Biometrics are moving from pilot projects and a novelty at a few airports — Sydney, Dubai, Heathrow's Terminal 5 — to becoming mainstream.
This week air transport technology specialist SITA released research (https://www.sita.aero/resources/type/surveys-reports/air-transport-it-insights-2018) which indicates that airports' use of biometric technology is about to explode. According to SITA "71% of airlines and 77% of airports plan major programmes of R&D in biometrics ID management in the next three years".
Biometric systems remove the need for manual identity checks at check-in, baggage drop off, border controls and boarding and should therefore speed the journey through the airport.
Delta Air Lines last week announced that Atlanta Hartsfield would have the US's first fully biometric terminal. https://news.delta.com/delta-launch-first-biometric-terminal-us This means "using facial recognition technology from curb to gate, transforming the customer journey with a seamless travel experience through the airport".
It should speed passage through the airport — Delta's initial trials found that an average of nine minutes per passenger was saved during the boarding process alone.
The biometric revolution encapsulates the collision between passengers' desire to travel through an airport as speedily and stress-free as possible and the serious consequence of any potential misuse of personal data.
Study after study finds that a top frustration for business travellers, especially frequent business travellers, is the time it takes to get through the airport. Any measures that airlines or airports take to reduce that time would be welcomed by both corporate and traveller.
However, like any data, biometric data is open to the possibility of hacking. Hacking biometric data is far more serious than hacking credit card or frequent flyer details. You can always stop one account and open another with a new number.
It would be rather more challenging to get new fingerprints or a new face.
GDPR states that data processors must implement appropriate "technical and organisational measures" to keep data secure. This will be challenging for any organisation which makes use of biometric data but the spectre of a highly public GDPR scolding not to mention the potential fine — fines under GDPR can be up to 4% of global revenues, or £500m in the case of the hack of British Airways passenger data in late summer.
The expectation is that BA's fine will be mitigated by its prompt response — under GDPR hacks must be reported within 72 hours — which included those affected directly.
GDPR will encourage more supplier vigilance but the reality is that any data can potentially be hacked.