An Airline Ticket to Fraud

Data systems that merge air passenger data make identity theft easier to come by

THIS is the story of a piece of paper no bigger than a credit card, thrown away in a dustbin on the Heathrow Express to Paddington station. It was nestling among chewing gum wrappers and baggage tags, cast off by some weary traveller, when I first laid eyes on it just over a month ago.

The traveller's name was Mark Broer. I know this because the paper - a flimsy piece of card - was a discarded British Airways boarding-pass stub, the small section of the pass displaying your name and seat number. The stub you probably throw away as soon as you leave your flight.

It said Broer had flown from Brussels to London on March 15 at 7.10am on BA flight 389 in seat 03C. It also told me he was a 'Gold' standard passenger and gave me his frequent-flyer number.

I picked up the stub, mindful of a conversation I'd had with a computer security expert two months earlier, and put it in my pocket. If the expert was right, this stub would enable me to access Broer's personal information, including his passport number, date of birth and nationality.

It would provide the building blocks for stealing his identity, ruining his future travel plans - and would even allow me to fake his passport.

It would also serve as the perfect tool for demonstrating the chaotic collection, storage and security of personal information gathered as a result of America's near-fanatical desire to collect data on travellers flying to the U.S.

- and raise serious questions about the sort of problems we can expect when ID cards are introduced in 2008.

To understand why the piece of paper I found on the Heathrow Express is important, you have to go back not as you might expect to 9/11, but to 1996 and the crash of TWA Flight 800 over Long Island Sound, 12 minutes out of New York, with the loss of 230 lives.

Initially, crash investigators suspected a terrorist bomb had brought down the aircraft. This was later ruled out, but already the Clinton administration had decided it was time to devise a security system that would weed out potential terrorists before they boarded a flight. This was called Capps, the Computer Assisted Passenger Pre-screening System.

It was a relatively unambitious idea at first. In simplistic terms, if someone bought a one-way ticket, paid in cash and checked in no baggage, they would be flagged up as an individual who had no intention of arriving or of going home. A bomber, perhaps.

After 9/11, the ambitions for such screening grew exponentially and the newly founded Department of Homeland Security began inviting computer companies to develop intelligent systems that could 'mine' data on individuals to establish what kind of person was buying the ticket.

In 2003, one of the pioneers of the system, speaking anonymously, told me that the project, now called Capps II, would designate travellers as green, amber or red risks. Green would be an individual with no criminal record - a U.S. citizen, perhaps, who had a steady job and a settled home, was a frequent flyer and so on.

Amber would be someone who had not provided enough information to confirm all of this and who might be stopped at U.S. Immigration and asked to provide clearer proof of ID.

Red would be someone who might be linked to an ever-growing list of suspected terrorists - or someone whose name matched such a suspect.

'If you are an American who has volunteered details proving you are who you say you are, that you have a stable home, live in a community, aren't a criminal, [Capps II] will flag you up as green and you will be automatically allowed on to your flight,' the pioneer told me.

'If the system doesn't have a lot of information on you, or you have ordered a halal meal, or have a name similar to a known terrorist, or even if you are a foreigner, you'll most likely be flagged amber and held back to be asked for further details.

'If you are European and the U.S.

government is short of information on you - or, as is likely, has incorrect information on you - you can reckon on delay after delay unless you agree to let them delve into your private life.

This content continues onto the next page...