drop


Security Access



Can passport check be eliminated completely?Which steps can be removed or combined?

59

Summary Key challenges and issues Interim solutions


Implementation case study 2Sydney Airport

Facial Recognition Technology Trial

12 November 2018

Project Background

2

Strategic rationale & history

• Fast Passenger Processing (FPP) is Sydney Airport’s programme of work leveraging biometric technology to achieve a step-change in terminal operational efficiency, security and passenger experience

• The project is aligned with IATA OneID and NEXTT (New Experience in Travel and Technology) programmes

• Uses a single identifying token (facial recognition) throughout the passenger's journey to validate identity through key airport touchpoints

• The FPP project objective is to create a paperless end-to-end airport experience, where a passenger’s face becomes their passport and takes self-service technology to the next level, further streamlining & enhancing on airport passenger facilitation

• Vision-Box were appointed as key biometric technology partner in 2017 and Qantas chosen as launch airline partner

• Live trial commenced 19 Jun 2018 with Qantas passengers

• Sydney Airport is developing a longer term strategy for the application of biometrics to enhance passenger facilitation, including cross border capability

Strictly Confidential Fast Passenger Processing

SYD Facial Recognition

3


4

Biometric Objectives

Enhanced Security measures

Government integration

Validate integrated security/border

process

Delivering a seamless

paperless journey

Facilitating ease of travel

Enabling a connected journey

Reliability of technology

Exchange passenger data with Gov and

Airlines

Understanding Passenger Movements

Resourcing Benefits for

Partners

Commercial models with airline

Making SYD a destination of

choice, powered by technology

Technology & DataCapacity & Infrastructure AirlinesSecurity Passenger Experience

Operational efficiencies

Increased throughput

Enabling off-airport check-in


5

End to End Journey Departures Touchpoints

**

* In planning for development


6

Departures Touchpoints

1 AIRPORT CHECK-IN BAG-DROP2

5 LOUNGE ENTRY

6 BOARDING


7

Data Flows

CUSS Application

Qantas Checkin App Qantas ABD App

CUSS Application

CUTE Application


8

The Learnings from the Trial

We are gathering new forms of data and insights from the project. There is more we would like to achieve to validate our biometric objectives and create a scalable solution

Current learnings Still to be tested

Capacity &Efficiency

• Additional step (registration) offset by faster bag drop

• Technology & operational processes needs further refinement to achieve savings

• Use of passenger movement and total dwell timing

Security• Establishment of Data and Privacy controls

was an extensive exercise• Biometric threshold setting accuracy proven

• GDPR to be evaluated• Transfer of data to Dept of Home Affairs (DHA)

PassengerExperience

• Customer acceptance high. Best on bag drop.

• Boarding gate experience hampered by need to still produce documents

• Lounge product• Self service capability• Validate the viability of a true paper-less airport

journey

Tech & Data

• Passenger detail (ie age, gender, nationality) collection

• Technology is feasible but requires further development

• Mobile checkin & registration• Face on the move technology requires further

development & testing

Airlines• Local and global interest has been generated • SYD is playing an active role in working with

IATA OneID Advisory Group• Developing business case

Success Drivers

9

Collaboration between airlines, airports, government and industry organisations is key

Technology Partnerships Industry Organisation Privacy

Delivering a connected world class passenger experience

*

* Sydney Airport is engaging withDHA to understand opportunities forhow biometrics can be used inpassenger facilitation at the border


10

The Future

• Government integration• Business case: biometrics and self

service• Mobile biometric registration• Paperless journey• Local versus global use cases• OneID. Ownership and exchange of

information

Thank you

Networking break

Enjoy yourCoffee & Tea


Technology perspective

12 Nov 2018 64




Management Platform




False positives and false negatives Interoperability and standardization of biometric templates Biometric recognition on the move


Biometric recognition – some technology considerations

12 Nov 2018 66




Management Platform




“Identity Management Platform” – Definition


IMP is defined in its broadest sense:

The environment where different stakeholders can share, re-use and update passenger information in a collaborative and trusted manner throughout the passenger journey.

As such, there may be different examples of IMPs, as well as the possibility that multiple IMPs interact with one another to achieve the same overall outcome as one centralized IMP.

The type of IMP chosen will depend of many different factors, including the stakeholders involved, local regulatory requirements, the touchpoints selected, the level of cooperation between stakeholders, the data flows, etc.

