United States: The Ticketing Industry and Homeland Security

The first thought that most Americans had upon hearing of the train bombings in Madrid must have been "Oh no, not again."

The issue of security has never been more important than it is right now. Americans watched the horrifying images of the terrorist attack in Spain with sad familiarity, reminded once again that the world has become increasingly dangerous. Just one day after the attack, the United States Department of Homeland Security issued a bulletin warning domestic railroads and local authorities to remain on the lookout for untended bags and other suspicious activity. It was thought that the bombs in Madrid were left in untended bags on the busy commuter trains.

Ever since September 11, 2001, we have been forced to address security concerns across the country and the world. The most common example of this new awareness is air travel. Anyone who has passed through an airport has experienced the increased security measures first-hand.

In 2002, the Academy Awards in Hollywood, California even cancelled their famous red-carpet festivities, forcing all the celebrities inside the theater, where the entire proceedings were deemed safer from possible terrorist attack. Government and other public institutions, sporting events, even museums all share this increased focus on security.

Railroads, airports, theaters, sports arenas, public buildings: all potential terrorist targets connected by a common thread: they all sell tickets.

The ticketing industry today is uniquely positioned to become a major force in the area of homeland security. By leveraging new techniques in biometrics and customer-relationship management to develop the most secure passenger identification systems, the sale and validation of tickets can become the first line of defense against terrorism.

The need for better passenger identification systems is evident.

Air travel security measures have become more restrictive since September 11, requiring additional screening for passengers and their luggage, yet rail travel is largely unaffected. In most cases, passengers arrive at a train station, buy their tickets at a kiosk or other automated system and board the train without ever having their identification or bags checked.

The Airline Industry has made great strides in addressing the issues required to create a unified and shared network of information. Organizations like IATA are to be applauded for creating forums and opportunities toward the development of Industry Standards which allow for high levels of change and improvement in antiquated systems.

Developed over two years by the International Air Transport Association (IATA) CUSS management -the idea behind CUSS is one of interoperability. The system allows different airlines to use the same kiosks, saving on hardware and allowing customers to check in at any kiosk. Although a relatively new effort, any frequent traveler would acknowledge that the self service machines provide a much more efficient means of purchasing tickets, checking in and going about your business.

The Airline Industry has been quick to employ self service technology to add value to the traveler while reducing overall costs of operations.

There are three types of authentication used for security today:

• A specific unique piece of information, such as a password, PIN number or piece of personal information, such as your mother's maiden name
• A physical object, such as a card key, smart card or ticket
• Biometrics

As you’ll see, security improvements and the technologies that support them intersect with the ticketing industry.

Biometrics refers to emerging technology used to identify individuals using physical or behavioral traits. Biometrics is the most secure and convenient authentication tool currently available. A biometric can't be borrowed, stolen or forgotten, and forging one is nearly impossible.

Science fiction is becoming science fact through a variety of biometrics:

• Hand geometry
• Fingerprints
• Retina and iris scanning
• Face recognition
• Voice authentication
• Signature verification

Security systems use biometrics for two reasons: to verify and identify users. Identification tends to be more difficult because the system must search for the user in a database of enrolled users. The biometric that a security system uses depends on what the system is protecting and what it is trying to protect against.

Hand geometry is a biometric that analyzes and measures the shape of the hand. It is considered to be one of the easiest biometrics to apply and use. Organizations use hand geometry readers for a variety of purposes, including time and attendance recording at events, where they are increasing in popularity. Hand geometry can easily be integrated into other systems and processes, and its ease of use makes it a natural choice for many biometric projects.

Fingerprints are unique; each person has their own distinct fingerprint. Passenger verification systems can make use of this kind of technology to screen out potential threats. The growth of self-service ticket kiosks may provide an opportunity to combine modern ticketing with state-ofthe- art identification verification systems.

Imagine a ticketing system that uses smart cards. A smart card has a magnetic strip on the back that contains data about the individual to whom the card was issued. For example, ATM cards are a form of smart card. Now imagine a smart card that contains a fingerprint sensor. Only the person to whom the card was issued and whose fingerprints are stored in a secure database connected to the card-reading system can use the card. A criminal or terrorist who uses a stolen card will immediately trigger a red flag in the system when the sensor on the card fails to read the correct fingerprint.

Retina scanners analyze the layer of blood vessels at the back of the eye, the retina. This is an established technology that involves using a low-intensity light source through an optical coupler to scan the unique patterns of a person’s retina. Retinal scans are very accurate but they require users to look into a receptacle and focus on a given point. They tend to be inconvenient for people who wear glasses or are concerned about putting their eye in close contact with the reading device. As a result, retina scans are not accepted by all users, even though the technology itself can work well.

Iris scanning is a more recent development. An iris scanner analyzes the features found in the colored ring of tissue that surrounds the pupil, the iris. It is less intrusive than retina scanning, using a conventional camera element and requiring no close contact between the user and the reader. Iris scans work with eyeglasses in place and works well in identification mode.

