Digital Identity: Boosting seamless experience in 2023
For the travel industry, 2023 starts as a year of continuous recovery. However, it has the main ingredients that are, at least, as uncertain as 2022.
According to IATA's recent forecast, total airline revenue can reach 93% of the pre-pandemic level in 2023, driven by the recovery in passenger traffic reaching near 2019 levels. When it comes to profitability, it is expected the industry to turn profitable already this year with positive figures of around $4,6B. Therefore, the outlook seems to follow a continuous upward trend despite the main macroeconomic risks, essentially, what concerns high inflation, accelerated by the Ukraine-Russia war.
Adding to those effects, the travel industry started the year with “mixed feelings”. Recently, because of the zero-covid policy in China, a potential new Covid wave is already forcing governments (such as EU member states, US and Canada) to go back in time and impose and/or recommend a new set of health measures to mitigate potential risks of a new Covid strain concerning, namely, to testing, vaccination, medical masks, and disinfections specifically for those incoming flights from China.
When looking at our core industry, the usage of biometrics has been positively impacted since the outbreak of Covid by the high demand for replacing physical and touchable contactless solutions to identify and process people. In the context of airports and airlines, the trend followed along during last year. According to IATA Global Passenger Survey 2022 (IATA GPS 2022), there’s a higher interest in using biometrics instead of the passport or a boarding pass (75%; +3% vs 2021). However, regarding data privacy, despite respondents showing less concern than in 2021, data breaches, 3rd party data sharing and lack of visibility of data management remain the top 3 concerns.
Given this conjuncture, as a technological company with biometrics at the core and a special focus on airports, airlines, and governments, these are the 3 main trends we expect to actively evolve next year.
IATA OneID, towards contactless travelling
IATA OneID gained momentum during the pandemic under a rebranding “IATA Travel Pass” to respond to the urgent demand of digitally sharing vaccination and/ or testing credentials along the travel journey with different stakeholders. Essentially, the main objective was based on reducing manual checks of health information, increasing data security and processing passenger throughput.
Nowadays, it has returned to the initial concept. Beyond health data, it aims to share minimum necessary data (e.g.: name, date of birth, country or passport number) depending on whether it is an airline, airport, or governmental entity to speed up a contactless experience for the passenger. By limiting what is necessarily shared, the processing time can be faster. Recently, IATA released a new Recommended Practice (RP) on Digitalization of Admissibility which, according to the entity, “the mechanism will allow travellers to create a verified digital identity in an airline’s app on their smartphone and use it to send proof of all required documentation to destination authorities, “receive a digital ‘approval of admissibility’ in their digital identity/passport app” and “share the verified credential (not all their data) with their airline”.
During 2023 it is expected more developments on the new RP, business requirements and implementation guidance.
EU Digital Identity Wallet, a Paradigm Shift for digital identity in Europe
Interoperable digital identity based on decentralized chain technologies has been a hot topic since the Covid outbreak. Beyond the IATA OneID initiative already mentioned, with a focus on aviation, there’s also at the governmental level extensive work on EU Digital Identity Wallet (EUDI Wallet). It seems the most tangible example beyond national solutions with full deployment by September 2023. According to the EUDI Wallet Consortium, “[…] EUDI will be able to contain additional information, such as a mobile driving license, educational certificates and more, which can be shared with full control of the user. The EU DI Wallet will be used for both government services and private sector, payments as well as other trust services like electronic signing […]”
For the travel industry, it is of uttermost importance to have an international governmental initiative that may become the global main reference for a unified digital identification system. EWC (EU Digital Identity Wallet Consortium) is focusing on the future of travel to help not only citizens and governments but also businesses. With standardised credentials, soon, it will potentially allow companies to integrate and consume people’s data for travel purposes mitigating the risks associated with data privacy and security. It is very likely, in our view, that this wallet market will be fragmented at this initial stage, with several solutions - public or private - depending on the region by letting the final user choose which one to use. Public wallets sponsored by governments might have a higher adoption due to their multiple-use case coverage. Only the EUDI wallet pilot will allow other citizen services such as SIM eRegistration, banking account opening, eDriving License, eGovernment services, eSignature or ePrescription.
Data protection, “the elephant in the room”
As mentioned in the beginning, according to IATA GPS 2022, data breaches, data sharing with 3rd parties and lack of visibility on data management continue to be the top 3 concerns when talking about biometric information usage.
Passengers’ concerns have strong fundamentals. During 2022, a few major issues related to data breaches in the aviation sector have been publicly reported. According to the Eurocontrol report, in 2020 airlines configured 61% of total cyberattacks in aviation. Only last year, several cyberattacks targeting mostly airlines were reported with breaches of sensitive data such as passengers’ names, contacts, passport numbers or credit cards. A few months ago, several US airport websites were also attacked which drove a major investment in critical aviation systems including sharing data with passengers. The EU followed the same path by reinforcing cybersecurity rules to increase flight safety which may come into force in 2025.
This has been a hot topic, strongly sponsored by ICAO which led to a major report released in 2019 called “Strategy Report” with 7 key proposals in which member states were especially addressed to implement a new culture of cybersecurity around cooperation, governance, legislation, regulation, sharing, emergency planning and training. Due to the frequency of cyberattacks and their level of sophistication, aviation incumbents can’t wait for government guidance. Beyond financial and reputational losses, disruption of business continuity and, in cases with government financial involvement, an opportunity for political gain may be at stake.
In summary, even though negative macroeconomic effects impact people’s purchasing power, passenger recovery may continue reaching 93% of 2019 levels this year according to IATA estimations. Alongside the recovery, private and public initiatives will actively evolve around digital identity initiatives with major cases such as IATA OneID and EU DIW. In consequence, as cloud technology becomes more relevant by enabling access to sensitive data while securing ownership, control and privacy, the need for continuous investment in data protection turns out critical.
These initiatives represent not only new ways of identification and access to services but also future revenue streams because of the ability to integrate and share data with the ecosystem. It will progressively require better coordination and cooperation, especially between airlines and airports to help to increase their profit margin, which has been challenged these last 2 years. This is one of the greatest opportunities for these two stakeholders to join forces and boost a real and full seamless experience in the upcoming years.