Risk based screening – A risk worth taking?

Traditionally, airport passengers and their luggage have been treated in the same way.  They have been considered equally likely to be carrying explosives or other prohibited items and therefore have typically undergone similar security procedures.  Clearly every single person does not present a threat so, in the constant drive to increase security measures, surely it would make more sense to have a more flexible screening process based on the calculated risk posed by the individual?

New regulations may be making security standards more stringent but they are also inspiring companies to develop technologies which are not only compliant, but also substantially improve checkpoint screening processes. Nevertheless, it seems the current ‘one size fits all’ approach could be unsustainable in the long term and the adoption of risk based screening as a complement to the other developments, is extensively acknowledged within the industry as the next major development for screening at the checkpoint.

We are all familiar with existing measures which are, to some degree, a form of risk based screening: questions such as ‘who packed your bag?’; submitting passenger manifest data before flights; and watch lists , which may result in additional or different security procedures. However, taking this a step further and using passenger data to generate a risk assessment remains complex and controversial.

So how would it work?

It is likely to be part of a multi-layered approach including behavioural analysts watching people as they move around the airport; questions at the check-in; and, of course, the security checkpoint itself. The TSA’s PreCheck scheme already offers a security fast track to American citizens flying domestically within the USA or departing from a US airport. Known, regular and low risk fliers voluntarily register for the programme and pay a subscription. It is, however, unlikely to be deployed in the EU.

PreCheck works by offering trusted fliers a simpler and faster security procedure than everyone else; but current thinking on the development of RBS is tending towards applying more stringent, yet to be defined, security screening to the higher risk group. In this way, security is increased with the supplementary resources allocated to those posing the greater threat.

Sophisticated algorithms are used every day to reveal insights into how we live our lives – even down to what we buy, watch or visit – and the same methodology could be applied to the data in airline reservation systems. Intelligent, analytical use of this readily available information could go a long way towards identifying suspect passengers based on their travel behaviour patterns. Critical additional data would be collected from government and security services on criminal records, ‘person of interest’ files and other relevant intelligence sources.

All passengers could continue to use the same screening facilities and the checkpoint team does not need to see or have access to any of the passenger data.  Yet to be established, however, is how a high risk status would be communicated to the security checkpoint team to initiate further processes – and it has to be very discreet. The information could perhaps be added to the boarding pass, which is scanned prior to screening; or maybe biometrics could be used.

Integrated, networked checkpoints should enable different security measures to be triggered in response to a change in threat. This could take, for example, the form of applying different detection algorithms – an approach already used in hold baggage screening based on destination. Alternatively, it could mean automatically diverting all bags of a high risk passenger for recheck.

What are the challenges and benefits?

Identifying low risk, regular fliers, as in the TSA PreCheck system, is relatively straightforward since a great deal is known about this group and much of it is consistent with them not being a threat. However, at the other end of the scale it becomes much more difficult to isolate the higher risk group and there will always be fears about the potential for racial or ethnic profiling; or a massive invasion of privacy for everyone travelling by air. There are both legal requirements and public attitudes regarding the collection, use and retention of data to be considered. The many different authorities would also need mutually to recognise the process and screening measures to be applied.

The most obvious benefit is the intelligent use of additional resources to increase security. But the flexibility of risk based screening should also deliver a screening process which can adapt to changing circumstances whilst complying with privacy and data protection concerns. For example, the tougher security measures could be triggered for all passengers during high level alerts; or for flights heading to/from specific destinations.

What happens next?

The technical means to introduce risk based screening are available now. Many of the latest checkpoint solutions can integrate sensors and interface with information systems outside the checkpoint and could respond to changing threat levels by flight, destination or individual.

It would seem sensible to undertake scalable operational trials which make use of existing infrastructure such as boarding card readers. This would help everyone understand the issues and hazards as well as how to measure the effectiveness of risk based screening and the overall security outcome.

Despite the challenges, the opportunity remains for improving security and making more efficient use of screening resources. The availability of new screening technology and standards at the checkpoint provides a platform to build risk based screening into an integrated aviation security solution.

Kevin Riordan
Kevin Riordan heads the checkpoint solutions team for Smiths Detection. The role is part of the overall strategy & marketing function working closely with Sales, Products & Technology and overall business management, interfaces closely with the customer community and key industry stakeholders in order to develop the sector; providing guidance for product strategy and subject matter expertise to all functions of the business. He has previously worked for a number of UK government departments including the Home Office and the Intelligence & Security Secretariat of the Cabinet Office, responsible for research and development programmes and technical policy development.
Kevin Riordan
Kevin Riordan heads the checkpoint solutions team for Smiths Detection. The role is part of the overall strategy & marketing function working closely with Sales, Products & Technology and overall business management, interfaces closely with the customer community and key industry stakeholders in order to develop the sector; providing guidance for product strategy and subject matter expertise to all functions of the business. He has previously worked for a number of UK government departments including the Home Office and the Intelligence & Security Secretariat of the Cabinet Office, responsible for research and development programmes and technical policy development.