Identity Management Supplement

Fusion Frenzy

Combined sensor technology to help airport security

• By Yotam Margalit
• Jan 24, 2007

IN U.S. airports with one or more checkpoint areas, security officials have probably never thought of themselves as ID managers.

Most often referred to as greeters, they are tasked with identifying passengers by their photo ID or passport, along with a brief check of their boarding card, to verify that each passenger is rightfully attempting to enter a controlled airport area. But these agents are currently not equipped with effective tools to detect forged documents.

Such a solution can be expected to perform faster, higher quality security identification checks, complementing existing protocols with automated explosives and other threat detection capabilities.

Detection systems fusion protocol (DSFP) -- an emerging methodology for the connection of multiple security sensors and intelligent communication between them and other systems -- is poised to change that.

From an operational standpoint, more and more passengers today are growing accustomed to interfacing with quick and efficient aviation kiosks of various types. In the same way that retrieval of boarding passes at automated kiosks can save time and effort, deployment of ID kiosks as a replacement to at least a portion of the greeter function reduces the lines -- and staffing needs -- at the entrances to checkpoints.

From a cost perspective, at about $130,000 per unit, an ID kiosk is a cost-effective alternative to human resources that might better be deployed to perform other tasks. Such a future kiosk would be a freestanding, data-integrated unit, likely be deployed in groups of up to five units, depending on traffic demands, per checkpoint area. It will be able to perform several security tasks, including validating the identity of a passenger by comparing the passenger?s government-issued photo ID with a digitally captured picture of the passenger's face. It also will verify the ID document presented by the passenger is both authentic and current. Using a link to airline databases, the kiosk also will verify the passenger's boarding card is valid and current.

The ID kiosk also will be able to scan the passenger for presence of explosives using a trace-based finger sampling technique. A quadrupole resonance-based shoe scanner will scan for explosives and other threats in passengers' shoes. Taken together, advent of the technologies leads to elimination of shoe- and jacket-removal requirements at some checkpoints.

The data collected by various sensors in the ID kiosk will then be associated with the passenger's ID number -- taken from the boarding card or other travel document -- for the purpose of optimizing the effectiveness of downstream security checks and passenger flow.

Such a solution can be expected to perform faster, higher quality security identification checks, complementing existing protocols with automated explosives and other threat detection capabilities.

Data Management Prowess
The kiosk document processor, a module within the ID kiosk, will extract data from various ID documents, standard and non-standard travel documents and driver's licenses. It will obtain the passenger's name and other ID information while providing an indication of suspected document forgeries.

The ID kiosk will process the data from the ID document and compare its information with security information databases in order to automatically define the passenger's required security screening level. The kiosk also will identify the country of origin of the ID document and address the passenger in their own language.

At the GE Global Research Center, developing the feature, there are plans for a two-phase program focused on enabling automatic verification of photographic IDs. In the first phase, an initial prototype system will use a commercial, off-the-shelf facial recognition engine to compare an actual image of the traveler and the presented ID's photo.

However, GE officials believe there is considerable room for improvement over generic face recognition approaches. If a face-ID verification engine tuned specifically for the ID kiosk is developed, greater accuracy can be achieved.

Most facial recognition engines are designed for searching large databases as opposed to verification of a given match. Thus, a match score is defined for each comparison, and decisions are made based on a threshold. However, in verification, problems are associated with people trying to impersonate the true owner of the photo ID. This suggests a discriminative approach, which attempts to maximize the margin between true and similar matches.

In phase two, an ID verification engine will be developed specifically for the ID kiosk application. To do this, GE Security has developed the DSFD methodology for connecting multiple sensors, as well as a communication protocol to optimize system communication.

DSFP is a small software plug-in that could become the first industry-wide sensor fusion standard. It defines how systems exchange data, make decisions, and merge decisions and inputs.

The DSFP protocol can help get sensor fusion up and running in the security industry. Its simplicity can save manufacturer research and development costs and shorten the time to market for new sensor combinations. DSFP gets all sensors to speak the same quantitative language and provides the means to integrate intelligence and other non-sensor data into multi-sensor systems.

DSFP quantifies risk by assigning the threat status of a person/passenger or bag a numeric value -- a threat state. Sensors using the DSFP protocol can refine the threat state without the need for an external computer to do top-level information handling. The process is referred to as threat-state propagation as the state of the threat, on a per-item basis, propagates from sensor to sensor while becoming more accurate with every step.

For example, as a passenger and their bags pass through multiple systems or sensors, the sensors collect and share information. The threat states for the passenger and bags move from sensor to sensor, being increasingly refined and more accurate with additional real-time information.

The resulting threat states then more accurately indicate risk than standalone systems. Such a system can reduce false alarm rates, as well as speed up the security process for the entire system.

How ID Systems Operate
The ID kiosk will interact with passengers through a driven-user interface. Through its graphical user interface, software will guide passengers through a series of actions, such as touch the trace explosives detector sensor button, place identification on the KDP or scan boarding passes.

The ID kiosk will be networked to a database application running on a remote computer. Passenger data, including items such as a bar-code identifier, explosive trace detection results, photograph, facial recognition match and documentation verification, will all be readily available for query. Using the passenger's boarding pass barcode to make a query, data can be retrieved, or when new data is available, it can be added to the passenger record. Such an ID management program allows a dynamic record to follow a passenger navigating the security process, allowing the process to adapt to threat probability.

In the sensor-fused airport environment of tomorrow, no longer will greeters be assigned a task virtually impossible for humans to successfully undertake, especially hour after hour. An automated system will not only detect and determine activities the human eye cannot detect, but it will additively sum together any and all discrepancies noted during the screening process. From bomb detection to fraudulent entry -- or exit -- automation of the ID management process will increase both safety and passenger convenience.