< PreviousTHE CHALLENGE Around the world, the number of travel documents issued by different States grows every day. New types of travel documents are continuously issued as States react to the pressures to make these documents even more secure, incorporating the latest developments of the document security industry. But even as new security features are being developed and used, there are new trends and modus operandi of document fraud that are evolving quickly. Verifying travel documents is one of the main challenges for border guards and police officers and it is pivotal during first-line border control inspections. This underlines the importance of frontline document and database checks at international borders. It is worth noting that frontline border control activities are conducted in extremely complex environments. Police officers and border guards are required to operate under tight time constraints (rapid passenger control) and to be familiar with a growing number of new types of travel and identity documents. Criminals are aware of these constraints and exploit weaknesses in the system to cross borders with the purpose of committing further illegal activities. THE VISION Frontex, the European Border and Coast Guard Agency, and INTERPOL are committed to fighting document fraud. The mission of both organizations includes supporting police and border guards in effective border control. The FIELDS (Frontex INTERPOL Electronic Library Document System) project aims to support border guards and police officers in authenticating travel and identity documents by giving them access to visual information on the key detection points of inspected documents, in the framework of their national systems. INTERPOL AND FRONTEX COLLABORATE TO IMPROVE FRONTLINE DOCUMENT CHECKS 8 INTERPOL-FRONTEX COLLABORATIONOfficers conducting first-line border checks have only seconds to verify the authenticity of a document and assess whether it is genuine or potentially fake. Knowing which key markers to check on a travel or identity document can ultimately help improve border and international security. The project is intended to complement existing national examination processes and systems, including those equipped with automated document scanning technologies. AN EFFICIENT TOOL FOR BORDER GUARDS AND POLICE OFFICERS Expanding upon their respective Dial- Doc (Digital INTERPOL Alert Library – Documents) and Quick Check Cards initiatives, INTERPOL and Frontex are partnering to further enhance the ability of police and border officers to authenticate travel and identity documents at national borders. Frontex recently developed a new product called Quick Check Cards (QCCs). The aim of this tool is to assist first-line border guards to quickly identify key document features that indicate potential fraud. It helps ensure that suspect documents are spotted and referred to secondary processing for closer examination, while rightful holders of authentic documents are not exposed to unnecessarily thorough inspections. The QCCs are a decision-aid for law enforcement officers during travel document authenticity verification ‘at first encounter’, concisely presenting the most relevant information on the inspected document. The tool specifically focuses on key detection points that are selected on the basis of the specific security features of the inspected document, as well as the known, recent and most relevant forgery trends. Frontex has also recently established its Expert Group on Document Control (EXP- DOC). The working group is composed of nominated technical specialists and operational document experts from Schengen Member States. To ensure the highest quality of the product, Frontex relies on the working group when developing and creating QCCs. This unique initiative takes the knowledge of several highly professional document experts from numerous Member States, to build one, simple-to-use product that is designed for frontline officers. INTERPOL’s Dial-Doc is a tool containing ‘alerts’ and information on recently detected counterfeit documents. It is designed to assist border guards and other law enforcement officers during second-line document checks in the identification of document fraud. Project FIELDS will bring together and enhance the existing Dial-Doc platform to make the Frontex Quick Check Cards available to frontline border control officers via INTERPOL’s I-24/7 secure global police communications system. Interpol, Passport ePO. Validity 10 years 1. Biodata page visible light and under UV Light (365 nm) 2. Personalization with laser engraving 3. Secondary image protected by embossed security feature 4. Background/security printing in offset 5.Left side holder image with embossed security feature 6.OVD The colors of the reproduction may not correspond exactly to that of the original May_2018 / Ref.2012_XPO_ePO_SP LIMITED - FOR CONTROL AUTHORITY USE ONLY Reference Manual Quick Check Card Ref. iFado: May 2018 / Validated by : CED QCC2017_V.00 1 2 4 6 3 8 7 5 8 6 3 2 5 4 9 www.ICAO.int INTERPOL-FRONTEX COLLABORATIONNational authorities will be able to benefit from this new system using their existing infrastructure and connectivity to INTERPOL. PROJECT IMPLEMENTATION INTERPOL and Frontex are currently working to determine the requirements and the technical and functional specifications of the proposed system. An interagency steering committee is leading the project to ensure it is technically feasible and will add value to the participating States and their citizens by contributing to border and international security. Technical and operational experts from a small pilot group of States are assisting in the development of the project, to make sure the system