Biometric authentication – matching someone’s unique physical traits against a database to confirm they are who they say they are – has excited the imagination for decades. Back in 1971’s Diamonds are Forever, James Bond outwitted an adversary using a fake fingerprint. Captain Kirk used a voice-recognition system to blow up the USS Enterprise. And the Mission: Impossible team have disproved the franchise’s title time and time again by bypassing biometric access including iris, facial and gait recognition.

On a bright November morning at Atlanta’s Hartsfield-Jackson airport, the technology’s real-world adoption is looking somewhat less dramatic. Tired-looking passengers form a queue about a hundred deep into Terminal F, shuffling forward to board a 15-hour flight to Seoul Incheon. There is little to indicate that they are among the pioneer users of the first ever “biometric terminal” in the US, save for the small camera right before the jetway that is approving passengers just a few seconds faster than a human agent would.

But there is no doubt that what is happening is a huge step towards the airport experience of the future. The passengers were able to use face recognition technology to check in for the flight, drop off their luggage, pass through security, and now to board the aircraft. US Customs and Border Protection obtained the image they were matched against through visa applications, a submission of their passport details online, or through a self-service passport scan when they arrived at the airport.

Delta Air Lines led the push for this end-to-end biometric terminal at its Atlanta hub, working with CBP for several years and pumping millions of dollars into the project. Biometric departures are now available to all passengers at Terminal F. The technology promises a future where passengers breeze through airports, proving their identity by glancing at cameras rather than rifling through their bags for documents three or four times. It is also likely to change entirely the way we view passwords, security and personal data.

Bye bye, Boarding Pass 
No passenger can get from taxi to plane with their face alone just yet. At Hartsfield-Jackson, for example, while all of the identity verification can be done through face recognition, you’ll need a passport when you arrive in another country, so airline staff checks to see whether you have one with you at boarding. A digital or physical boarding pass will also need to be shown at security to prove you have a flight to catch.

Still, both of these steps will most likely be unnecessary in the future. Terminal F may not require boarding passes as soon as later this year. In a report at the end of 2018, the US Transportation Security Administration proposed one day using biometrics for all forms of ID.

Outside of phones and banking, the airport will probably be most people’s first encounter with the new generation of face recognition technology. SITA reports that 71 percent of airlines and 77 percent of airports are planning major programs or research into the technology.

Having beat its US rivals to the pole position with its end-to-end biometric terminal, Delta plans to implement the same system at McNamara Terminal in Detroit and is testing options at other US airports. For passengers hoping to try it, further developments are afoot.

British Airways has worked with CBP to run tests at Orlando, Los Angeles, Miami and New York JFK, saying it halved the time it took to board long-haul aircraft. All domestic departures from the airline’s hub at London Heathrow T5 are now boarded through biometrics. Next year it says it will roll the technology out further at Heathrow, London City and Gatwick as well as the 30 airports it serves in the US.

Emirates is planning to launch its own “biometric path” in Dubai using facial and iris recognition, with data stored by the General Directorate of Residency and Foreigners Affairs. The airline says it will get passengers through immigration in 15 seconds.

Last year, Qantas partnered with SITA to test biometric boarding at airports in Brisbane, where passengers enrolled by scanning their passports at home on an app; in Sydney, which signed up passengers at airport kiosks; and in Los Angeles, which, like Delta, accessed a CBP database. The trials demonstrate three approaches airlines can pick to adopt the technology.

Following successful tests at Amsterdam International Schiphol Airprot, KLM’s chief executive, Pieter Elbers, says he has even considered using facial recognition technology in airport elevators so that a passenger’s arrival is expected before they arrive at check in.

Not all of the investment will come from airlines. Airports all over the world are testing the technology in collaboration with airline partners and government agencies. All of this means biometrics are a big growth market. Companies such as Vision-Box, Aurora CS and SITA are seeing rapid growth providing software and hardware tools that allow airport systems to take the pictures and communicate with external databases.

Match Points 
Facial recognition will be familiar to anyone who has used an e-passport to go through arrivals. There, while your face is captured and matched against the image in your passport in less than a second, the machine is also scanning and checking data from the chip on your passport, which can take 6-10 seconds.

For the scan to work, the passenger’s picture must already be stored in a database ready to be matched against. Depending on how airlines develop their own systems, that database could be held by them, an airport, a private company, or a government agency such as CBP. Most of those images will come from passports or other documents such as visa applications.

Airlines must have a way of communicating with this database to check who should be allowed on a particular flight. When a passenger’s image is entered in the database, it’s converted into a template using points on their face, which is stored in cloud space. Then, when a passenger is photographed by a biometric camera at the airport, that image is turned into a template and the system compares it with existing ones. If the image is, say, a 90 percent match (the level currently required by CBP), the passenger is approved and ready to proceed to the next checkpoint or board their flight.

The facial match happens remarkably quickly, and doesn’t require you to maneuver your face into a certain position or gaze unsmiling into the camera. It also won’t be affected by superficial changes such as scars, beards, haircuts or make-up.

The technology is not infallible. Research, including by regulatory body NIST, has found that facial analysis technology is less successful at identifying people with dark skin. That could lead to people being unfairly targeted based on race. Women are also more likely to be incorrectly rejected than men. CBP deputy commissioner John Wagner says that the Atlanta terminal is working at a 98 percent success rate, although other reports have claimed that the technology incorrectly rejects as many as one in 25 travelers.

Too Much Information?
Where some see biometrics as making travel and other areas of life easier, others spy something more sinister. For years, biometrics have been touted as providing unparalleled security. A body part is pretty hard to forget, forge or steal. Many people already use their fingerprints or faces to unlock their phones, make payments or access buildings.

Still, the Georgetown Law Center on Privacy and Technology in Washington, DC, is one organization with concerns about its growing use. In a 2018 report, it called biometric airport screening a “solution in search of a problem,” arguing that in a bid to make the process simpler for valid travelers, the bar may be lowered to allow more imposters to slip through. Privacy campaigners have also raised concerns about how long security agencies, airlines and airports will keep the biometric data and what they will do with it.

Addressing the security concerns, Wagner explains, “A templatized version of a photograph is the only data being transmitted back and forth. Personal data like your name, date of birth or passport number are not stored.”

Even so, some campaigners argue that biometrics are particularly sensitive personal data. They cannot be replaced, and your inclusion in some databases could allow you to be identified at any point, even if you don’t know it’s happening.

“We need to think about the benefit to people for providing their information in facilitating their journey,” says Aaron Beeson, director of business solutions at Vision-Box. “Privacy concerns need to be at the forefront.”

As part of the “Happy Flow” end-to-end biometric boarding system introduced by Vision-Box at Schiphol and Aruba airports, passengers submit their biometric data via a passport scan at check-in and can have it removed from the system as soon as they board the aircraft. “It gives people the ability to anonymize,” Beeson says. “It gives them the option to control the data like a passport and choose when to provide that to someone else.”

There is no doubt that biometrics will bring big benefits to travelers. Most airlines are allowing passengers to opt out of the system, although Delta says that only about 2 percent  are choosing to do so. IATA research found that nearly two-thirds of passengers (64 percent) say they would be willing to share their biometric data in order to assure themselves a better traveling experience – leaving a third of people who would not. Given the momentum building, it seems inevitable that one day they won’t have a choice.