“E-gates of this type open the possibility of harvesting the travel data and biometrics of the population across our lifetimes.”
The past week has seen a spate of articles in the UK on how biometric technologies are about to revolutionise international travel, making it a far more efficient, painless experience. Unsurprisingly, far more column space has been given over to the potential pros than the cons of implementing biometric technologies, particularly facial recognition, at more or less every step of the air travel experience.
First out of the blocks was The Times, a Murdoch-owned outlet, with a piece titled “New Airport Rules Will Get Rid of Boarding Passes and Check-in“.* The article explains how the International Civil Aviation Organisation (ICAO), a global standards-setting UN body, is tearing up existing rules for airports and airlines and creating a new “digital travel credential”, allowing (but not yet mandating) passport information stored on devices to be used for travel:
Boarding passes and the need to check-in for flights will be scrapped as part of plans to overhaul the aviation industry in the biggest shake-up in 50 years.
Passengers will be able to upload their passports to their phone and pass through airports using only their face for verification within “two to three years”…
Checking in for flights online or at the airport will become obsolete. Instead passengers will be able to download a “journey pass” to their phone when they book a flight. It will be automatically updated if any changes are made to the booking.
With no check-in, airlines will be alerted to a passenger’s intention to fly when they arrive at the airport and their face is scanned.
Other British newspapers uncritically amplified the story. Here’s the Independent’s travel correspondent, Simon Galder, shamelessly gushing at the prospect of smiling one’s way through the airport. Your face, he says, “will be your fortune”:
Airport revolution: how facial biometrics and better tech will remove (some of) the pain of going through an airport.
No more "book then check-in later": a journey pass as soon as you buy.
Smile your way through the airport: your face will be your fortune.https://t.co/qxNhXvwbPw— Simon Calder (@SimonCalder) April 12, 2025
Judging by the comments below the tweet, other travellers are somewhat less enthused at the prospect .
“No thank you, this is sinister,” tweeted Helen.
Others asked what would happen if their mobile phone stopped working, the battery ran out or there was an IT outage affecting the airport’s IT systems.
Indy Singh, a software engineer tweeted that he hoped the new systems “work for non-white people,” adding that none of the e-gates I use at airports work for me.”
This is a common complaint about facial recognition systems: they are biased, mainly because the training data on which they are based can include biased human decisions or reflect historical or social inequities. A 2018 study titled “Gender Shades” by Joy Buolamwini and Timnit Gebru, published by MIT Media Lab, reported an error rate for light-skinned men of 0.8%, compared to 34.7% for darker-skinned women.
A 2019 test by the federal government concluded the technology works best on middle-age white men. Between 2015 and 2018 Amazon tried to eradicate gender bias in its AI-based hiring practices, but couldn’t and ended up having to give up. If Amazon can’t eliminate bias in its AI programming, who can?
While the accuracy of facial recognition systems may have improved significantly since then, they are still riddled with biases. As a Washington Post investigation revealed in January, this hasn’t stopped law enforcement agencies across the US from using flawed AI facial recognition systems to wrongfully arrest and jail Americans. In many cases, investigating officers did not bother to gather basic information like alibis and ignored contradictory evidence, even DNA and fingerprints that pointed to other suspects.
Making Smartphones a Mandatory Travel Accessory
One of the companies developing the biometric systems for airports is Amadeus IT Group, a large Spanish multinational IT company that provides software for the global travel and tourism industry. The company told The Times that travellers will be able to download a “journey pass” to their mobile phone, along with a digital version of their passport, to enable each touchpoint to be handled with biometrics instead of physical ID documents and credentials.
In other words, if the system eventually becomes mandatory, which is presumably the ultimate goal, you will need a smartphone to cross international borders. According to the Times article, this system could be fully operational within just three years — in other words, just before 2030:
“These changes are the biggest in 50 years,” said Valérie Viale, director of product management at Amadeus, the world’s largest travel technology company. “Many airline systems haven’t changed for more than 50 years because everything has to be consistent across the industry and interoperable.
“The last upgrade of great scale was the adoption of e-ticketing in the early 2000s. The industry has now decided it’s time to upgrade to modern systems that are more like what Amazon would use.”
That is perhaps not as comforting as Viale presumably intended. The idea of the airports of the future being based around Amazon’s approach to business and customer service implies there will be generally (but not always) high levels of logistical efficiency, all made possible by a blithe disregard for basic standards of human morality and decency.
The ICAO is not the only global standards setter pushing for paperless travel. The International Air Transport Association (IATA) recently announced the launch of its Contactless Travel Directory, which is designed to significantly accelerate the global adoption of biometric travel solutions by streamlining the ability of airlines to integrate and expand biometric services at airports.
The End of Paper Passports?