can be integrated with national IT infrastructures and will meet the daily needs of officers on the ground. The 18-month planning and analysis phase is expected to conclude in early 2019, after which the technical upgrades to the Dial-Doc system will be implemented based on the approved design within one year. HOW WILL THE NEW SYSTEM WORK? Based on the specific identifier of the inspected document, a request will automatically be sent to INTERPOL to ascertain if a QCC corresponding to the inspected document, is available in the Dial-Doc database. Border guards and police officers using mobile equipment will also be able to connect to Dial-Doc directly from their national applications, and to consult QCCs when checking the authenticity of inspected travel and/or ID documents during frontline policing. The envisaged Dial-Doc system will be made available to any national law enforcement authority upon a national decision. BENEFITS FOR PUBLIC SECURITY Having effective control of travel and identity documents is an important cornerstone of border security and successful migration management. It is also an inevitable tool in the fight against terrorism and organized crime, significantly contributing to global security. The real-time availability of the Frontex Quick Check Cards at frontline border checks will increase effectiveness in verifying the authenticity of travel and identity documents at border checks, contributing to the security of EU and partner countries. INTERPOL, through its global I-24/7 network, already provides real-time information on the validity of travel documents through its Stolen and Lost Travel Documents (SLTD) database that contains records on lost, revoked, invalid, and stolen blank documents. Once the envisaged system is implemented, the enhanced Dial-Doc will become an additional tool to enhance document border control, covering other elements of document fraud, such as counterfeits and forgeries not currently recorded in SLTD. Member States will be able to take advantage of the opportunities for streamlining first-line border control systems through the integration of the new INTERPOL-Frontex solution within 10 ICAO TRIP MAGAZINE | NO. 1 | 2018 INTERPOL-FRONTEX COLLABORATIONENABLING TRUST Every day, central banks, governments, companies and millions of people rely on SICPA to protect the integrity and value of their currency, personal identity, products and brands. With high-technology security inks at the core of its expertise, SICPA extends its services to include identification and verification systems designed for an integrated approach to identity protection. Our team will welcome you during the 14 th ICAO TRIP Symposium 2018, on Booth #1 Lean more on www.sicpa.com existing national border management and police systems. The use of ad-hoc technologies will ensure maximum flexibility and customization. The envisaged system may be made available to any law enforcement officer in any INTERPOL Member State, but access and implementation will remain under the sovereignty of the individual States after the project has been finalized. At the same time, in line with national information sharing policies, a thorough restriction system will be implemented to allow each State using the system to decide with whom it will share any information uploaded to the system. Finally, through this project, INTERPOL and Frontex together aim to leverage and expand international cooperation between border control and law enforcement authorities to raise awareness of and tackle the global challenges posed by document fraud. “ ...effective control of travel and identity documents is an important cornerstone of border security and successful migration management. It is also an inevitable tool in the fight against terrorism and organized crime... ” FABRIZIO di CARLO Specialized Officer, Forensic and Police Data Management, sub-Directorate, INTERPOL SZABOLES HORVATH Team leader, Centre of Excellence for Combating Document Fraud, Frontex INTERPOL-FRONTEX COLLABORATIONBIOMETRIC SYSTEMS: CAN THEY BE CHEAP AND SIMPLE? INTRODUCTION Thinking about installing or improving a biometric system for traveller identification? You may feel pressured to buy something that’s expensive, complex and large in scope. Based on Australia’s experience with issuing passports, you may not need a system like that. We’re sharing what we’ve learned in recent years about putting together simple, effective biometric controls that don’t break the national treasury. Every identity authority’s circumstances are different. Nobody would want, or would be able to replicate our solution in full. But the principles behind our approach, and many specific elements, may give you something to think about. Though we deal with facial biometrics, the concepts apply equally to iris and fingerprints. OUR STARTING POINT Every year, Australia’s Department of Foreign Affairs and Trade processes two million travel document applications. Slightly more than half come from the 14 million Australians who need to renew the passport they already have. We archive the biometric facial image from every application. Our image repository has 27 million biometric images, a figure that grows by more than 8,000 every business day. We were one of the first passport authorities, and one of the first government agencies Bundling can leave organizations with opaque ‘black box’ systems they do not fully understand, that foster excessive dependence on the vendor, and that are more likely than simple systems to fail. While black boxes are good for vendors, they add complexity, cost and maintenance overheads that organizations don’t generally need. Often, black boxes don’t optimize the business value of the personal