Mastering Data Management

More in Government

• More Mobile, More Competitive Government
• We Are Our Own Columbos
• The End of the Social Security Number?
• Five Rules of Successful Identity and Social Network Analysis

More from Jonathan McDonald

• Keeping Entity Resolution Cost Effective
• More Nuts and Bolts for Entity Resolution Success
• What’s Needed for Entity Resolution Success?
• Immigration and Border Control – Keeping Out the Bad Guys

Share this Post

Recent Comments

• Lorraine Fernandes on Response: A Universal Identifier Isn’t a Silver Bullet
• Henrik Liliendahl Sørensen on Response: A Universal Identifier Isn’t a Silver Bullet
• Response: A Universal Identifier Isn’t a Silver Bullet | Mastering Data Management on 3 Best Practices in Identity Management

Officials assemble risk profiles based on traveler data to determine potential threats.

Border security agencies are challenged to determine passenger intent in order to accurately identify threats. With a limited set of available data, this is difficult, to say the least. Today, lets focus on the risk profiles themselves.

Overview of Risk Profiles

Risk profiles can be assembled to determine which travelers pose the greatest threat. A risk profile is a combination of attributes associated with an entity (a traveler) or a group of entities.

An attribute is an observable/measurable characteristic consisting of a descriptor of the characteristic (such as age), a value or range of values (eg 18-25) and ideally a rating of importance of that attribute to the overall profile (eg must be present, may be present, must be 100% match).

Attributes can include:

• Personal identifiers (age, sex, passport details, bank account details)
• Travel description (flies within 30 days of booking ticket/within 7 days of visa issue)
• Commonalities/linkages (on the same flight as another person of interest)
• Travel/historical records (entered country more than 10 times in past 12 months).

There are several high-level requirements that can help implement improved risk profiling. They include:

1. Assembling sufficient passenger-related data from a range of sources to enable effective risk profiling. Data in this composite record could include:

• Electronic visa application data
• Watchlist data
• Travel history (ie passenger movements/entry/exit) data
• Passenger Name Record data
• Any additional data captured by airlines at check in
• Other systems – eg other intelligence repositories or transactional systems

2. Resolving entities within the records in contributing data sources – specifically to ensure, for example, that the correct person’s travel history is used in the process

3.  Screening the resolved composite traveler record against a set of risk profiles

4. Providing alert/notification if a traveler record triggers one or more risk profiles

Examples of Risk Profiles

Examples of risk profiles could be:

Traveler 1:

• Is male;
• Booked flight within 7 days of visa issue; and
• Paid cash for flight; and
• Changed travel itinerary more than once in 7 days preceding departure; or
• Stopped over for more than 24 hours in a specific location, such as Islamabad.

• Is travelling on a passport issued within the last 30 days; and
• Has previously travelled to the US on another passport; and
• Has traveled via high risk destinations listed in List X; and
• Length of intended stay in the US is < 7 days.

Traveler 3:

• Has previously travelled to US; and
• Has previously been issued a visa and never travelled using that visa; and
• Is travelling with more than one male companion aged 18-30; and
• Has on previous visits arrived in the US from the Philippines.

Clearly risk profiles can be longer or shorter (more or less rules/attributes) as required.  The above are only speculative examples with no reference to identified threats. Risk profiles must be able to be created and applied at very short notice, and may be temporary or permanent depending on how threats evolve in response to countermeasures.