Face recognition analyzes characteristics of a person’s face, using a digital camera to develop a facial image of the user for authentication. Face recognition has become a niche market for network authentication because they require an extra component not typically included with basic computers. The casino industry, however, successfully uses this technology to quickly detect scam artists whose facial images are stored in a facial database on their system.

Voice authentication is not based on actual voice recognition but on voice-to-print authentication, in which complex technology transforms a voice into text. Voice biometrics has a lot of potential for growth because it requires no new hardware (most PCs include a microphone). However, voice biometrics are perceived as not being user-friendly – verification can be affected by poor quality and ambient noise, and the enrollment procedure is complicated. Some industry analysts predict that because people generally see finger scanning as a higher form of authentication, voice biometrics will most likely be used to replace or enhance account names and passwords.

Signature verification analyzes the way a person signs his or her name. Signing features such as speed, velocity and pressure are as important as the signature's finished shape. We’ve used signatures to verify identify in transactions for a long time and people are accustomed to the practice. Signature verification biometric devices, while fairly accurate and applicable to situations in which a signature is the accepted means of identification, have nonetheless not found widespread use.

Many highly secure environments have used biometric technology for decades. Today, the primary application of biometrics is in physical security: to control access to secure locations like rooms or buildings. Unlike photo identification cards, which require security guards for verification, biometrics allow for unmanned access control. Biometric devices like hand geometry readers can be seen in office buildings, casinos, hospitals, and health clubs. Biometrics are also useful in situations that require high-volume access control. For example, biometrics controlled the access of 65,000 people during the 1996 Olympic Games, and Walt Disney World uses a fingerprint scanner to verify season-ticket holders entering their theme park.

On May 8, 2001, President George W. Bush asked Joe Allbaugh, the Director of the Federal Emergency Management Agency, to create an Office of National Preparedness.

Numerous Federal departments and agencies have programs to deal with the consequences of a potential use of a chemical, biological, radiological, or nuclear weapon in the United States. Many of these Federal programs offer training, planning, and assistance to state and local governments. But to maximize their effectiveness, these efforts need to be seamlessly integrated, harmonious, and comprehensive.

When fully operational, the office will coordinate all federal programs dealing with weapons of mass destruction consequence management within the Departments of Defense, Health and Human Services, Justice, and Energy, the Environmental Protection Agency, and other federal agencies.

The Office of National Preparedness will work closely with state and local governments to ensure their planning, training, and equipment needs are addressed.

FEMA will also work closely with the Department of Justice, in its lead role for crisis management, to ensure that all facets of our response to the threat from weapons of mass destruction are coordinated and cohesive.

The Office of National Preparedness supports the Office of Homeland Security (OHS) by providing information on how FEMA coordinates all-hazards preparedness, response and recovery activities for natural and man-made disasters; setting up the Homeland Security- Emergency Support Team; detailing two staff members to OHS, and recently completing a state assessment to provide real-time information regarding state terrorism readiness and planning.

These efforts will help the Office of Homeland Security determine the allocation of funding needed to meet state capability enhancement needs and to ensure Governor Ridge's goal of creating a national strategy to deal with the broad range of terrorism issues that is truly representative of all levels of government.

CRM stands for Customer Relationship Management. It is an information technology that describes the methodologies, processes, software and interconnected capabilities that help your business effectively and efficiently manage customer relationships. CRM is at its simplest level, a database that stores all of your customer information. This detail allows everyone in your enterprise (sales, operations, management, customer support, accounting, the customer) to access information, make projections, develop offerings, address complaints, and improve the customer relationship to maintain satisfied and loyal customers. Instead of information about your most profitable customers existing only in the heads of your best salespeople, accurate and timely information in CRM systems is available to everyone.

CRM systems enhance the relationship between an enterprise and its customers. The ongoing activity is used to improve the enterprise's service to each customer, gaining customer loyalty and increasing profitability. In addition, and of great interest in security concerns, CRM allows venue operators direct and immediate access to data about their customers or passengers. There is a convergence in technology between ticketing, access control and CRM systems which could allow for great levels of security.

The call to action is for the establishment of a unified body of like interested individuals and business to

Summary The world can be a dangerous place. Security concerns abound, especially when people gather in large numbers. How do we verify that a passenger on a train belongs there, that a frequent flyer is who he says he is? How do we verify the identity of a ticketed customer at an event? Ensuring security helps people feel safe and remain safe from the threat of terror, and keeps them coming back to your airline or theater.

The use of biometric devices supported by CRM systems to verify identity has been a boon to those responsible for our security at ticketed venues. The ticketing industry has an opportunity to stay in the forefront of the security issue by embracing and investing in these technologies.

However, these opportunities will not come without their challenges. Chief among those challenges is to balance the need for increased security at ticketed events against an individual’s civil liberties and right to privacy. 

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.