Example : Collaborative Platforms


Bag Drop

Ready to Fly

Access Control Security Border

Control BoardingBooking Border Control

Example : Another Collaborative Management Platform (Hybrid)

Bag Drop

Ready to Fly



Persistent Enrollment

AADHAAR DB

Digi Yatra DB

Digi Yatra day library


c

c

c

“Digi Yatra”type of approach

Example: Airline System based / Biometric Boarding Pass


Bag Drop

Ready to Fly



Example: Government operated centralized system


Bag Drop

Ready to Fly



Discussion


Tasks Share knowledge or experiences in use of biometrics Share knowledge or experiences in setting up own Identity

Management Platforms (IMP) Identify what should be done to undertake everything on

mobile


Biometric recognition Which biometric

recognition are you looking at?

What are the reasons you chose that biometric?

Can you share any information on success/failure rate, false positives, false negatives, etc.?

74

Identity Management Platform Who is taking the lead in

establishing IMP in the current trial or in the model you are designing?

Who do you think should take control of it? Or it doesn’t matter?

What are the key considerations in establishing IMP? e.g. interface with other systems, such as CUSS, etc.

75

Can we do One ID with mobile? What are the

considerations/pre-requisites to enable identity registration, authentication and travel authorization on mobile under the end state?

What can be done under current state?

What are the issues and roadblocks?

76



Legal & governance perspective

Legal & Governance perspective

Trusted Digital Identityand the Digital Travel Credential (DTC)

12 Nov 2018 80




Management Platform




The ICAO New Technologies Working Group (NTWG) has established a sub group to standardize the issuance of travel credentials in a digital format in the form of a DTC that is meant to temporarily or permanently substitute a conventional passport by a digital representation of the traveler’s identity

Policy Paper 24-Oct-2018, endorsed by the NTWG To ensure the same level of security as an ePassport, the DTC

approach is based on the ‘hybrid’ concept, in which the DTC will consist of a Virtual Component containing the digital representation of the holder’s identity and one Physical Component that is cryptographically linked to the Virtual Component


ICAO Digital Travel Credential (DTC)

Self-derived DTC DTC-VC is derived from existing travel document, with which it shares the document number Traveler must be in possession of travel document which serves as DTC-PC

Authority-derived DTC DTC-VC is derived from existing travel document, with which it shares the document number Option to store the DTC-VC in a remote system (e.g. database, web service) or elsewhere (e.g.

smart device) DTC-VC must be signed by the issuing authority’s public key infrastructure DTC-PC on a physical device that may be supplied by the issuing authority or by the holder Traveler should be in possession of travel document as alternate or fallback

Authority-issued DTC Virtual credential without an eMRTD as an alternate or as a fallback Issuing authority creates a DTC and has the option to store it in a remote system (e.g.

database, web service) and store it elsewhere (e.g. smart device); or store it solely elsewhere DTC-VC must be signed by the issuing authority’s public key infrastructure DTC-PC on a physical device that may be supplied by the issuing authority or by the holder;

only the physical device will serve as the DTC-PC


DTC Creation – 3 types/scenarios

The DTC-VC can be submitted by the traveler in advance of travel to provide advance passenger information (API), apply for authorizations, support advance risking, and prepare the airport for seamless passenger processing

In the process of travel, a passenger would use their DTC-VC by successfully matching to the biometric information included in the token, and, if required, presenting the DTC-PC when requested

If a traveler holds the DTC-VC on their phone, but has not been asked or does not want to submit their DTC-VC in advance, they may be able to present their smart device to the inspection equipment as a substitute for a physical document Information stored in the DTC-VC could be read out from the smart device

and be used to biometrically match the holder to their credential


DTC use

Like a regular travel document, issuing authorities can invalidate a DTC by reporting it to the appropriate domestic and international authorities DTCs that are lost, stolen, revoked or cancelled are no longer valid for travel Issuing authorities can invalidate a DTC by reporting the issued eMRTD lost,

stolen, revoked or cancelled The invalidation of the source authorization would automatically invalidate all

DTC-VCs linked to that eMRTD Self-Derived or Authority-Derived DTCs share the document number

with an existing eMRTD Revocation of the existing eMRTD also revokes the DTC

Authority-Issued DTCs do not share the document number with any eMRTD, and thus the Authority-Issued DTC must be revoked on its own


DTC invalidation / revocation


Operational Frameworks

12 Nov 2018 86




Management Platform




An operational framework (sometimes also called a trust framework or liability framework) is a set of specifications, rules, and agreements that govern a multi-party collaboration established for a common purpose, designed for conducting specific types of transactions among a community of participants, and bound by a common set of requirements



An operational framework may include such things as: Scope, goals and guiding principles, Roles, rights, responsibilities and obligations, Business and technical requirements and specifications Identification of applicable laws and regulations Financial arrangements Governance


What does it include?

