Identity Access Management Innovation Takes the Magic Out of Authentication Automation

Subscribe To Download This Insight

By Ryan Martin | 1Q 2018 | IN-5040

Imagine getting to the airport for an international flight and boarding the plane without having to show your passport or boarding pass. Creating such a solution is one of the line items on the U.S. Customs and Border Patrol’s (CBP) five-year plan, and advances in biometric authentication are believed to be the key ingredient. But if the idea is to replace every part of the process where a paper ID, ticket, or tracking number would normally be fashioned, there also needs to be a database to authenticate front-end user inputs. This is one of the reasons why international rather than domestic air travel is first on the docket; there is not a central repository for state-issued IDs.

Registered users can unlock up to five pieces of premium content each month.

Log in or register to unlock this Insight.

 

A Vision for Identity Access Mangement

NEWS


Imagine getting to the airport for an international flight and boarding the plane without having to show your passport or boarding pass. Creating such a solution is one of the line items on the U.S. Customs and Border Patrol’s (CBP) five-year plan, and advances in biometric authentication are believed to be the key ingredient. But if the idea is to replace every part of the process where a paper ID, ticket, or tracking number would normally be fashioned, there also needs to be a database to authenticate front-end user inputs. This is one of the reasons why international rather than domestic air travel is first on the docket; there is not a central repository for state-issued IDs.

This Executive Foresight explores the impact of opt-in economics on the smart workforce by drawing on parallel developments in analytics, machine vision, and voice.

Why Automate?

IMPACT


The U.S. Department of Homeland Security (DHS) uses Form I-94 to document the arrival and departure, lawful admission, and terms associated with an individual’s approved length of stay. Historically, it was up to the individual traveler to obtain and maintain the I-94 card as the official record of admission and permission to remain in the United States. This is different than a visa, which would be issued to an individual by a U.S. consular officer outside of the United States. A valid visa does not necessarily guarantee entry into the United States; it is up to CBP to determine whether an individual may enter and for how long he or she may remain in the country.

The DHS rolled out a program to automate the I-94 process for foreign nationals entering the United States by air and sea in 2Q 2013. Since then, rather than issue paper Form I-94s, CBP creates an electronic record of admission and places a stamp on the foreign national’s passport, indicating the date and port of entry, immigration category, and status expiration date. The digitization of this process alone saves CBP an estimated US$15.5 million per year. It also saves an average of eight minutes for each passenger that would otherwise need to fill out the paper I-94 Form; US$330 for filling out an I-102 Form, required for lost I-94 cards; and the 25 minutes it would take to fill out the I-102 Form if an I-94 is lost.

Another key improvement is quality, specifically the quality of data. Form I-94 automation greatly reduces data entry errors compared to manual data entry by CBP. Previously, CBP mailed I-94s from each port of entry to a processing center, where they would be manually entered into the DHS database. This process took anywhere from five days to a matter of months and offered little visibility into a traveler’s whereabouts upon departure. Today, it is all done online:

  • The electronic I-94 is created when a traveler enters the United States at the time the CBP officer pulls information from the traveler’s Advanced Passenger Information System (APIS) record and enters any additional information obtained during the inspection process.
  • Any information the CBP officer would have written or stamped on the paper form at the time of admission is entered in electronic form, and then matched to the Arrival and Departure Information System (ADIS) record to corroborate the trip.
  • The ability to catalogue and match electronic I-94s across the APIS and ADIS databases improved security, processing times, and data entry issues (e.g., it has helped federal agencies such as CBP determine departure dates left blank in pre-2013 entries).

Operationalizing the next phase of CBP’s automation aspirations was once thought to require technologies that have not yet been invented. Fortunately, that simply is not the case anymore.

Customs is currently conducting biometric tests at three airports: Atlanta, Boston, and Los Angeles. Today, for every passenger on a flight, the airline provides CBP with advanced information—name, date of birth, and passport number. With that information, CBP goes back to the passport and visa databases to query the associated headshot, which is then parked in the cloud. As a traveler boards the aircraft, a picture is taken. That picture is then compared to the manifest of the particular flight. Once it is matched, the traveler can board the aircraft without scanning a boarding pass or scanning a passport. Authentication enables automation.

From Verification to Continuous Authentication

RECOMMENDATIONS


Disney did something similar with its Magic Band wristbands, which are issued to every park and resort-owned property visitor for everything from payments to event and room entry. Paired with the right information on the backend—name, address, credit card number, etc.—the Magic Band is essentially another endpoint for integrated identity access management. But it could also be voice (as a passphrase to access online banking systems), a user’s electrocardiogram (EKG) profile (smartwatch or biometric wristband), iris scan, or otherwise.

It is clear that digitizing and integrating disparate systems of record can have a profound impact on operations, but the boundaries are starting to blur: Is it about the physical world being virtualized or the virtual world being embedded in the physical world?

There is no clear answer; it is a combination of the two. Digital twins, 3D printing, and advanced analytics are some of the downstream capabilities that come with this convergence. What is changing, however, is the very nature of these systems of record—from transactional to continuous—and, therefore, the prerequisites for implementing such change. Organizations like CBP found this out when trying to integrate physical-first (real world) passenger interactions with backend information; not only did it need consent, it also needed the ability to automate an interaction. In other scenarios, the backend infrastructure is available, but it is customer and end-user buy-in that is needed (e.g., “May we use your voice to authenticate your account the next time you call?”). But regardless of whether it is a scanner, robot, or digital assistant-enabled call center, there is one thing in common--data. This is the real battleground to put in focus.

Services