Travel passports: how to ensure passenger data is kept safe
Join Our Newsletter - Get important industry news and analysis sent to your inbox – sign up to our e-Newsletter here
X

Travel passports: how to ensure passenger data is kept safe

By Frankie Youd 08 Jun 2021 (Last Updated May 14th, 2021 14:28)

In March around 20 airlines began trialling the International Air Transport Association’s (IATA) new travel passport app, which will allow passengers to easily share Covid-19 vaccine and test records for international travel. With the advent of more digital solutions for tracking passengers’ health records, does the industry need to be careful about potential health data leaks, and how does it ensure customer’s safety is protected on apps? We speak to industry body IATA to find out.

Travel passports: how to ensure passenger data is kept safe
Health and travel pass apps are being introduced all over the world in a desperate attempt by governments to allow the aviation industry to take off again, while mitigating the risk of importing Covid-19. Credit: IATA.

Health and travel pass apps are being introduced all over the world in a desperate attempt by governments to allow the aviation industry to take off again, while mitigating the risk of importing Covid-19.

This new technology allows accurate information regarding passenger health to be presented to government officials and airlines such as their vaccination status and test information which is required to allow them to travel.

However, concerns around safety and security of passenger data are a hot topic of discussion for members of the public. Apprehension around data leaks, who has access to private information, and how it is being used are setting off alarm bells for some passengers.

Organisations such as the International Air Transport Association (IATA) have developed their travel pass to follow stringent data protection guidelines, not only ensuring passenger data is safely secured but to also boost passenger confidence.

Standardised testing

IATA have launched their own travel pass initiative to address the challenges governments currently face surrounding opening borders during the Covid-19 pandemic.

The introduction of this platform will not only provide a safe, secure location for passengers to store their test and vaccine data but also have access to information regarding which measures they will need prior to travel. The pass also provides passengers details on where they can go to take a Covid-19 test at verified centres.

IATA are currently creating a registry of all test centres which are government recognised by obtaining government lists for all labs currently running within the country.

To access the travel pass, travellers will download the IATA travel pass app which will require them to create a digital version of their passport. Passengers are then required to go to test centres to either acquire a Covid-19 test or vaccination, leaving them with not only their digital passport on their phone, but also their test or vaccination results.

This information is then run through the IATA system called Timatic – a system which has been used by airlines and travel agents for over 60 years – to verify passenger data and requirements against border control regulations.

The system has now been updated to include worldwide Covid-19 regulations, which allows IATA to compare passenger data to restrictions.

Alan Murray Hayden, head airport passenger and security products, IATA explains: “We look through the data and we say, ‘is this test sufficient for that destination?’

“We’re checking things like; is it the right type of test? Was the test taken the right way? Is the time period correct when it was taken? Then if it’s okay, then the passenger can then share it with the airline.”

 

Alan Murray Hayden. Credit: IATA.

 

Global data privacy

Due to the sensitive nature of the health information being shared via the platform, data security and passenger privacy is of the upmost importance to IATA. The association developed the travel pass with a decentralised identity management system, to ensure all the passenger’s private information and data is stored only on their phone, never externally.

The passenger is also in control of who the data can be seen by, through clicking ‘share now’ on their phone. Once selected, the data is only shared with their corresponding airline, the same as other security documents such as visas, passports, and identification cards.

Hayden explains: “All of the passengers data resides on their phone. We don’t have it centrally, we never see it, we never have access to it. We have software on the phone app which analyses their itinerary and says that you’re flying with British Airways, do you want to share your details with British Airways?

“At that point, the passenger can choose to share it, but the main point is, it’s the passenger who choose to share it. If they choose to share it, it gets sent directly to the airline. It never goes through any other system; we don’t store it.”

Hayden stresses that the creation of the travel pass by IATA was only to assist the industry moving forward, and not to collect traveller information. The data can also be removed at any time by the passenger by simply deleting the app.

“The idea behind this app is to open up aviation again, it’s not to build up a database or intelligence.”

He says: “The idea behind this app is to open up aviation again, it’s not to build up a database or intelligence. We have purposely gone the other extreme where we want nothing to do with passenger data.

“We are facilitating and sharing the data with the airline which you have to do anyway when you go to an airport when you hand over your passport, all we’re doing is making it much more efficient.”

Credit: IATA.

 

Travel pass trials

The IATA travel pass has been successfully trialled on an international flight from Singapore to London. The passenger was able to use the app to manage their travel health credentials which were shared with Singapore Airlines. This demonstrated that the technology can securely and efficiently assist passengers and airlines to manage health information.

In a press release addressing the success of the trial JoAnn Tan, acting senior vice president marketing planning, Singapore Airlines, said: “The first phase of the trials helped to support SIA’s drive towards a secure and convenient industry standard for the verification of COVID-19 test results, and the health status of passengers including their vaccination status, in the future.”

“That gives us the confidence that in the second phase, we can further streamline the verification process for eventual integration into SIA’s mobile application. This will help to provide a hassle-free digital solution for our customers in the new normal and help to bring about a more seamless travel experience.”

The travel pass is currently being trialled by airlines including Qantas, Emirates and Korean Air, which will not only allow IATA to ensure the successful working of the technology, but also ensure the process is as smooth as possible for passengers.