information the organizations have collected. HOW WE AVOIDED THIS We made decisions about our new biometric system with a hard-headed understanding of what we would not need it to do. It would not need to include an identity repository. Sitting behind our processing software, we already had a robust non- biometric database that linked identity elements (names, addresses and so on) to application form numbers and the passport numbers of completed travel documents. This ensured that every client only had a single identity record. Our new biometric system would not need a business rules engine. Through Delta and Atlas, we already had, like most passport issuers around the world, an IT workflow that followed defined business rules for handling applications logically. Our Atlas software was going to have a thin-client interface that presented anywhere, to integrate biometrics into our identity management. That was in 2004. Back then, it wasn’t possible to purchase whole biometric systems, so we developed our own system in-house. We built our biometric system into our passport processing software (called Delta), and coupled it to Delta’s workflow engine. It functioned very well. But because it was so deeply embedded in Delta, it was not adaptable. When we recently developed completely new processing software (Atlas), we were unable to simply take Delta’s biometric system and transplant it. We needed a new biometric system. And we needed it to not just process new passports, but to also verify existing passports for other agencies. This way we could participate in the nationwide biometric identity-matching arrangements that Australia’s federal, state and territory governments launched in 2017. WHAT WE DIDN’T DO Hype about biometrics, and the fear of missing out on the benefits, can tempt senior managers into seeing biometric systems as a solution to all kinds of identity risks. This opens the door for vendors to oversell the capability of their biometric products, or to bundle them with business rules engines, identity repositories, middleware layers and other add-ons. 12 BIOMETRIC SYSTEMSbiographic and biometric information to passport processing officers on a single screen. Our new biometric system would need to service this interface but not integrate with it. We boiled down what we would need to three core functions. 1:n (Identification) – comparing a supplied image to multiple images in our records to detect identity fraud and identify unknown persons for identity- matching purposes. Identification answers the questions, ‘do we know this applicant under another identity’ and ‘do we know this person at all’? 1:1 (Verification) – comparing a single image in our records to the supplied image of someone who purports to be that person. Verification confirms that a renewal client is using the same identity as in previous applications or that a person interacting with government in other contexts is who they claim to be. QA (Image Quality Assurance) – determining whether a facial image is good enough to be used for Identification or Verification. We did not build a single big application to perform these three functions. Instead, for simplicity and flexibility, we developed a set of three separate services. HOW IT WORKS The Image Quality Assurance (QA) service accepts a single facial image and returns a list of quality attributes. Which internal system calls the service isn’t important, it could be our Delta or Atlas passport processing software, an identity-matching software or a future software not yet conceived. The service will return the same list regardless. The workflow engine in the software that calls the service decides whether the attributes in the list signify an image quality high enough to attempt a match using the other two services. The Verification service takes two facial images as an input and returns a match score, a figure between 0 and 1 indicates the likelihood of a match between the two images. The workflow engine in the software that calls the service, decides whether the score constitutes a match, and what to do with it next. The Identification service takes a single facial image and returns a list of the top 200 possible matches. The list includes only the identity record number and match score, for each result. The workflow engine in the software that calls the service decides what to do with the information. This approach has a number of benefits. The services proved relatively simple and quick to build. Keeping them discrete from other software means we can make them highly available at a lower cost than what would otherwise be the case. WORLD CLASS BORDER SECURITY FOR A WORLD THAT’S ON THE MOVE. BIOMETRIC SYSTEMSSTEPHEN GEE Australia’s TAG-TRIP Member and Assistant Secretary in Department of Foreign Affairs and Trade of Australia The services can be called by any of our business processes, not just passport application processing software. Each service can be upgraded or replaced separately, with no impact on the other two services, and with no effect on business processes as long as the new service returns outputs within the same range. The outputs are simple and known, so developing new business processes that use them, is straight forward. New approaches to facial comparison, such as using multiple matching engines, can easily be implemented behind the service interface. BIGGER IS NOT ALWAYS BETTER With the new system came a new line of thinking about the identification service. Until recently, our policy had been to enrol every facial image in our archive into the database of our biometric system. This posed two challenges. 