Automated Border Control in airports: eGates or kiosks are increasingly used, but can they be trusted?
March 28, 2018 -
Most people don’t usually associate passport control in airports with a fast and pleasant experience, but this is exactly what Automated Border Control (ABC) aims to achieve. An intuitive, user-friendly design of ABC eGates and kiosks helps to speed up lines and create a seamless experience for travelling passengers. An electronic passport or other electronic Machine Readable Travel Document (eMRTD) is analyzed in combination with an automated biometric verification of the passenger. Thorough inspections are necessary for border control agencies to ascertain with confidence the true identity of the person travelling. To be effective, this automated procedure must be implemented in combination with a high quality inspection of the verification systems.
There are several parties that depend on ABC eGates or kiosks working properly for every passenger. Airports depend on them to process a high volume of passengers and reduce slow-downs that can lead to travel delays. Border control is primarily concerned with ensuring that ABC eGates or kiosks do not allow anyone that has a phony / faulty passport to pass through undetected. This could include but is not limited to terrorists, traffickers, criminal fugitives, or other individuals that are wanted or have been banned from flying. There could potentially be liability for allowing this to occur, as well as political embarrassment for the responsible government organization. Border Control agencies must be able to ensure that document inspection and passenger identification is correctly performed in every system, as well as matching the documents data to the travelers biometrics.
It was recently made public in the United States* that ABC kiosks have not been correctly verifying passports for over a decade. They are unable to authenticate the cryptographic signatures of ePassport microchips, and as a result, cannot detect if the information contained on the chip is fraudulent or tampered with.
Proper testing of ABC eGates and kiosks can help bring issues such as these to light much earlier, and periodic retesting will help guarantee document inspection is carried out correctly over the lifetime of the systems.
In a European Frontex (European Border and Coast Guard Agency) technical report of 2014 it was reported that “The performance of technical equipment shows a degree of variability, indecision, and inconsistency, with errors happening when optical authentication is performed, as well as problems with electronic authentication resulting in a number of false documents being incorrectly accepted as genuine (and ceteris paribus, genuine documents being rejected as false).”
To reduce the likelihood of ABC systems not performing trustworthy inspections, our advice is to first obtain a clear picture of the ABC solution deployed. Thorough testing in order to discover any system flaws, as well as subsequent maintenance of the ABC system in place should be implemented. Responsibilities for the system configuration and maintenance should be laid out, in addition to who executes these activities and how often they take place. Processes for configuration, software updates, firmware updates and patches should be in place.
ABC systems in airports are complex, and are typically continuously optimized and reconfigured to allow for a more convenient passenger experience. Any changes to the system necessitate proper configuration management and testing in order to ensure the deployed ABC solution is inspecting documents correctly and adhering to protocols over its lifetime. Our dedicated test team has extensive experience with testing ABC systems and isolating problematic responses.
Our experience with various electronic Identification (eID) proofing applications that inspect eMRTDs such as ePassports, eIDs, eResidence Permits and eDriving Licenses is that the implementation of the eID proofing application including the (automated) interpretation of the verdict is more complex and error-prone than expected. We commonly see that basic tests are executed against these systems with a handful of real documents. These real documents cannot be modified in order to challenge the system on more complex issues it will likely encounter in a fraud case.
Our testing procedure involves the use of tooling that allows for a customized approach that is capable of locating eID proofing application faults that cannot be realized using more traditional methods. As our test team also has available the traces of communication between the passport and the inspection system, issues can be quickly found and reported. Testing these applications has enhanced the quality of inspections and helped to establish trustworthy identity verification procedures.
After a clear picture of the ABC solution in place has been established, including the maintenance and responsibilities of the system configuration, testing can be initiated.
The ABC solution should be tested against the inspection standard or – if needed – to local extensions. Retests should be executed when needed. In addition, proper training of border control officers on verification procedures and protocols helps to reduce confusion, or worse, situations where fraudulent passengers might be overlooked.
Please note that on acceptance of a new ABC solution this testing can be very beneficial as well, as it gives a clear idea as to whether or not the response of the solution matches the security requirements of border control.
For more information on eGate verification, contact us.