Operational frameworks can exist at: the level of a local air travel ecosystem – for instance an airport plus a

number of airlines and control authorities; or national and international levels to facilitate collaboration in cross border

travel scenarios.


Types of Operational Frameworks


Privacy & Data Protection

Because the One ID concept deals with passenger data, including biometrics, data privacy concerns are often raised

There is a perception that the introduction of biometrics fundamentally changes the type of passenger data that is collected and shared within an airport environment

Note that a lot of passenger information is already collected and shared in the traditional travel journey, and that many border agencies already use technologies that capture and process passenger biometrics


Privacy and One ID

Which privacy requirements must stakeholders comply with? State of departure State of arrival GDPR (implies extraterritorial applicability)

Home state of the passenger Other…


Understanding what general requirements apply

How can stakeholders comply when: They may not have all the information about the passengers Their business deals with passengers from many countries All the national requirements differ slightly and may or may not be

accessible?

This is not a new question


Understanding how stakeholders can comply

What constitutes a biometric?

Are biometrics a special category of data – i.e. data that can be used to uniquely identify someone?

Is there a difference between raw biometrics (i.e. images) and biometric templates when it comes to requirements?


Understanding what specific requirements apply

Legal Basis for data collection: Legal basis for data use and collection may vary between jurisdictions. Before proceeding with any identity management project, parties must clearly articulate under which legal authority they intend to collect and use data


Potential Privacy Concerns

What is the legal basis for data collection? Particularly for sensitive data?

Art 9.2 GDPR provides some legal basis for collection of sensitive data including when: Explicit consent is given The data is used for the purpose of social security/social protection Use of the data is in the public interest Used for research (what constitutes research is still an open question).


Legal Basis for data collection

Consent: Authorities and the public may wish to understand how data subjects will interact with the system in terms of participation.

How consent will be managed Processes for opt out Communication with passengers Who requires consent?



How must consent be obtained? verbally or in writing? does a record need to be maintained? is participating considered consent? for some or all processes? for one journey or multiple?

How long is consent valid for? How is consent managed across an end to end process considering each stakeholder may

use and store the data differently? Other considerations

Are passengers clear on what they are consenting to? Has the message been understood? (language considerations) Age of consent, which may vary by jurisdictions Avoid bundling consent for core services (i.e. getting the passenger from A to B) with non-core (i.e.

commercial like lounge access or retail). Do passengers understand what happens if they opt out? Care should be taken not to mislead or

force consent


Obtaining Consent

Transparency: agencies and the public may be concerned that data subjects (in this case passengers), will not have visibility as to the process or the way their data will be used



Data quality: If biometric and other sensitive data is being used to make decisions about a person, and can potentially impact their ability to check-in, pass border control, or board an aircraft, data quality may need to be addressed.



Data use, access and retention: There may be concerns that data may be used for purposes other than those intended, or that more data than necessary may be collected or stored.



Data Security: Ensuring that biometric data of passengers is stored securely will alleviate concerns of cybersecurity and that the passenger’s data is not misused or stolen and used for purposes other than travel. Cyber security and process will be important in ensuring only authorized persons have access to sensitive passenger data.



Governance and Auditing: Authorities will likely wish to understand how the parties plan to manage and ensure compliance with privacy requirements.



Because of the complexity of data privacy questions and the different ways stakeholders within and ecosystem may use that data, it is recommended that stakeholder conduct a privacy impact assessment before commencing any One ID related project. Set the context: introduce the project at a high level and help the

reader understand why a PIA is being conducted. Describe the process: help the reader to understand what data is

collected from passengers, when, in what form, and how it will be used. Identify Key Privacy Concerns and Outline Mitigation Strategies: It

will be important to demonstrate that risks to individual data subjects have been considered and appropriately mitigated.


Privacy Impact Assessments

Discussion


Tasks Discuss implications of trusted digital identity Identify different types of operational frameworks and share

own knowledge and experiences Share concerns or works done with related to regulatory

changes and privacy and data protection; Share own collaboration strategies/experiences


Trusted Digital Identity How can it be created under the

end state scenario and under the current scenario?

How do you think DTC will impact registration and authentication process?

What are the requirements/preparation needed from governments, airports and airlines to adopt/support DTC?

107

Operational Framework How are you collaborating with

other stakeholders? Who are involved in establishing

the operational framework you are working on? Roles and responsibilities?