1:n Identification engines are expensive, and licencing is based on the number of templates enrolled. Extensive research has shown that as the size of the database increases, the matching effectiveness decreases. We have therefore decided to rationalize the number of templates we enrol. Because facial images of young children and outdated images of adults are of little value for identification, in the future we will only enrol the images of children above a certain age, and the most recent image of other clients. These policies will reduce the size of the database from 27 million to around 13 million. This will bring a significant saving in licence and maintenance fees, and a corresponding increase in matching effectiveness. Images not enrolled in the database will be retained in the archive, from where we will be able to access them manually if we need to. THE BOTTOM LINE The project took 12 months to complete at a cost of just AUD 2 million (USD1.477 million). This kind of inexpensive outcome is not typical, but then neither was our approach. In deciding on a biometric system, the most important factor is a clear-eyed understanding of what you do and don’t need. Every biometric system uses commercial components, such as algorithms and service interfaces. The key is to buy only what you require, to make the technology work for you rather than the other way around, and to deal with vendors from a position where you, not they, are setting the agenda. BIOMETRIC SYSTEMSIn January 2018 the World Economic Forum introduced its Known Traveller Digital Identity (KTDI) concept, an initiative co-designed by public and private sector partners that seeks to anticipate the challenges, and take advantage of the immense opportunities that emerging technologies will present, in the cross-border movement of people. The KTDI concept seeks to address the changing behaviours and expectations of travellers, the growing global traveller volumes, and the rise in geopolitical insecurity. As a traveller-centric system, the KTDI concept would provide authorities and security officials with early, reliable and verified information prior to individuals arriving at the border. In doing so, the KTDI concept would better enable risk-based traveller differentiation and facilitation, providing authorities with added time and resources to detect and address risks and threats. to effectively combine expertise and resources to deliver positive change in the safe, clean and inclusive movement of goods and people. The Forum is fortunate that ICAO’s Secretary General, Dr. Fang Liu, serves as a member of the Board of Stewards on this System Initiative, which has enabled increasing collaboration between the two organizations. LEARNING FROM TRUSTED -TRAVELLER PROGRAMMES Research undertaken in 2016 and 2017 by the Forum in collaboration with the International Criminal Police Organization (INTERPOL), and interviews with leaders of the most advanced trusted-traveller and registered-traveller programmes, revealed the impediments to scaling such programmes geographically, and reaching The World Economic Forum (the “Forum”) is an independent international organization committed to improving the state of the world by engaging business, political, academic and other leaders of society to shape global, regional and industry agendas. The Forum is organized into fourteen System Initiatives, each of which is designed to stimulate a more effective public-private response to a complex global issue, in order to improve the state of the world. Systems leadership works by cultivating a shared vision for change, empowering widespread innovation and action, and enabling mutual accountability. The Forum’s System Initiative on the Future of Mobility connects stakeholders within and across industries and regions more travellers. These impediments limit the potential to pre-screen and pre-clear larger numbers of low-risk travellers. Among the challenges identified were the expensive and human resource-intensive nature of trusted-traveller programme implementation, the lack of trust between participating countries – which results in the duplication of vetting processes – and the low rates of adoption due to the cost and onerous nature of the application process. As such, governments have a limited ability to reduce bottlenecks in screening and border management. Where registered traveller programmes, rather than trusted- traveller programmes, have been adopted to improve uptake and implementation, initial vetting remains dependent on legacy systems whereby risk-levels are based on the country of origin. Undertaking risk assessment based purely on biographic data, such as nationality, can be ineffective since high-risk travellers from countries deemed ‘safe’ may be overlooked. Furthermore, this approach could risk being discriminatory, in that trustworthy travellers may be subjected to excessive screening if they come from countries deemed ‘high-risk’. THE KNOWN TRAVELLER DIGITAL IDENTITY CONCEPT At its core, the KTDI concept promotes a risk-based, data-driven approach to traveller 15 KNOWN TRAVELLERscreening and border security. The concept is founded on the principle that individual travellers have control over the use of their own identities and their components. It empowers travellers to become active partners in the security process by choosing to share their data with security and border screening officials, as well as private sector entities, in advance of travel. Through the advance sharing of identity information, the KTDI concept equips government and private sector entities with traveller information that would improve decision- making and risk assessment related to authorizing travel and border crossing. USER-CENTRICITY The KTDI concept puts the individual traveller in control of the specific