May 07, 2009 - After years of debate and development, and months of testing, the U.S. Transportation Security Administration's Secure Flight passenger pre-screening program next week will reach a critical milestone: On May 15, domestic U.S. airlines must request full names from all passengers on domestic flights and be capable of transmitting those names to the government.
That means, regardless of booking channel, a traveler must use the exact name that appears on the government-issued identification to be presented at the airport;
travel agencies must collect that full name from all customers and transmit it via passenger name records to global distribution systems; and GDSs must accept those transmissions and pass the data to airlines. [Airlines then would send the data to TSA, which on March 31 assumed from carriers the responsibility for comparing passenger lists to terrorist watch lists.]
Subsequent phases (see timeline below) first will require travelers, agencies and GDSs to transmit additional passenger information (gender, date of birth, passport numbers if required and redress numbers if available) and then will expand the program to include international flights operated by both U.S. and non-U.S. airlines.
"Obviously, we can't implement every carrier on one day," said Secure Flight director Paul Leyh, speaking during an April 22 webinar hosted by the National Business Travel Association. "We have been scheduling carriers between now and the first quarter of next year to do the implementation."
The specific carrier implementation schedule has not been shared publicly. "The Department of Homeland Security has been very adamant about not communicating to the GDSs, the public or the travel industry in general about when each airline is required to start doing this," said Amadeus project manager Jim Martin. "If I was someone with malcontent, I would want to book my travel on one of those carriers that I know are not yet transmitting to DHS. They don't want it to be common knowledge."
TSA's stated goal "is to vet 100 percent of all domestic commercial flights by early 2010 and 100 percent of all international commercial flights by the end of 2010."
According to a United Airlines memo dated April 7, "United is proactively working with the travel industry (e.g., sales agencies, travel agencies, other airlines and Web site service providers) to ensure that information will be collected in all reservations booked. United, along with other airlines, is actively developing industry standards in data collection." Like other carriers, United also has encouraged members of its loyalty program to "update their account information to be in sync with their government-issued identification."
"TSA has built some flexibility into the process regarding passenger name accuracy," Leyh explained. "For the near future, small differences between the passenger's ID and the passenger's reservation information--such as the use of a middle name versus an initial versus no middle name--shouldn't cause a problem for the passenger. But over time, passengers probably should strive to ensure there is consistency between the name on their IDs and on their travel information." [Some agencies and
frequent flyers previously reported that small name discrepancies had caused problems, including elite-level frequent flyers not being recognized as such at the airport.]
Meanwhile, airlines, GDSs and other third parties have been adapting their systems to handle new and expanded data fields. "It really was a surprise to me how complex and intricate" the revised data collection process is, said Interactive Travel Services Association executive director Art Sackler. "We said [to TSA during the rulemaking process], 'There's much more here than meets the eye in terms of what has to be done to prepare for something like this, so we'll need a good 270 days from the time it comes into effect,' and that's what they gave us. They provided enough lead time so we're hopeful we'll be able to start collecting that information with a minimum of errors, false positives, etc."
When asked if his group's constituents (including GDS operators and online travel agencies) would be ready by August, Sackler said, "We are confident it will be ready to go. That is not the same as a guarantee, but we think we'll be ready."
To prepare for the gradual implementation, GDS firms have begun or soon will begin using modified processes agreed to by TSA and various industry participants.
Meanwhile, many corporate travel agencies--from the largest mega travel management companies to smaller entities--have been working to adapt their agent scripts and booking tools to include required Secure Flight data collection, and their profile systems to help reconcile name discrepancies.
"We have undertaken a large update and enhancement of our internal profile systems to accommodate the storage of this very valuable and confidential information," according to Robert Polk, CEO of
Polk Majestic Travel Group in Denver.
Some agencies are relying on third-party tools, including Profile Tracker from SureWare. The company said its product allows agencies to "quickly see where they are missing or have incomplete information on each traveler and can then proactively collect additional data from their clients." SureWare Profile Tracker clients include Blue Ribbon Travel, Colpitts World Travel, Ovation Corporate Travel and Tower Travel Management.
The U.S. government also must revise its own travel systems to accommodate Secure Flight requirements and is advising federal travelers on how to prepare. For example, "The Defense Travel System is in the process of being modified," according to a Defense Travel Management Office message posted last month. "Until the modifications to DTS are made, your Commercial Travel Office may ask you for your full middle name, gender and date of birth. By providing this information in advance, most passengers will not experience any differences from the way they traveled before."
Meanwhile, Concur said its online booking tool as of May 5 "automatically" accommodates Secure Flight data collection requirements for users. According to a spokeswoman, "Some companies are managing updates to profile data through an HR feed, and some are asking the traveler to update the new fields in their own profile." Concur clients, she added, "can define whether they
prompt a user to add the [required Secure Flight] data to the reservation when it is missing from their profile. We also added the ability to capture the information in our meetings module or when a reservation supports a non-profiled traveler."
Another corporate booking tool, "GetThere will have its technology and processes thoroughly tested and ready for the mid-August timeframe when airlines must have the ability to collect, store and send data to TSA for all U.S. domestic flights," according to a GetThere spokesman. "The GetThere solution will allow us to store the necessary traveler information within GetThere after it is initially entered into a traveler's profile. Available in July, this will enable us to collect and store full name, date of birth, gender and redress number in a secure procedure. GetThere is also leveraging its full suite of customizable messaging tools--for both travelers and travel arrangers--to allow travel managers to make necessary updates to employees throughout this process."
At Amadeus, the e-Travel corporate booking tool will be coded to handle Secure Flight requirement later this year or early next year. "That doesn't mean that we cant collect the data" before that coding is completed, said Amadeus' Martin. "When an e-Travel client makes a reservation, it is given to the travel agency that hosts their e-Travel website. that travel agency will then transfer the profile information into the reservation or type the data in."
Secure Flight Timeline
Oct. 28, 2008: Secure Flight final rule published in Federal Register after TSA made modifications based on
public commentary.
Dec. 29, 2008: Secure Flight final rule officially took effect.
January 2009:
TSA began Secure Flight implementation with volunteer airlines.
March 31: TSA began domestic air passenger watch-list matching
May 15: Domestic airlines must begin requesting and collecting the full names from domestic passengers. They also must be capable of transmitting that data.
Aug. 15: Domestic airlines must begin requesting and collecting the full names, gender, dates of birth and, if available, redress numbers from domestic passengers. They also must be capable of transmitting that data.
Oct. 31: For all flights to, from and overflying the United States, domestic U.S. and non-U.S. airlines must begin requesting and collecting the full names, gender, dates of birth and, if available, passenger redress numbers.
March 2010: TSA intends to complete Secure Flight implementation for domestic U.S. airlines.
December 2010: TSA intends to complete Secure Flight implementation for all non-U.S. airlines.
