Security technology Watching you Sep 20th 2001 From The Economist print edition What security technology can—and cannot—do about terrorism IN THE wake of last week's terrorist attacks on New York and Washington, all kinds of fancy machines—from facial-recognition databases to advanced luggage scanners to glorified autopilots—have been proposed as technological fixes in the fight against terrorism. So what do such technologies have to offer? One popular option is biometrics. A biometric is, as its name suggests, a measurement of a biological characteristic. Fingerprints are the best-known example, but others include hand geometry, iris scanning and facial recognition. Because biometrics cannot be lost, forgotten or passed from one person to another, and are hard to forge, they are already used widely as security measures. Biometric systems are employed for two main purposes. The first is identification (“who is this person?”), in which a subject's identity is determined by comparing a measured biometric against a database of stored records. The second is verification (“is this person who he claims to be?”), which compares a measured biometric with one known to come from a particular person. All biometrics can be used for verification, but only those that are unique to an individual—notably fingerprints, iris scanning and facial recognition—can be used for identification. As a result, different biometrics are used for different kinds of security check. Biometrics are widely employed for access control—to ensure that only authorised people can gain entry to particular rooms or buildings. Hand-geometry systems, which measure the shape, size and other characteristics (such as finger length) of some or all of the hand, are used to control access and check identities at airports, offices, factories, schools, hospitals, nuclear-power plants and high-security government buildings. Since hand geometry is a verification not an identification technology (people's hands are more similar than their fingerprints), users are required to make a claim about who they are—by swiping a card, for example—before a scan. The biometric template of the person they claim to be (which can be stored on the card itself) is then compared with the scan. A well-known example of the technology is the INSPASS programme, which allows frequent travellers to the United States to skip immigration queues at large airports by swiping a card and placing their hand on a scanner. In theory, this idea could be extended to require passports to contain a hand-geometry biometric, which could be compared with the holder's hand. That would make passports harder to forge. But it would also require international agreement and co-operation over biometric standards. The human factor There would appear to be considerable scope for wider use of access-control technology. In security tests carried out at 83 airports last year by America's Federal Aviation Authority (FAA), attempts to gain access to secure areas succeeded 31% of the time, and inspectors successfully boarded planes in 82 cases. But a report published by the Department of Transportation found that most of these security violations were due to human factors: airport staff failed to ensure that doors closed properly behind them, and did not challenge people they met in unauthorised areas. Biometrics cannot do anything about that. This summer, the FAA proposed new rules under which airport staff could be fined as much as $11,000 for holding doors open for others, or allowing friends into secure areas. Another biometric technology that is starting to appear in airports is iris scanning. This is used in dozens of jails in America to identify prisoners, staff and visitors, ensuring that the right people are let in and out. Iris scanners have also been tested by banks in a number of countries to identify users of cash machines. Since the iris scan identifies each customer, there is no need to insert a bank card or remember a personal identification number. Iris scanners are being tried out in several airports to let frequent flyers step up to a machine and get their boarding cards automatically. But all this does is to make it more likely that the person who gets on a plane is the rightful ticket-holder. The terrorists responsible for last week's attacks appear to have travelled under their own names and with their own passports. Iris scanners would not have stopped them. Facial recognition, on the other hand, is unique among biometrics in that it can be used passively—in other words, an image of a face can be compared with a database of suspects without the subject's knowledge. Such systems, connected to a network of closed-circuit television (CCTV) cameras, are already used to spot criminals and football hooligans in Britain. This summer the same technology was installed at Keflavik airport in Iceland. Joseph Atick of Visionics, a firm based in New Jersey that is one of the leading suppliers of facial-recognition technology, points out that iris scans and fingerprints were not available for last week's hijackers, but pictures were. One of the hijackers, he says, was caught on videotape at a Malaysian airport meeting members of the group that attacked the USS Cole in Aden harbour last year. “What we need to do is to build an international counter-terrorist database with pictures