identity information (such as biometric, biographic and travel history data) provided to governmental and private- sector players along the journey, for the purpose of risk-assessment, verification and access. The traveller can select which information is shared and for how long, in accordance with the requirements of the authority or private entity from which he/she is seeking access to services. His/ her identity is authenticated through biometric verification, and profile information is protected by distributed ledger technology and cryptography. By self-selecting the sharing of their digital identities, not only will travellers be integral in the security process, but they will experience the reward of more personalized and seamless journeys. ADVANCED PASSENGER SCREENING When travellers push proof of their identity information to governmental authorities throughout their journey, they will build trust in their digital profile, which will, over time, create facilitation opportunities. The access by authorities to verified personal biometric, biographic and travel history data enables entities to undertake advanced risk assessment of the traveller based on verified identity information and provide seamless access through biometric recognition technology, which will also further ease traveller facilitation. For travellers who are deemed low risk, this could result in a more efficient and seamless pre-boarding screening process. For receiving organizations and entities, the validated identity proof of the KTDI concept offers the advantage of knowing in advance those they will be interacting with. By having this information provided in advance, organization-specific processes can be executed more efficiently and effectively. Also, both public and private entities will be able to offer more custom- made services with more direct benefits for the traveller. PROOF OF IDENTITY AND ATTESTATIONS To build a verified “Known Traveller” status, the traveller needs attestations. Authenticated claims as declared by a trusted entity, attestations, would be added to a traveller’s KTDI wallet each time a trusted entity (e.g. a government border official) verifies an identity claim. Currently the opportunity to collect these attestations in a distributed ledger- enabled KTDI wallet is being explored. Eventually, the distributed ledger- enabled KTDI wallet will have the ability to include verified attestations such as proof of citizenship in country X, proof of an educational degree from college Y and proof of vaccination for viral disease Z. In the future, country A might authorize 16 ICAO TRIP MAGAZINE | NO. 1 | 2018 KNOWN TRAVELLERa traveller to enter country A based on attestations, which do not contain any personal information, by country B (e.g. visa, entry and exit attestations). Attestations are verified ‘proofs’ of granular identity components, provided by governments or other entities. Together these attestations generate the basis of the traveller’s reputation and ultimately can influence the determination of future security decisions related to immigration, border clearing, customs and pre-departure screening. The more attestations a traveller receives, the more confidence authorities may have in the traveller’s status as “known”, and the more data points authorities have upon which to make risk assessments. An attestation is recorded in the form of a digital stamp in a traveller’s KTDI wallet and can be shared as part of identity validation history with other entities. The attestations linked to an issuing/attesting authority’s record would remain stored in a secure government solution. Access to the authority’s record of the attestation would only be granted by the issuing/ attesting authority upon request of another trusted entity. In the application for an attestation, the identity of the traveller is authenticated through biometric facial verification and any personal identity information remains protected by distributed ledger technology and cryptography. As travellers consolidate attestations into their Known Traveller wallet, they increasingly strengthen their claim to compliance, trust and legitimacy as a “known traveller”. NEXT STEPS Today’s aviation security and border crossing reality is not the reality that we will come to know in the next decade. The Forum supports the ongoing efforts of ICAO and its Member States that are LAUREN UPPINK CALDERWOOD Head of Aviation, Travel and Tourism Industries, World Economic Forum dedicated to achieving the TRIP strategy, particularly work that relates to the exploration of digital travel credentials, the promotion of interactive API systems, and the collaboration with international organizations like INTERPOL and the International Organization for Migration (IOM). The Forum will continue to interact with all valued partners to explore what the changing technology, security and traveller behaviour landscapes may mean for the evolution of these activities, and the integrated responses to them. For a more detailed overview of this work, please refer to 2018 report, The Known Traveller, by visiting http://www3. weforum.org/docs/WEF_The_Known_ Traveller_Digital_Identity_Concept.pdf. devices iOSAndroidserver-side dedicated device read MRZ live blocking of sensitive data automatic recognition of any ID use fraud check database use NFC to read RFID check against root certificates with NFC use IR and IV filters security features check For a sneak preview check our features here. Want to learn more? Visit us at our booth! Verifai is AI-powered & fully customizable ID verification software, offering countless possibilities for airlines, aviation security agencies, governments and more! KNOWN TRAVELLERNext >