Smartgates and the tightening of UK & Australia borders

AUSTRALIA: ‘Foreign fighter’ laws leave door open on biometric data collection (Computerworld)

The government’s second tranche of national security legislation, the Counter-Terrorism Legislation Amendment (Foreign Fighters) Bill 2014, includes measures that potentially allow a significant increase in the types of biometric data collected at Australian airports.

Provisions in the bill also extend to Australian travellers data collection practices that have previously been confined to non-citizens.



UK: New biometric border controls at Stansted Airport at heart of terrorism fight (Herts and Essex Observer)

“We are using resources and intelligence to ensure the border is as strong as we can make it.”

He said the Government was also committed to tackling the problem of those travelling from the UK to the Middle East to join the IS jihadists and a new counter-terrorism Bill was set to include measure to temporarily remove the passports of those suspected of being radicalised and ready to fight abroad.

Dubai airport is adding 14 e-gates to the 14 it already uses

After only five months, the Dubai airport is doubling the amount of biometric e-gates available to passengers.

Dubai Airport’s Terminal 3 to get 14 more e-gates (Gulf News)

Dubai: The smart e-gate system which went operational at Dubai International airport’s Terminal 3 from January 1 this year is being expanded with 14 new e-gates becoming operational in a month’s time, taking the number of smart e-gates to 28, according to emaratech, the company which has engineered and powered the project.

The new smart e-gate system and the technology behind it were demonstrated at the 13th Airport Show. Sunil Gulia, emaratech’s technical manager, said the smart e-gate system has already seen close to 70,000 passengers registering since it started, but the number of times the gate has been used is much higher due to frequent fliers.

UPDATE:
20 seconds to get through UAE immigration, thanks to Smart Gates (The National)

Three passengers will be able to be processed each minute using the new system and “Smart Gates” – a vast improvement on the current average wait of about an hour.

Face recognition passport checks available to Norwegians returning via Oslo

Self-service Passport Control is Introduced The Nordic Page (The Nordic Page)

The technology is based on face recognition and has a two-stage operation. After passing the first gate, traveler’s face is scanned to compare with the picture on the passport. After the image match is completed, the next door is opened and the border control finishes. The process takes about 15 seconds.

This seems like a well-conceived deployment. Using the face photo in the passport document eliminates the need for a huge database of all the passport photos in the world.

Still, there are a couple of things account for.

For passports without a chip, it it is possible that clumsier fakes involving switched passport photos would pass an automated screening than would pass a human inspection. For chip-based passports, comparing the picture on the chip with the picture on the document would account for this (or make such a fake a whole lot more difficult).

There is also the question of passport chip adoption and interoperability. Not every current passport is an ePassport and not every ePassport can be read by every other country. For these reasons, the new service is only available to Norwegians.

It makes sense to move incrementally on these things and to tackle challenges a few at a time.

UPDATE: Interoperability, the Emirates ID & Social Media

ID card was supposed to make things easier (7 Days in Dubai)

I went to update my eGate card only to be told that they can’t use our UAE ID cards because they don’t have the machines to accept the cards.

I thought paying out all that money for ID cards was to help out with situations if you didn’t have your passport with you. What’s going on?

Two things of note here…

If “Confused, UAE” is typical, customers/users/stakeholders are beginning to expect interoperability as far as ID systems go.

The social media presence of the Emirates ID people is impressive. The Emirates ID Authority found this post a day after it went up and used the site’s comments section to offer assistance to the individual having problems. That’s pretty cool.

Twitter: @EmiratesID

UPDATE: 8 NOVEMBER 2012
The people at the Emirates ID Authority were kind enough to direct my attention to web resources explaining how Emiratis (citizens and residents) can add e-gate service to their Emirates ID for use at all UAE airports.

@securlinx Good morning, please be advised that you can activate the e-gate service on the Emirates ID card and use it .. Cont.
— Emirates ID (@EmiratesID) November 8, 2012

@securlinx over all UAE airports. Please find more about e-gate service on: bit.ly/Ssg4F4
— Emirates ID (@EmiratesID) November 8, 2012

They’re saying that the e-gates and the national ID systems are, in fact, interoperable.

The question, however, of why the holder of an Emirates ID must proactively link their ID to the e-gate system remains. So let’s take a look at what automatic recognition of every Emirates ID at e-gates would mean.

For all Emirates ID’s to work automatically and by default with all e-gates at all UAE airports with a high degree of security and accuracy, the UAE central ID database would have to either:

(1) be available to hardware (e-gates) located at all airports at all times (in order to compare information on the card with information in the database) or

(2) regularly update all e-gate hardware with copies of parts of the central database information (the parts relevant to travel) on all residents at all UAE airports.

There are actually some pretty good reasons you might not want to do either of these things, database security first and foremost among them. Regarding a national ID central database, a conservative approach to information sharing would yield an attitude that the least amount of information should be shared that still allows the desired service to be provided. Right now that seems to mean that only a small slice of information held by the Emirates ID Authority about a small slice of the population is shared to the e-gate system on an opt-in basis.

Like we occasionally say around here, ID management technology is a powerful tool. The management part is very important though. People — human managers and decision makers — give its use meaning. Perhaps one day ID information will be shared ubiquitously and securely to provide extremely high levels of citizen services without requiring much if any forethought from individuals. It looks like that’s the way the world is heading, however haltingly. But it’s also easy to see why a government, especially an early adopting one, would want to take a step by step approach toward getting there.

Of course, one could still quibble with other management decisions such as the fees or the extra bureaucratic step involved, but that’s a question of how, rather than why.

I’ll also repeat my earlier praise for the Emirates ID social media presence.
@EmiratesID (by our own experience) and @EmiratesID_Help (by all appearances) are both highly engaged and responsive ways for the public both inside and outside the UAE to learn more about and interact with the Emirates ID Authority.

UPDATE II: 11 NOVEMBER 2012

I’m afraid I was understood by @EmiratesID to be saying the opposite of what I meant as the update above prompted this response:

@securlinx Thank you for sharing your article & feedback with us. On the contrary to your view, there are a few who find this service…cont
— Emirates ID (@EmiratesID) November 11, 2012

@securlinx …useful and beneficial, considering that we are moving forward with our technology and offered services.
— Emirates ID (@EmiratesID) November 11, 2012

That’s not contrary to our view, at all. We take @EmiratesID at its word that “there are a few who find this service useful and beneficial…” In fact, I’m quite sure they’re being modest.

Of course, some complaints are inevitable with ID and airports. I don’t wish to elevate one person’s confusion as the issue. The interesting things about the 7 Days in Dubai piece that inspired this post are the questions it provokes about how high-tech ID systems work, why they work the way they do, and the importance of efforts to help and explain things to stakeholders.

For the e-gates to work in the way that “Confused, UAE” expected, database practices that many would consider unwise would have to be put into place. Given that the technology is new and that the UAE is an early adopter of a more high-tech approach to ID, it is important to strike a proper balance between convenience and service on the one hand and data security on the other. The Emirates ID Authority is by all appearances serious about striking that balance and possess the abilities to do so. It is therefore not surprising in the least that many (even the vast majority) of Emiratis find the technology and services offered by the Emirates ID Authority extremely useful and beneficial.

I am aware of no evidence that the EmiratesID Authority is “doing it wrong” and there is plenty of evidence  that they are doing it right. That includes their responsiveness as an organization and I thank them for it.

[Edit: In the case that someone at EmiratesID (or anyone else for that matter) wants to respond more expansively than allowed by Twitter’s 140 character limit, I can be reached at blog@securlinx.com and would love to hear from you.]