The requirement to gather information on travelers crossing borders isn’t new. Still, it’s something that governments worldwide want to prioritize even more.
A vivid example of this is the EU, which is already in the process of implementing the Smart Borders program. This initiative includes the development of two automated IT systems:
EES, or Entry/Exit System, aims to replace manual passport stamping and automate border control procedures. The launch is planned for November 2023.
ETIAS, or European Travel Information and Authorization System, is intended for visa-exempt non-EU nationals to apply for permission to enter the EU before their planned journey. The launch is planned for 2024.
These steps are consonant with the Integrated Border Management Concept for the next 5 years, which was updated in March 2023. The initiatives include supporting border controls through large-scale IT systems and inter-agency cooperation.
Surely, the EU isn’t the only region which is making steps towards further automation of border management systems for collecting information on travelers. Regardless of the country, these initiatives have one thing in common: the determination to establish a solid tech foundation for gathering a wealth of identity information.
What is Advance Passenger Information (API)?
Advance Passenger Information, or API for short, is a combination of a passenger’s personal information presented in their government-issued identity document and travel details. This information is provided by carriers to authorities in advance of the passenger’s arrival at their destination. API includes but isn’t limited to:
Date of birth
Travel document type and number
Code of transport
Port of border crossing
Port of initial embarkation
Departure and arrival date and time
The exact list varies depending on the destination country’s requirements. Travelers to the US, for instance, have to additionally provide the address of their first night spent in the country.
API may also include the data on the crew and the flight, such as the total number of passengers.
What challenges at border crossings does gathering of API address?
Providing information about passengers and their journeys before they travel is required for security reasons. Namely:
Combating irregular migration. API allows you to check eligibility to enter the country before the actual travel.
Preventing or investigating other crimes, including terrorist attacks. API helps security agencies identify suspects, conduct profiling to spot suspicious individuals, and track non-obvious connections between passengers.
Reducing times at disembarkation and accelerating processing at borders.
Technologies that can boost the effectiveness of border management and API collection
API is a great data source for security agencies in the host country. It lets them know exactly who is coming, where, and when. For the carriers, though, it may seem like an extra burden and expense.
The optimal solution would be combining API collection with the check-in process during automated boarding without manual control. The passengers go through all the steps of document verification, face enrollment, and liveness check via a mobile or web app. Then they arrive at the airport and go straight to the boarding gate, where they’re asked to look into a camera. The system looks for them in the passenger list and checks if everything is alright; if so, it lets them through.
This way, carriers can board more passengers faster—which is key for popular high-load destinations—and cut costs on flights. It’s also a boost for customer experience, since people appreciate the opportunity to hang out in the duty-free zone rather than standing in lines.
So, what exactly is needed to have such a process in place? Since even the same technology provided by different vendors may include different things, we’ll illustrate each point using the example of Regula’s technologies. It’ll give you an idea of what to look for in an effective solution for collecting Advance Passenger Information.
1. Automated data entry
The idea behind Advance Passenger Information isn’t the fact of collecting data for the sake of data but to make sure it’s of high quality. The European Commission, in a recent proposal, explicitly states that carriers will have to reach this goal by collecting API by automated means only. Still, all tools for data entry automation aren’t created equal.
Regula’s database of document templates, the world’s largest, allows solutions powered by Regula to automatically identify the type of a document and its country of issuance and effectively read it. Then the technology verifies all the data sources within the provided document and can export the data to any form or system for further processing.
Also, since Advance Passenger Information can be submitted remotely, it’s important to control the process of document capture to ensure the credibility of the data. Regula Document SDK addresses this challenge, too, and performs these three operations before actually retrieving the data:
Quality assessment. The provided photograph shouldn’t be dark or blurry, no parts should be covered with fingers, etc.
Quality enhancement. The technologies can adjust brightness and contrast, or, if the image is shot at an angle, it’ll be deskewed without affecting the readability of the data.
Document liveness check. This is a confirmation that the photo is of a real genuine document and not from a fake scan.
2. Extended data capture capabilities
Given the fact that identity documents are highly structured, using tools with an OCR engine under the hood can boost both the speed of data entry and processing and the accuracy of the collected personal data. However, the EC proposal also contains requirements regarding the completeness of the data and the effectiveness and reliability of the analysis. This is something that is beyond the scope of ordinary OCR.
The thing with identity documents is that they typically contain plenty of information encoded throughout the document in addition to the text in the visual inspection zone. Here’s where document parsing—the ability not only to read the data but also structure, analyze, and validate it—comes in.