Traditional paper-based travel documents like passports and boarding passes will gradually become obsolete. At least that is the plan. International Airport Review:
According to the IATA official website, the directory will offer an efficient matchmaking platform, allowing airlines to quickly identify available biometric travel points at specific airports and coordinate these solutions with their partner carriers. The goal is to create a seamless, paperless journey for passengers through critical checkpoints, including baggage drop, security checks, lounge access, and boarding.
In February, the European Union’s Tourism platform posted a report on the EU’s latest plans to launch the Entry/Exit System (EES), “replacing traditional passport stamping with a biometric-based system that records fingerprints and facial scans at external Schengen borders” (emphasis my own):
The Entry/Exit System is a fully automated border control mechanism that registers and tracks non-EU citizens entering and exiting the Schengen Zone. Unlike the traditional manual passport stamping, EES will:
- Collect biometric data (fingerprints and facial recognition scans) at border checkpoints.
- Record entry and exit dates electronically, eliminating reliance on passport stamps.
- Monitor the duration of stay for non-EU visitors to prevent overstays…
While the shift to biometric border control may pose initial challenges, it represents a long-term move towards digitalisation and security in the European travel landscape. Frequent travellers should stay updated on border policies to avoid unnecessary delays and ensure a seamless entry into the Schengen Zone.
As the EU moves forward with its digital transformation of travel, one thing is clear: the era of paper passports and manual stamping is rapidly coming to an end.
The EU may well be jumping the gun here. After all, its Exit-Entry system dates back to 2016 and has been repeatedly delayed. It was initially scheduled for implementation in 2022, then May 2023, then late 2023, and then late 2024, when it was postponed again for unexplained reasons. The latest deadline has been set for October 2025. While there can be no doubt that the system will eventually be launched, it remains to be seen how reliable it will be once it is up and running.
In the US, meanwhile, biometric systems are also being rolled out at a blistering pace. Currently, there are 93 airports in the country that use Credential Authentication Technology (CAT-2) units that feature facial recognition technology, according to the Transportation Security Administration.
As the country prepares to host a series of major global events, including the 2026 FIFA World Cup and the 2028 Olympic and Paralympic Games, a report by the “Commission on Seamless and Secure Travel” (CSST) has called for significant reforms to modernise the nation’s travel infrastructure, including “increased reliance on biometrics, artificial intelligence, and advanced data analytics in travel screening.”
According to an article in International Airport Review, 98% of airlines globally have either implemented or are planning to implement biometric systems at their airport terminals. Sixty percent are incorporate biometrics into essential passenger touchpoints such as check-in, bag-drop, lounge access and boarding within the next five years.
“The End of Anonymity As We Know It”
It is not hard to see why this is happening.
Biometric identity systems offer the promise of faster passenger processing — which will appeal to most, if not all, travellers, especially frequent business passengers — as well as greater security by rapidly identifying threats. For airline and logistics businesses, they offer the promise of drastically lower operating costs by reducing the need for human workers. For governments, they offer the promise of much greater, more granular control over their increasingly restive populations.
However, they also raise significant privacy, civil liberties and security concerns, including “the end of anonymity as we know it”, warns the ACLU:
As law enforcement authorities continue to add to the network of cameras monitoring our public spaces, it will become increasingly difficult to evade their watchful eye and, soon enough, their automated biometric identification.
The biometric threat is not limited to government; corporations are joining the fray, too. Popular social media sites have been building and testing facial recognition databases for years. There is little public explanation of the ways in which those biometric datasets are being used, aggregated, and potentially sold.
It is not for nothing that more than a dozen large US cities have banned the technology, including Minneapolis, Boston, and San Francisco.
However, despite its many flaws and the threats it poses to basic democratic rights and freedoms, the lure of biometrics is hard for governments, law enforcement agencies and private companies to resist. Last year the Washington Post reported that law enforcement agencies in some of the cities where its use was banned were asking neighbouring forces to search face databases for them.
In the UK, the use of facial recognition technologies by police forces and private companies, including high street retailers, has ballooned in recent years, regardless of which party is in government. And it has given rise to a huge new industry that is harvesting — and in some cases, storing — vast volumes of data about us, warns the civil liberties group Big Brother Watch:
[B]ehind these apparently convenient e-gates is a completely new, colossal infrastructure harvesting our digital information. Rather than showing a paper passport to a human officer like we all used to, the officer is now a machine and it already has your passport, your photos, your biometric data and potentially more of your information in a giant database. The emergence of “smart” borders is not simply a technological upgrade – it is a shift for our privacy rights.
