Securing Identity in Modernizing the Future of Air Travel

Show video

(Upbeat music) [John Verrico] Welcome everybody. And thank you for joining our discussion on Securing Identity in Modernizing the Future of Air Travel. I'm John Verrico, I'm the Chief of Media and Community Relations at the Department of Homeland Security, Science and Technology Directorate. And I'll be the moderator for our conversation today. Our talk today is part of Series Three of the DHS, Whole-of-Government R&D Showcase, mitigating evolving threats, and understanding the convergence of emerging technologies. I'm gonna share a little bit of brief context before we get started.

So, our discussion today is gonna focus on how technology will change the way you think about security checkpoints. Ensuring innovative capabilities and options are in place to keep pace with emerging threats, and the rise in volume of the traveling public has become a global issue. We want to provide you an inside look at how investments in biometrics and digital identity technologies will reduce wait times and enhanced security.

These are important operational needs for improving and securing the passenger experience and the flows of commerce. Now, with a focus on unifying research and leveraging breakthrough technologies, each of our presenters today is focused on providing faster, smarter, and safer travel experiences in the coming years. And not just for travel, but also for any checkpoint environment. So, our panelists include today, Mr. Jason Lim, who is Identity Management Capability Manager at the Department of Homeland Security, Transportation Security Administration, most commonly known as TSA. Also as Arun Vemury.

He is the Director of Biometrics and Identity Technology Center at the Department of Homeland Security's Science and Technology Directorate. And last but not least Mike McCaskill, who's the Director of Identity Management at the American Association of Motor Vehicle Administrators. Welcome all of you, thank you so much for joining us.

So, I'd like to kick things off with how technology is changing the way we think about air travel and get your perspectives on the bridge between where we are today and our smarter safer future. How does technology enhance identity verification in the checkpoint environment? So, I'll start off with you first Arun. What kinds of emerging technologies are poised to impact security checkpoints, and what are the concerns of passenger interaction and the needs of security officers? [Arun Vemury] Thank you, John.

First of all, it's a pleasure. I think it's fair to say. We're seeing technology change faster than we ever had before. The pace of technology and innovation is continuing to increase and get faster and faster.

Right now we're seeing massive improvements and benefits coming from a couple of different directions in particular with things like biometric technologies, any ability to verify people by using fast and easy-to-use technologies, similar to like unlocking your phone. But we're also seeing massive improvements with the ideas around using digital identity credentials to help provide information and verify people in a privacy enhancing way. A lot of things, times people think of identity and think of these technologies as being things where they are losing privacy.

That the point here is with some of these new technologies and these new approaches, we might actually see an enhancement in both security as well as stronger privacy protections in place. [John Verrico] Excellent, thank you. So, Jason what are some of the concerns or the perspectives from the TSA side of things? [Jason Lim] Thanks, John.

Thanks, Arun. So, no concern from TSA side of things. So, now, TSA is exploring the use of biometrics and digital identity technologies to automate identity verification and airport checkpoints, which we do up to 2 million times a day, right? So, we want to modernize a screening experience for travelers and enhance at the same time, the aviation security effectiveness. Today the Transportation Security Officers, the TSOs and airline employees manually compare the passenger in front of them to their photo identity documents, the TID, to verify their identity.

So, we know when we are experimenting and developing capabilities for technological solutions by ID verification that provides improved speed and accuracy, that generally exceeds human capabilities. [John Verrico] And so, that leads us right to our next guest, because I wanna talk about these enhancements that we've been hinting at in digital identity capabilities and how we can scale identity solutions to help other sectors and communities in the global market. So, Mike, what can you tell us about digital identity? [Mike McCaskill] Thanks John, thank you for having me. So, over the last few years people have become attached to their mobile devices, to their smart phones. And as they've done that, they've wanted to use that for everything in their lives, from paying with a credit card to now identity. And over the last few years with the real ID act has come into play, in the last several years.

Departments of motor vehicles have gone through much more stringent identification protocols to identify the person they're issuing the credential to. Well, now, they've added mobile driver licenses to that issuance process where they're issuing the credential digitally instead of physically or in addition to a physical license. What that does is it allows them to get through a checkpoint much quicker, but use less data to do that. Is more secure, because you're not flashing your entire physical credential to the TSO yhere at the airport.

You're actually just giving them the data they need to identify you as you move through the checkpoint process. So, over the innovations over the last several years with technology and with the International Organization for Standards work on standardizing the protocols by which you interact with an MDL. That has become much safer and much more stringent there at the airports. There has been a great improvement for not only the airports and TSA, but the passengers themselves. [John Verrico] Wow, that's brilliant.

