/dq/media/agency_attachments/UPxQAOdkwhCk8EYzqyvs.png)
Follow UsAs more air travelers embrace technology-driven, self-service options, that require sharing of personal data, there is increasing concern around the safety and privacy of that data. For airlines and airports to gain customer confidence and loyalty, they will have to demonstrate how they are collecting, using, and securing that data.
With the number of global air travelers expected to rise to 3.91 bn by 2017, airports and airlines around the world are increasingly turning to self-service measures as a way to enhance the customer experience, increase passenger flow, and boost profitability. As the global aviation sector grapples with challenges including rising infrastructure, labor, and operational costs, self-service options such as mobile check-ins, self-bag drop, and automated boarding go a long way toward increasing airport capacity and efficiency, while delivering a seamless passenger experience.
The move toward passenger self-service has received added impetus with industry body, International Air Transport Association's (IATA) Fast Travel program. To address passenger demands for greater choice, fewer queues, and more control, the program aims to make self-service suites available to 80% of global passengers by 2020. In India, air travelers are increasingly embracing self-service options as they seek to overcome the stress associated with areas including check-in and bag-drop, according to a recent CAPA-SITA study.
The driving force behind the adoption of passenger self-service is the rise and convergence of emerging technologies such as mobility and social media, which have changed the way people want to interact with and access information related to their travel. From the airport's perspective, mobility enables them to better manage their business by untethering employees from their desks, sharing key information quickly, reducing costs, and improving non-aeronautical revenue streams.
Given the business benefits and high degree of customer acceptance, several airports and airlines have rolled out ground-breaking self-service options from mobile check-ins to home-printed bag tags to e-passports. All of these solutions require passengers to give up varying degrees of personal information including contact information, financial data, and biometrics. If they are to be trusted and used, airports and airlines will not only need to protect the data they collect-they will need to be seen as protecting it in the way the public expects.
OVERCOMING BARRIERS TO ADOPTION OF PASSENGER SELF-SERVICE
Security is already a top priority in airports, but it has traditionally been tied to physical security-protecting against dangerous goods being taken on flights, preventing hijackings, guarding the facility, defending critical infrastructure, and ensuring passenger and employee safety. However with new identity-based services that are implemented for the benefit of the airport or airline- rather than government agencies such as customs or immigration-security of passenger information will need to be treated with the same rigor and urgency.
So how can airline executives and airport directors cost-efficiently protect sensitive information as it is shared across the value chain? Here are some points to consider.
Limit Data Exposure: The best way to keep something secure is to make it invisible. Today's business users are accessing sensitive company data remotely, not only on company devices, but personal ones as well.
Any device used to access the network is an ‘end point'-whether a desktop PC or smartphone. An unsecured endpoint may allow a cyber criminal to access sensitive data stored on the device or corporate network by collecting and re-using an authorized account or password, or by taking advantage of the user's access when he or she is logged in. To combat this, organizations need to secure their infrastructure by cloaking data communication end points on the network, making them obscure to outside hackers and segmenting the network virtually, not physically; even if hackers could break through the perimeter, they would be contained in a controlled area limiting access and risk.
Provide Access to the Right Users: Passenger, flight, baggage, crew, and other data must be protected at all times-only the right personnel should be able to access and manage certain information, even remotely. Organizations need to segregate data inside the network so that only trusted communities of interest, with the right level of access, even know information is being shared, making it undetectable to others.
Further, to ensure the right people are accessing the network, organizations should consider multi-factor authentication, where the employee is identified not only by ‘what they know' (a PIN or password) but also by ‘something they have' (a token key) or better still ‘who they are' (a biometric such as a fingerprint or face scan) to protect sensitive assets.
Educate Employees: Use an ongoing communication program to educate and remind employees about the potential security threats and the role they play in protecting company infrastructure and data. Employees need to be conscious of their responsibility to protect and secure devices that enable access to the corporate network or sensitive information. Not only do they need to be familiar with the corporate polices, they need to understand that they are mandated and the consequences for not complying with them.
A BALANCING ACT
Even as airports and airlines introduce innovative self-service options aimed at delivering a seamless travel experience, the adoption of these services varies across geographies and cultures. In some countries, there may be a strong cultural preference for the personal touch; in others, travelers may be more interested in receiving informational mobile updates as opposed to checking themselves in; still others, such as India, where there are several first-time travelers every year, there may be a greater need for manned airport desks or roaming check-in agents. Thus, a ‘one size fits all' approach cannot be applied for self-service, and needs to be rolled out based on the target audience's specific needs.
Nevertheless, as the benefits of self-service continue to grow, passengers will increasingly seek out options to make their travel as simple, smooth, and convenient as possible. Adoption of these services will depend heavily on the passengers' perception of the value derived from self-service and most importantly, the safety and security of their personal data. To gain public acceptance of these initiatives, and reap the benefits, airports and airlines will need to demonstrate the steps they are taking to protect passenger's personal data. They will need to clearly communicate with passengers and other stakeholders what data is collected; who has access to it; for what purpose will it be used; how long it will be kept; and most importantly, how it will be secured.