Data suggests that for every minute a customer is in a retail area and not stuck in a queue, their non-aeronautical spend increases by 2.5%. While OneID reduced queue time, it also allows retailers and other airport operators to securely access masked passenger preference data to customize offerings and increase revenues. It helps improve understanding of passenger profiles while protecting passenger privacy.
With obvious advantages, airports are definitely willing to adopt OneID. However, the road to adoption is not so easy.
System standardization and the data security conundrum
To enable a global OneID, there needs to be widespread adoption that depends on two factors – standardization and security. Unless all biometric systems and data sets are standardized and in sync, providing seamless identification across geographies will be a challenge. For the fragmented pilots now available, you may go through a great experience in one country to only land in another and having to produce your paper IDs again.
An even bigger challenge to OneID adoption is the security. The whole concept is centered on sharing and verifying passenger information securely. Increasing regulations around protection of personal data such as GDPR have also put tighter controls on handling of personal information. In light of recent data breaches, people themselves are jittery about sharing data. Unless a secure data sharing system is in place, passenger data will remain in siloes and OneID will remain a dream.
Securing the future of OneID
While Blockchain has potential applications in solving the challenge of secure transactions, we believe a more robust cybersecurity approach is needed to build trust in the system.
A comprehensive approach would be to mask passenger data and disclose it only where needed and allowed. For example, when the passenger is making a transaction, only the information vital for that particular transaction is made available. At no point in this journey will the passenger be asked to share their OneID number with any stakeholder. The validation will happen purely on biometrics.
At Wipro, we are working with industry players to create a trusted ecosystem. Our Identity Management Framework is designed on the principle of “decentralized AI” to enable a seamless passenger experience through the airport by setting trust networks among diverse stakeholders across Public and Private Domains. These trust networks are based on Zero Knowledge Proof and will only consume or share the required amount of passenger identity information needed to help process the transaction and ensure privacy in line with GDPR norms.
The identification, authentication, and access are based on a biometric solution. At every transaction, a code is generated to act as a link between OneID and the transaction triggered by the validation of a biometric system.
Assurance levels defined by the by ISO/IEC 29115 Standard describe the degree of confidence in the processes leading up to and including an authentication. This enables the stakeholders in the network to process the transactions at each handshake and provides assurance to the individuals for processing.
Ultimately, OneID is a trust framework that allows aviation stakeholders access to a dependable digital identity. Without a holistic security framework in place, the whole concept of sharing data across borders and to multiple stakeholders is fallible.