and faceprints for every dangerous individual,” he says. As well as passively scanning airports for known suspects, he suggests that everybody should be required to have a close-up facial scan as they check in, “just as your credit is checked when you buy something with a credit card.” Facing reality The traditional objections to facial-recognition systems—that they violate privacy, and could end up being used to pick out people with overdue parking tickets, as well as terrorists—are likely to be drowned out in the fearful atmosphere following last week's attacks. But according to Richard Smith of the Privacy Foundation, a lobby group based in Denver, Colorado, even if facial-recognition systems were in place, the technology would not be a silver bullet. Most of the hijackers, he notes, were not suspected terrorists, so no pictures of them were available. And in the case of the two who were suspects, attempts to track them down had begun only a few weeks before the attack. He concludes that a breakdown in communications, rather than inadequate technology, is the problem. Another technology that has been the focus of renewed interest is advanced forms of luggage scanner, such as three-dimensional scanners, remote scanners that can look at people at a distance, and scanners with “threat image projection” (TIP). The idea behind TIP is to keep luggage screeners on their toes by randomly projecting a fake “threat image”—in other words, a picture of a knife, gun or explosive device—into occasional items of luggage. When the screener presses the “threat” button, the fake image is removed, and the luggage can be checked again for real threats. In this way, it is possible to monitor the performance of individual screeners. TIP-capable luggage scanners are now being installed in America's largest airports. But however clever scanning machinery becomes, the real problem, once again, is human. Luggage screeners are paid little, and the work is tedious, so that it is hard to concentrate for long. Research by the FAA, which has not been published in detail for security reasons, found that screeners' ability to detect suspect objects is not improving, despite the new technology. In any case, last week's hijackers seem to have used weapons that would not have been picked up as threats by existing scanners. A really determined hijacker, notes Frank Taylor of the Aviation Security Centre at Cranfield University in Britain, could use almost any blunt object, or even a piece of in-flight cutlery, as a weapon. Already, some airlines have switched to plastic cutlery as a precautionary measure. Faced with terrorists who may not be carrying weapons, and are travelling under their own names, another technology that might help to identify them is computer-assisted passenger screening (CAPS), which was first introduced by a number of American airlines in 1998. CAPS uses information from the reservation system, and a passenger's prior travel history, to select passengers for additional security procedures. It has been fiercely criticised by civil-liberties campaigners who accuse it of picking on members of particular ethnic groups or nationalities. Besides, terrorists expect to be questioned at check-in, says Mr Taylor. He suggests that CCTV surveillance should be extended to cover passengers “away from areas where they expect to be observed”. Some of last week's hijackers were reported to have had an argument in the car park at Boston airport. But Mr Taylor admits that this process could not be automated. There would also be privacy implications, plus the usual accusations of bias. On autopilot into the future If spotting terrorists on the ground is so hard, what can be done to make aircraft harder to hijack in the air? Again, there has been no shortage of suggestions. Robert Ayling, a former boss of British Airways, suggested in the Financial Times this week that aircraft could be commandeered from the ground and controlled remotely in the event of a hijack. The problem with this, says Mr Taylor, is that remote-control systems might themselves open aircraft up to hijacking by malicious computer hackers. He suggests instead that automated landing systems should be modified so that, in the event of a hijack, the pilot could order his aircraft to land itself, with no option to cancel the command. Another idea is that existing collision-avoidance and terrain-avoidance systems could be modified to prevent aircraft from being crashed deliberately. But such proposals, says Chris Yates, an aviation-security expert at Jane's Defence Weekly, belong “in the realms of science fiction”. (Mr Yates advocates simpler, low-tech fixes, such as doing away with curbside and city-centre check-ins, and allowing only passengers to have access to departure gates.) In short, for every quick fix, there is an unseen drawback. Clever gizmos can do only so much, and they may also provide a dangerous illusion of invulnerability. No matter how advanced the technology, it has to be backed up with skilled personnel and appropriate procedures. Until now, people's priorities when travelling have been convenience and price, not security. That may change. But the reality is that no technology can neutralise the threat of terrorism. Indeed, nothing ever can. Copyright © 2003 The Economist Newspaper and The Economist Group. All rights reserved.