So, Jason, what can you tell us about how this works for TSA? Why is this important? [Jason Lim] So, ist's important to TSA John, because with the increased use of MDLs and other digital IDs, we have to be able to be ready to ingest them at the checkpoint. Basically accept them when passengers come to us with MDL or other forms of digital identities. We do that by developing, testing, implementing the technical infrastructure that's needed to accept them at airport checkpoints, and maybe even other parts of the airport ecosystem. So, specifically a TSA is evaluating the feasibility of incorporating MDLs into our checkpoint operation to increase, in coordination with the infrastructure we have out there right now, to increase passenger privacy concerns as well as airport security effectiveness. And also reduce the risk of encountering stolen or counterfeit fiscal IDs.

We believe that the use of MDLs, would also further limits physical contact between TSOs and the passengers, because it is really a self service presentation of PID to TSA checkpoint. So, it makes the whole thing much more seamless and touchless as well. As, as Mike mentioned, we are leveraging the industry standard, the ISO standard. And that's gonna govern the trust ecosystem around this space and that it will allow TSA to securely receive and authentic digital identity information to verify a person's identity. So, from a passenger experience perspective it becomes more seamless than touchless, from our perspective as TSA, it becomes much more secure.

[John Verrico] Excellent, so, let me ask Arun and Jason as well, and Mike, if you want to add. Thinking broadly about new applications and scalability of this type of technology, any other additional insights that you'd like to add on these, how transferable these kinds of solutions are? [Arun Vemury] Yeah, thanks John. I think it's fair to say that we're seeing a lot of interest in the use of these technologies. They aren't limited just to the TSA checkpoint. The ability to potentially, as Mike rightly pointed out, a lot of this is being driven by customer demand and users who want to be able to carry their phone with them and present their identity, but don't want to share necessarily all of their information. Now you can present just the limited information that you need.

Imagine going in and buying like an age restricted item, like cigarettes, all the cashier needs to know is your age or the fact that you're over 18. You don't need to reveal your name. You don't need to know where you live, or your date of birth. Similar types of things for other types of things that you can present only the information that you absolutely feel is necessary. So, it's a way to provide people more control over their data for the specific purposes, that their specific services are seeking.

I think the while TSA has been leading the way here and honestly is doing a lot as a potential early adopter of these technologies. If these technologies take on, I think that there could be widespread adoption that not only provides privacy protections, but also provides better security for relying parties. So, if you're maintaining physical security for an office building and somebody comes in and scans and shows that they are who they claim to be, you could quickly do a verification, say, "Yep, that's got the right signature," rather than just showing, flashing your badge and walking right past the security guard.

You can have that quick, fast transaction, but nobody's got to actually physically stare at it and make sure is the hologram in the right place are the right security features in there. So, you get the benefit of security as well as the speed and convenience of these quick interfaces. So, we think there might be huge benefits here in, as we start to look at not only MDL, but other types of digital credentials that might start coming into play in the marketplace. [Mike McCaskill] John, I'd like to add to that, just one second, if could. The International Organization for Standards it stands at 1813.5. And that standard is merely a data model and a transmission protocol that can be used in any situation.

It doesn't have to just be in a TSA or just with a law enforcement officer or just at a bank. It can be in any number. It can be modeled in any number of transactional types. So, that is reusable over and over again. And you don't have to recreate that standardization for other transaction types to Arun's point.

[Jason Lim] Yeah, so, for us, for TSA. So, given the wide diversity of the millions of travelers, swimming through airport checkpoints daily, for us the accuracy and identity verification solutions, is the key issue for TSA. So, in order to do that, we work with partners like AAMVA, with DHS S&T specifically, so, that we can ground our solution exploration and scientific study analysis. So, evaluate independently objectively the solution performance in our operational environments so that we can provide as accurate, as passenger friendly, and as equitable solutions for ID verification at the checkpoint.

[John Verrico] Excellent, thank you so much. Hey, Arun, let's go back to you because I wanna ask about how you're working with industry and making it easier for industry innovators to work with government, and how does this research get accelerated and things have been evolving at such rapid speed. What can you tell us about that? [Arun Vemury] Yeah, good question. So, we're seeing these improvements and they're not coming obviously from just government. Well, most of this stuff is actually happening in the private sector.

The massive improvements we've seen with the use of biometric technologies with the use of digital identity technologies. We need something that keeps pace. One thing we've been specifically doing, or leveraging S&T authorities like Cooperative Research and Development Agreements [CRADA].

So, we can work directly with innovators, wherever they may be, so that we can work with, the private sector industry developer, or solution developers. We can work with airports airlines. We can work with organizations like AAMVA and ISO, to make sure that we are exchanging information, collaborating together, jointly working on different solutions. So, we can try to bring the best of breed ideas to the forefront and find things that mutually work for all parties, not where everything has to be built by one organization, but where we're taking the best ideas and the best solutions coming from lots of different places. I think a lot of the leadership that have been shown here by AAMVA and by TSA in particular, along with some of our great partners over at NIST.