What is the most challenging issue to deal with in your case among technical, operational, legal, business, financial requirements and governance? And why?

108

Privacy and data protection What regulatory changes did

you identify were needed? What regulatory changes were

made already? What seems challenging?

What is/are the regulatory frameworks that impact this aspect in your trial/implementation?

Are you facing concerns with privacy and data protection?

109



One ID project activities

12 Nov 2018 112

One ID Project Organization

Advisory Group

Process & Operations

Expert Group

2018 project organization – One ID Task Force

Legal & Governance

Expert Group

Business CaseExpert Group

TechnologyExpert Group

• Concept ofOperations

• Standardprocessmodel

• Trust framework• Privacy impact

assessment• Regulatory

implications

• Quantificationof benefits

• Cost/benefitanalysis

• Technologyexploration

• Requirements forSARPS

• Define business, technical and legal context• Lessons learned from POC and pilot implementations


12 Nov 2018 113

One ID Advisory Group


Add as observers and

Process & Operations guidance Including level 2 business process maps for all process steps High level data flows and

stakeholder interactions

Analysis of existing SARPs Fast Travel [Facilitation]


Process & Operations EG – 2018 deliverables and next steps

01

Pre-Travel

02

Ticket Issuance

03

Check-in

04

Document Scanning

05

Authorization to proceed

06

Baggage Processing

07

Immigration exit control

08

Security Access

09

Security Screening

10

Flight Re-Booking

11

Boarding

12

Immigration entry control

13

Baggage Collection

14

Customs

Departure

Document Check

Arrival

FLIGHT

Tranfer

A.1

Border Control

A.2

Baggage Collection

A.3


D.0Capture &


data

D.1

Ready to Fly

D.2

Bag Drop

D.3

Secure Area

Access

D.4

Security Screening

D.5


D.6

Boarding

D.7

Transmit PAX data to Destination

Arrival

Off Airport At Airport IN Flight At Airport

DCSData

IMP record

Creation

IMP Bag ID

IMP Process Stamp

Risk Score

Defined

Apply Risk

Score

IMP Process Stamp

Set BC Score

retrieve BC

Score

IMP Process Stamp

Retrieve Risk

Score

IMP Process Stamp

Archiving

Transmission

Reception &

Dispatch

IMP Process Stamp

Set BC Score

Set quarantine score

Provide BC

Score

IMP Process Stamp

Apply quarantine Score

Archiving

IMP Process Stamp

IMP Options

DCSData

IMP record

Creation

IMP ID Verification

IMP ID Verification

IMP ID Verification

IMP ID Verification

IMP ID Verification

IMP ID Verification

IMP ID Verification

IMP ID Verification

IMP CoreTransmis

sion

Technology Standards document Existing biometric standards to be

considered in the context of One ID V1 ready for release

Guidance on Collaborative IdentityManagement Platforms (IMP)


Technology EG – 2018 deliverables and next steps

One iD & Principles

Defining IMP

General Considerations for Setting up an IMP

Technical Considerations

Scoping

Information Flow elements

IMP TypesTechnical

Classification

Operational Classification

Required standards and RPs

Section 2

Section 1

Section 3

Section 4

Section 5

Data Privacy Considerations

General Considerations

PAX at the centerSP Providers

IMP (s)IMP users

Examples

Operational Framework Basic guidance developed including links to existing templates and advice Agreed no further development required at this stage.

Privacy Guidance on preparation of a privacy impact assessment (PIA) Development of key messages and talking points for use by project team

and stakeholders Identification of outstanding privacy questions – to be addressed in 2019


Legal & Governance EG – 2018 deliverables and next steps

Industry business case Qualitative analysis Further research and quantitative analysis required

Business Case guidance Initial guidance for stakeholders looking to develop their own cost/benefit

analysis and business case


Business Case EG – 2018 deliverables and next steps

One ID Expert Groups Plenary sessions e.g. at PEMG or dedicated meetings Ad hoc meetings on specific topics in smaller groups Conference calls Individual contributions

Participation is open to airlines, airports, governments, partner organizations and IATA Strategic Partners with relevant experience and expertise in order to actively contribute to development of industry guidance, recommended practices and standards

Contact: Amandine Thomas, Project Manager, One ID, [email protected]


How to get involved?

mailto:[email protected]

Recap & Closing

Documents

IATA Asia-Pacific One ID Workshop€¦ · Housekeeping Washrooms Coffee & Tea. Valuables. Fire Alarm. Asia-Pacific One ID workshop 2 12 Nov 2018