How intrusive this will be depends on how much data the Government decides to store and for how long. But in theory, e-gates of this type open the possibility of harvesting the travel data and biometrics of the population across our lifetimes, as well as detailed records of the tens of millions of visitors to the UK each year…
How intrusive it will be also depends on whether we can choose to use e-gates. Currently, we can choose whether to use passport e-gates, and they require us to present our passport. But the difference with “frictionless” security is that the individual has less agency – your passport is effectively digitally pickpocketed by high-tech cameras that scan your face and decide whether to permit or deny your entry. Unless it is radically changed, the Government’s Data Protection and Digital Information Bill, currently going through parliament, will significantly weaken our data rights, paving the way for a country with many more facial recognition cameras not only in airports but potentially everywhere.
A key feature of biometric identifiers often gets overlooked in the often one-sided debate on biometric surveillance technologies: their irreplaceable nature. If biometric data is hacked, there is no way of undoing the damage. You cannot change or cancel your iris, fingerprint, or DNA, like you can change a password or cancel your credit card.
The biggest irony about this mad rush to streamline airport efficiencies by using flawed biometric technologies is that it comes less than a year after the Crowdstrike outage brought air travel to a virtual standstill. As WIRED reported in its aftermath, automation is critical to the airlines industry, but for the automated systems to work, they require functioning computers.
When those computers go down at a given airport, the effects can cascade, and delays pile up. But when they go down at hubs, the entire aviation system gets throttled. This happens even if the technologies used to fly and direct planes while in the air are unaffected. For example: The US Federal Aviation Administration posted on X on Friday morning that it was “not impacted by the global IT issue.”
So, not only does the mass rollout of biometric ID systems across the international travel infrastructure threaten to establish a dangerous precedent for far broader government surveillance, based on flawed technologies; it will also make the aviation industry even more dependent on automation, and thereby even more exposed to IT outages, cyberattacks and data breaches — precisely at a time when IT outages, cyberattacks and data breaches are on the rise.
If the Crowdstrike taught us anything, it is that paper-based systems such as passports and cash have one major advantage over IT-based systems: they don’t crash. Unfortunately, it is a lesson that few in government and the corporate world apparently seem willing to heed.
* For a number of months now, the Murdoch-owned Times has been regularly churning out puff pieces calling for the rollout of digital identity, facial recognition and other biometric technologies in order to address myriad societal ills, including the scourge of “populism”. A couple of examples:
Tony Blair: "Introduce mandatory digital IDs and facial recognition because…populism! The public will love it!"
🧐🧐🧐🧐🧐 pic.twitter.com/2w1GhpeTxW
— Kit Klarenberg 🔻🔻🔻🔻🔻 (@KitKlarenberg) February 1, 2025
The Times' Crime and Justice Commission – at a summit sponsored by surveillance company Axon – has today called for live facial recognition and digital ID to be introduced
🤢 Tony Blair told the Commission that these Orwellian technologies are a "necessity"
This obsession with… pic.twitter.com/lFM52j2B7E
— Big Brother Watch (@BigBrotherWatch) April 15, 2025
More often than not, these articles cite Tony Blair and his humbly named foundation, the Tony Blair Institute for Global Change, as supreme authorities on these issues — despite the fact that just about everything the Blair government (the Post Office Horizon scandal, the £NHS’ 10 billion IT system that never launched…) did in the technology realm ended up failing spectacularly. Here’s Blair’s latest pitch for digital ID and live facial recognition:
The Tony Blair Institute has released another video pushing for digital IDs and live facial recognition — all under the guise of border security, protecting public services, and creating a ‘fairer’ justice system.
We must not allow this to happen.pic.twitter.com/lvFf1CChGH
— Lewis Brackpool (@Lewis_Brackpool) April 15, 2025
Coincidentally, the first proposal on the Times Crime and Justice Commission’s ten-point plan for crime and justice is to “introduce a universal digital ID system to drive down fraud, tackle illegal immigration and reduce identity theft.”
As we reported in January, the propaganda push for the government’s proposed digital identity system is kicking into gear. Now that the IT systems have been developed, launched and is now supposedly ready for mass rollout, we are at the manufacturing consent stage of this long, drawn-out process. As Blair himself has
The UK media is doing a top-notch job of selling digital identity to the public by over-selling the potential benefits while downplaying or completely ignoring the risks (unfettered mass surveillance, loss of privacy, widespread exclusion from welfare payments and public services, a gateway to central bank digital currencies…).
However, the government’s One Login digital identity systems appears to be far from ready for mass rollout. According to an article published this week by Computer Weekly, citing an unnamed whistle-blower, many of the system’s “serious data protection failings” and “significant IT security shortcomings” that had been flagged in 2022 have still not been resolved.
The IT security shortcomings could increase the risk of data breaches. According to the whistle-blower, the information security of the three million current users of One Login remains at risk. The article also reveals that the development work on One Login has been offshored to Romania, apparently “without the knowledge or approval of the [Government Digital Service’s chief executive Tom Read] and without first seeking advice from the National Cyber Security Centre (NCSC).”