A lot has been able to happen very quickly here, working in collaboration with technology developers who are actually working on the bits and bytes of the solutions. All of this as possible because we're working on this jointly as a broader community, not as one single solution developer trying to push something out to the marketplace. [John Verrico] Good, would you take a moment to quickly describe what you've been doing in the Biometric Tech Rallies and how that helps the industry as well? [Arun Vemury] Yeah, certainly. So, one of the things that we do that I think is critical with how we provide use these CRADAs, is we invite companies to bring their technologies for evaluation at DHS. We set them up and do a side-by-side comparison of the technologies to bring in large numbers of people to interact with them. And then also bring our stakeholders, our Demo, our VIP's and to see how the technologies work, see how they don't work with some of these new technologies, because they are changing so quickly.

We're running into situations where people's perception of biometric technologies is shaped by movies and TV shows rather than something they actually see on a day-to-day basis. So, by doing this we have a chance to set up a place where technology developers can show people what their technologies really do. We can bring in volunteers to interact with the technology so, we can actually test them and make sure that they're working the way the industry developers think they will. Oftentimes they don't. So, that kind of feedback is actually very useful for industry solution developers to go back and make their technologies work more effectively. So, we think that there's a real need here for lines of communication and active feedback between all the relevant parties.

So, people have a good feeling of what works, what doesn't work and how to make technologies work better. [Jason Lim] Just to add to that, John, from an operational components perspective. The services that S&T provides in the biometric space is invaluable, right? They serve as a robust, independent testing planning evaluation forum for our technologists that we wanna deploy and test in the field, and also gives us a better understanding what facial biometrics technology really is. It's not just a matching algorithm, but it's the whole thing from a human system integration, the all the human factors, passenger interaction, the acquisition of the photos of different lighting conditions. So, it allows us to look at the system from a very holistic and realistic perspective that it really leads directly to success in the field. So, you know, to that end, we find S&T's partnership, a critical components what TSA does.

[John Verrico] That is so wonderful to hear. And I know having witnessed the interactions through the tech rallies and things and watched how well we work with industry is also just so... It makes me hopeful for the future and is really is getting us to where we need to be. And I really wish we had a whole lot more time to talk about this stuff today, but we only have about a minute or two remaining.

So, I wanna wrap this up with a final, let's call it a lightning round where I just would like you to give me a one or two brief sentences, if at all possible. At the end of the day, what should everyday Americans take away from this when thinking about security checkpoint experiences? Why does this research and these types of programs matter? And I'll start with you on this one, Mike. [Mike McCaskill] Thanks, John. I think the takeaway here is that the credential is more safe, it's more secure.

But it also gives you less friction at the checkpoints because the data that's being checked TSA already knows that is valid because of the way they check it. So, it's a much more safe, secure, much less friction transaction there at the checkpoint. [John Verrico] Beautiful, Jason, how would you like to add to that or your own perspective? [Jason Lim] Okay, so, from my perspective, I wanna say that the single most important takeaway for that, is that better security can coexist with better passenger experience, more seamless and touchless passenger experience and technology allows us to enable that. [John Verrico] Excellent, thank you, Jason. And Arun, wrap it up for us. What should people take from this whole thing when thinking about the checkpoint experience, Why does this matter? [Arun Vemury] So, that's a great question.

And I think what I would say here is nobody is excited to go through security checkpoint. It's not something people are like, "Oh, I get to go through security today." What we fundamentally want to do is make sure these technologies work well, people are safe and hopefully this is something that's transparent to them, right? Something that they know that they're doing, but at the same time, don't have to worry too much about, it's not something that causes anxiety or fear. These technologies work to facilitate this process, make it as easy for people to use as possible and to use Mike's word, reduces the amount of friction that they go through the entire process.

I think we're seeing the screech, intersection of technologies, that are enabling these processes and new ways, and plate ways that maybe 10 or 15 years ago, we hadn't considered before. So, this is new, this is innovative and how we are putting these things together. I think we have great thought leaders at places like AAMVA and TSA who are not only conceiving these ideas, but being early adopters and figuring out that, wait, this could be really game changing for a lot of things that we do. And all of those things are needed. And hopefully one of the things as S&T is we can continue to help facilitate and support these activities through our testing activities, through our cooperative research and development agreements, through the different works that we're doing, because there's a lot of things that we all have to share and help contribute to really kind of transform the experience of everyday Americans. [John Verrico] Thank you again so much.

Like I said, I wish we had a lot more time to talk about this stuff, but we will have a follow-up slide for our viewers to learn more about S&Ts biometrics and digital identity research investments and about our DHS, Whole-of-Government R and D Showcase programming. I hope you have enjoyed and become very informed from this session, as well as the rest of the program, the rest of the program throughout our entire showcase. So, on behalf of Jason Lim from TSA, Mike McCaskill from AAMVA, my colleague, Arun Vemury at S&T. I'm John Verrico. Thank you again for joining us for the Whole-of-Government Rand D Showcase.

Thank you again. (Upbeat music)

2021-07-28

Show video