Your Next Boarding Pass Could Be Your Face

Airlines say tests of facial recognition tech at the boarding gate are winning smiles and thumbs-up from passengers, but civil libertarians urge caution.

Your Next Boarding Pass Could Be Your Face
[Photo: Flickr user Juli Crockett]

For frequent flyers, anything that speeds their way through the nightmare of a crowded airport is a good thing, no? The latest effort toward that end is the expanding use of biometrics: The passenger’s face, essentially, becomes their boarding pass. Goodbye paper. Goodbye apps.


Airlines have started testing facial recognition technology and selling it as a speedier way to check in baggage, zoom through security, and board the plane. And it is. But there is another side of the story, one that has civil libertarians concerned it will erode Americans’ privacy, all in the name of security.

Privacy advocates worry that the face-as-security key may one day be the norm—and not just when taking to the skies. That has them pushing now for legal standards that govern how biometric data, including finger and palm prints, are in place to govern what becomes how the data is stored, and who can access it.

“The cornerstone for us is consent, and not just for the initial collection but also consent for what they’re doing with it,” says Adam Schwartz, a senior staff attorney with the Electronic Frontier Foundation.

Trump Accelerates Tests

The U.S. Department of Homeland Security started examining the proposed wide use of facial recognition tech under former President Barack Obama. And President Donald Trump’s  controversial executive order limiting immigration includes a clause calling on the Homeland Security secretary to “expedite the completion and implementation of a biometric entry/exit tracking system.”

DHS’s Customs and Border Protection agency, which is tasked with civilian air travel security, has since rolled out tests of the program at several major international airports— including John F. Kennedy in New York, Washington Dulles, and Chicago O’Hare. The agency compares passenger photos digitally stored in their passports’ microchips to images captured at the airport. Among the goals is better tracking visitors who overstay their visas. CBP says images of U.S. citizens are discarded “after a short period of time,” though critics warn the agency could change that restriction at any time.


In late May, JetBlue started working with CBP and the Geneva-based airline IT provider SITA on a pilot project that lets customers board flights based only on CBP’s facial recognition, so JetBlue gate agents don’t have to examine their physical boarding passes and passports. Customers don’t need to enroll in any special program to participate, since their faces are compared against their existing passport images.

[Graphic: courtesy of jetBlue]
“Customer response and opt-ins have been positive since the launch of the pilot program,” a JetBlue spokesperson said in an email to Fast Company.

Delta has announced pilots with CBP at JFK and Atlanta’s Hartsfield-Jackson International to test systems that photograph passengers’ faces as they scan their own boarding passes. The airline also last month announced a separate test program letting passengers use their fingerprints to board flights at Reagan Washington National Airport.

Those passengers must be enrolled with CLEAR, a company that for $179 per year lets frequent flyers use their fingerprints or iris images to access expedited security clearing at certain airports, and they must be members of Delta’s SkyMiles program. The airline plans to allow them to use their fingerprints to check bags at Reagan National as well, with no need to present IDs or boarding passes.

[Photo: courtesy of CLEAR]
“Once we complete testing, customers throughout our domestic network could start seeing this capability in a matter of months–not years,” Delta COO Gil West said in a July statement. In a separate trial. CBP has also implemented some facial recognition scans for travelers through its “1-to-1 Facial Comparison Project” at JFK and Dulles.


The “Biometric Pathway”

It’s where this all goes that has privacy advocates really concerned. CPB officials have begun talking about not just a “biometric exit” procedure, but a “biometric pathway” that employs facial identification at multiple points, starting with the passage through security.

Airlines, their tech providers, and government agencies say biometric scanners will free up employees to provide more one-on-one assistance to customers, instead of having to scan boarding passes and check faces against passports.

“Basically, by eliminating the need for those documents, the agent can get out from behind the counter,” says Sherry Stein, who heads SITA’s identity management project.

Civil libertarians caution these programs could quickly become mandatory for all air travel and suggest that without checks on the tech, it could be used to hold someone on a low-level warrant or outstanding traffic ticket.

“From our perspective, there are a lot of questions and not yet enough answers about how this is going to work, and whether this is going to respect people’s biometric privacy,” Schwartz says.


Privacy groups want biometric data carefully regulated, even for opt-in programs. They warn that it would be easy for facial images to be repurposed for tracking people outside of the airport, even without their knowledge or consent.

“If I’m walking down the sidewalk, you can’t take my fingerprint without my knowledge or permission, but you can take my photograph,” Jay Stanley, senior policy analyst at the American Civil Liberties Union, tells Fast Company. “I think that customers of companies who are doing face recognition programs like that deserve to fully understand what the connections are and what the potential implications are before they agree to something that at first seems like a fun, easy convenience.”

The CBP hasn’t disclosed many details about how its facial recognition tools work. A 2015 document said that the facial comparison used for people entering the United States looks at “over 80 facial features” including jaw length, cheekbone size, and distance between the eyes. CBP Deputy Executive Assistant Commissioner John Wagner recently told privacy groups that the biometric exit face scan system has a roughly 4% false negative rate, meaning 4% of passengers with legitimate passports would be referred to additional screening.

“Overall, it seems very strange for the government to be going all-in on a technology with such a high inaccuracy rate,” Stanley wrote. “And Wagner’s 4% number was provided without evidence; the government should make its face-matching algorithms public so that independent studies can be made of their reliability, including ethnic and other differences in that reliability.”

“Coercing People Into Biometrics”

For airlines, the expanded use of biometrics is being embraced, even if still in the test stage. “Self-boarding eliminates boarding pass scanning and manual passport checks,” said Joanna Geraghty, JetBlue’s executive vice president for customer experience, when the program was announced. “Just look into the camera, and you’re on your way.”


“Delta is always willing to partner with the CBP as it continues testing new technologies to improve its processes,” COO West said in June, when announcing its facial recognition pilot programs. “It’s spirit of innovation aligns with Delta’s as we continue pioneering our own biometric customer experience solutions to enhance the airport travel experience for customers while giving employees the ability to focus on higher-touch customer needs.”

There’s another potential plus for airlines in expanding biometric scans: reduced staffing costs.
And if those cuts make taking the old-fashioned route through the bag check or security line takes significantly longer than the automated, biometric-based path, that could make even ostensibly opt-in program somewhat less than fully consensual, says Schwartz. “That’s not really voluntary choice,” he says. “That’s coercing people into biometrics.”

Caryn Seidman-Becker

Airlines and their partners say they have privacy policies and security plans in place to protect consumers and make customers fully aware of how data will be used. CLEAR, for instance, says it will only share biometric data with agencies and its own contractors in order to perform background checks and otherwise make the program work. And customers can request their data be deleted if they leave the program.

“We never sell or rent personal information about our consumers,” the company’s privacy policy says.

“This is an opt-in program, and we are very public with our privacy policy, our terms, and conditions,” says CLEAR CEO Caryn Seidman Becker. “We’re a customer-facing company.”


Ideally, Schwartz says he’d like to see legislation setting limits and disclosure requirements across the board: “I think that we are rolling out new technologies sometimes faster than we are adopting good public policies to regulate these technologies.”

About the author

Steven Melendez is an independent journalist living in New Orleans.