All in all, not exactly confidence inspiring.
When you have to have an app on a smartphone to travel, then there’s not a lot of choice about what permissions the app has to be granted to operate.
“creating a new digital travel credential, allowing passport information stored on devices to be used for travel”
“Boarding passes and the need to check-in for flights will be scrapped”
Mandatory or not? Some confusion here.
The Rev recommends to those who have to do international travel – and assuming that these “Passports” on mobile phones along with any “journey pass” become mandatory – that they get themselves a burner mobile while traveling just like diplomats are told that have to travel to the US. No links of any kind for social media accounts and the minimum of personal information. Just have the info that you need for transport, accommodation and places to visit but that is about it with the thought that your phone might be temporarily taken off you and copied at some airport. You can keep your holiday snaps on it but you’d be wise to send backup copies to a throwaway email address for retrieval after getting home. Once home and you are finished with that mobile, yank the battery out and throw it in a Faraday container until you need it next. Remember-
‘Just because you’re paranoid doesn’t mean that they are not out to get you.’
Sound advice. Hacks into face identities will create havoc, and it will be inevitable. Just because ‘we can’ does not mean ‘we should’, do these lunatics never learn?
If you can find a phone with removable battery in a couple years…actually you could let it discharge and then wipe (factory reset)
I always ask, how does exposing my personal data to more services make me more secure?
What ever in the world will we do without fuel for planes?
I’m applying for a passport, in the throes of the Trusk Chaos. Why? Rationally, I have no idea.
What interesting times to behold, embrace and endure. Happy Easter!
A number of different points here, so let’s stick to the headline issue of international travel.
Quite a lot of this is in place already and has been for a while. At virtually any airport in Europe, and many outside, a combination of facial ID and electronic boarding passes is the norm. I haven’t used a physical boarding pass for years, and when I go to CDG to take a plane, I go through one check before security and immigration, and an agent scans my boarding pass. That tells the airline I am at the airport, and I don’t use the pass again until boarding the aeroplane. If something happened to my phone, I would be theoretically able to recover my boarding pass on any computer. For certain countries, your passport is read automatically and then compared with a facial scan. In my experience it’s accurate about 19 times out of 20. The same system is basically used for Eurostar between London and Paris. Arrivals tend to be more paper-based, but I noticed in Nicosia last year that there’s an automatic arrivals system which reads your passport and issues you with a slip of paper to hand to immigration.
The key to all this, though, is that it only applies to certain passports from certain countries. So in Europe, citizens of the EU, but also the US, UK, Japan, Australia/NZ and perhaps others are the only ones allowed to use these automatic procedures. When you think about it, it’s effectively impossible to check a visa on a digitised passport, so in practice this procedure is always likely to be limited to states between which visa-free travel is possible. This actually excludes a lot of the world: African states in general charge (a lot) for visas as a way of financing their Embassies, and few of them will have the interest or resources to set up electronic systems. So in practice, even more than now, there will be “fast lanes” through which people can pass electronically, and other lanes for the rest. The idea of doing this throughout the world is a fantasy.
I’m not sure how this will work given most Western countries only have about 70-80% smartphone penetration, meaning roughly 20-30% of any given adult population does not own smartphones.
Penetration decreases when considering Asia and the global south, with 70% of India not having smartphones and much of Africa having only mobile phones.
(These %’s are from my recollection of a seminar I attended 10 years ago.)
Also, if a smartphone becomes a requirement for identification purposes, shouldn’t governments be required to provide citizens with smartphones?
Numbers are different today, see for example list of countries by smartphone penetration”. India still is lagging by about 45%, though.
But smartphone penetration doesn’t have to be 100% for such plans to succeed. Nobody cares if the poor are left behind. They don’t fly, and equality never was a goal of the rich.
And if boarding with a smartphone is easier, maybe then a few smartphone holdouts will use one.
Regards, Uwe
Open the POD bay doors, Hal.
Thanks for picking this up, Nick.
I would not be keen on putting my passport cum biometrics on the smartphone. Never mind not having enough charge, what about theft of the phone (on the increase) or hacking? As you say, it’s hard to get a replacement.
Real ID uses a license or passport in lieu of a boarding pass for many domestic flights already. Facial recognition for international travel is nothing compared to this domestic dystopia:
Epic Universe Is Coming. Here’s a Sneak Peek. NYT archive
Do I have to mug to pay or my mac-and-cheese cone too? Probably if it works if my face isn’t smeared with Velveeta and Goldfish.
A place I have no intention of visiting, in spite of $7B spent on 100 acres. That is the equivalent of a new Penn Station in NYC. I guess there are priorities?
The mirage of privacy has long-since evaporated. We have 1 life and can still make some choices. Most will say ‘Whatever’, as convenience reigns supreme……