The search for Malaysia Airlines flight MH370, which disappeared close to a week ago, is yet to find any conclusive trace of the missing aircaft. But the revelation that two Iranian passengers on the flight were travelling on passports reported stolen from an Austrian and Italian has put a glaring lapse in airport security in the spotlight.
More than one billion people are estimated to have travelled internationally in 2013, according to the UN’s World Tourism Organisation. The International Civil Aviation Organisation (ICAO), a United Nations body that regulates air transport worldwide, reported that around 3.1 billion people travelled by aeroplane in 2013.
The numbers are immense. As a result, so too are the security challenges for airlines, immigration and airport security agencies.
The airline and Malaysian immigration officials have been subjected to intense criticism over their alleged failure to detect the two passengers travelling on false documents.
However, as various intelligence organisations have demonstrated, faking passports remains the art of the possible. Malaysia is one of many countries that has difficulty in policing passport fraud.
The future is biometric
Biometric, or electronic passports, combine paper and computer chips containing information that can be used to authenticate the identity of travellers.
After the September 11 terror attacks, ICAO undertook a wide-ranging review of airline and airport security. The review’s attention focused on passports. In 2003, the criteria for biometric passports were established and the US, Pakistan and several European Union countries were quick to adopt biometric passports. Australia and New Zealand introduced electronic passports in 2005.
However, many countries have been slow to adopt them. Canada made biometric passports mandatory only last year. Many African countries are yet to do so. Israel has only a pilot program for biometric passports and won’t be fully biometric until 2015 at the earliest.
Even then, because passports for most countries are valid for ten years, millions of pre-biometric passports can still be easily forged by intelligence agencies and criminals.
Although strict criteria govern the data included in electronic passport chips, some countries choose to exclude either facial recognition, fingerprints or retinal scan data.
Interpol has revealed the volume of lost and stolen passports is monumental. More than 40 million lost and stolen passports are registered in its database. Yet immigration and border control officials in most countries simply don’t cross-check passports with the database. Interpol says fewer than 20 of its 190 member countries do so.
Are airports really secure?
An irony of airline security is that passenger baggage tends to undergo more rigorous scrutiny than the passengers themselves. During peak travel times at major international airports, the average time airline or immigration officials take to check each passenger’s identification is generally a few seconds.
Frequent flyers are well aware that when passengers board a plane, airline officials will normally subject passengers and their passport photos to a cursory glance. Rarely, if ever, will the biometric chip be checked by airline staff before a passenger boards a flight.
The revelations from MH370’s disappearance may lead to a temporary heightening of security protocols. However, thorough checking of passport and passenger ID credentials requires trained and vigilant border control and airline staff.
Unless training and competency of these staff can be globally mandated by the ICAO – or by national governments – passport identity fraud involving international airline passengers will be a challenge for years to come.
The ICAO expects all of its 192 member countries to introduce machine-readable passports by 2015, but there is still no international deadline for the introduction of biometric passports.
This means some people could be using old-fashioned passports until 2025. Even then, there is no absolute guarantee biometric passports are any more tamper-proof than a host of other computer-based security measures which apply to credit cards and customer databases.