First of all, data parsing delivers highly structured output, so you don’t have to manually sort and label before you can further use it. Each field and element is assigned a type. Thanks to this, you can scan a document and instantly retrieve the specific information you need, say, a full name.
Secondly, it can process not only text and numeric fields, but also extract images, such as a photograph, a ghost portrait, or a signature. Scenarios for further use of these pieces of information can vary from simply storing them in a database to comparing them against samples from other sources.
Last but not least, the data from different sources within one document is often duplicated. For example, the national passport of Switzerland gives you at least four different opportunities to recognize the document number. That means a fraudster needs to change it everywhere without leaving a trace, which requires much knowledge and skill. That’s why it’s important for a solution to be able to read all the sources, verify and cross-validate them, and automatically authenticate the document. So, if someone alters their date of birth in the visual inspection zone but fails to update the machine-readable zone, it’ll be detected.
A big plus of Regula Document Reader SDK is that it can also read and verify electronic identity documents via NFC-based verification of an electronic (RFID) chip, even remotely.
Following the zero trust to mobile policy, the solution removes risks of fraud thanks to additional server-side re-verification: it re-checks an electronic chip’s genuineness and the results of processing information from the mobile device on the server, which leaves no chance of forgery. As a result, you get the most complete and accurate data possible, and make sure it’s valid at the same time.
3. Automated document authenticity checks
While the methods of gaining control over rising numbers of migrants and refugees are beyond the scope of this article, there’s one thing to keep in mind: when there’s a spike in migration, there’s a spike in fraud. Unfortunately, as ID documents become more protected, attempts to cheat the system are also getting more sophisticated. Facial morphing is just one example.
Furthermore, there are thousands of ID document types in circulation worldwide. Regula’s database of document templates currently includes over 12,000 items. Even the most professional border guard can hardly remember the specifics of every document from every country. However, the time to decide whether a traveler is legitimate or not can be as little as 12 seconds.
Given the above, equipping border control points with forensic devices that automate detecting counterfeited IDs is the top priority. These devices are not intended to eventually replace human guards, only to allow them to work as effectively as possible. Not only do such technologies speed up the whole disembarkation process, but they also add an extra protection layer. If a fraudster manages to get through, they will be able to start the naturalization process—getting a tax number, opening a bank account, etc. After this, it’ll be much more difficult to debunk the fake identity.
4. Secure data handling within your perimeter
Personal information is a sought-after commodity on the black market, so there’s no better solution currently than processing the API data within your own secure perimeter. It’s important not only to protect the passengers’ information itself, but also the results of its examination, as it may also be of great interest to attackers.
When you use an on-premises solution, all the data is on the client’s side, so you can organize its processing and store it in full compliance with local legislation. It also serves as a safeguard against data leaks, which is a prominent risk involved with using cloud SaaS solutions.
5. Data reusability
Combating irregular migration, as well as preventing all sorts of crimes, requires coordinated actions from different organizations. This involves, among other things, the secure transmission of gathered data to national authorities, as well as keeping track of records of conducted checks.
Criminals tend to try to reuse the documents and document templates available to them. For example, they can use the same document series and number, but with a different name or photograph. To tackle this, Regula allows you to log the unique data of each verification session. This enables you to return to any history of checks of a certain document in case of any questions or doubts later on.
What about biometrics in border management?
Formally, biometrics isn’t a part of API. However, validating identities, particularly by using fingerprints or facial recognition technology, is an important part of secure border management. Many governments are actively implementing biometric border management systems, or have such plans. US Customs and Border Protection, which has already been testing a facial recognition program, is reported to be planning the integration of facial recognition technology into all ports of entry by 2025.
The idea behind it is to increase security with more reliable traveler identity verification, in which travelers’ live biometrics are compared to those previously captured—from their IDs and other databases, e.g., databases of suspects or all sorts of watchlists. Biometric verification also enables using eGates and other self-registration means for border crossing. All of this facilitates advanced risk assessment and improves security.
The bottom line
Security isn’t limited to a single check. Even facial recognition programs or NFC verification alone can’t guarantee reliable results if they’re not backed up with other identity verification methods. The more attributes you can check and verify, the safer the borders and everything that comes after crossing them.
Regula has been effectively tackling identity verification and authentication challenges for over 30 years. This expertise is the foundation of a complex approach, empowering you to deploy best practices at all passenger touch points, from live interaction with a border control officer to remote online check-ins via mobile apps. Regula’s solutions already protect over 80 borders globally, so don’t hesitate to contact us if you need a piece of advice on enhancing your passengers’ experience and security.