This month, the U.S. Transportation Security Administration officially rolled out the first public phase of its Secure Flight program, which requires domestic airlines to start collecting more precise passenger name identification information.
That, of course, means that travel agents, GDSs, online travel companies and myriad other links in the distribution chain must fall into compliance, though when and how are not really clear.
The TSA says it needs the precise names of passengers to expedite checking travel documents for security screening measures. At the moment, though, it’s all something of a fire drill. There’s no need to worry if names fail to match up exactly on various travel documents, because the TSA isn’t actually checking yet — and it won’t be checking for a while, though no one is really sure how long a while might be.
That’s because the agency is currently focused on ensuring that airlines, travel agents, corporate travel managers and distributors get their technologies, processes and mindsets in place by the time the TSA actually starts enforcing the security measures sometime next year.
The TSA started requiring airlines to collect the data on May 15. But the deadline for airlines to start transmitting the data to the agency for screening — and even the deadline for the airlines to start collecting the names — are far from set in concrete.
The airlines have staggered dates for compliance, depending on each carrier’s technological capabilities and on what arrangements it has worked out with the TSA. That applies not only to the initial name collection in May but also for the Aug. 15 deadline to begin collecting birthday and gender information and transmitting all of that data to the TSA for screening and verification, agency and airline officials said.
For example, while Allegiant said it began collecting the name information in February, Southwest said last week that it had yet to start.
What the TSA and airlines are doing now essentially amounts to a dry run to find out what bugs need to be ironed out for the airlines and its distribution channels before the agency begins enforcing the data collecting and screening.
"It’s my understanding that the completion of the project will be final for all channels by end of October-beginning of November 2010," said Jim Martin, the North America product market manager for Amadeus. Martin coordinated the company’s efforts to meet the new security requirements for its GDS clients.
That time frame is when it appears likely that the TSA will require the same data collection and transmission for international airlines, as well. The agency still will want the data no less than 72 hours prior to a flight so it can match it against a list of those people who are prohibited from flying because of security concerns.
Data about passengers who make reservations within 72 hours of a flight will have to be transmitted immediately after the reservation is made.
"I don’t think the TSA realized how many distribution channels the airlines have," Martin said. "This was a bigger project from the outset than the TSA realized."
The good and bad about flexibility
The agency has taken knocks for having such rubber deadlines. In a report released last week, the U.S. Government Accountability Office said the TSA "schedule was more characteristic of a target deliverable plan than the work involved. … Moreover, likely program completion dates were not being driven by the schedule logic, but instead were being imposed by the program office in the form of target dates."
On the other hand, the flexible deadlines are good news for carriers, other ticket distributors, corporate travel managers and general passengers. For the moment, and probably through the rest of this year and into 2010, name variations on travel documents are unlikely to keep travelers from getting boarding passes or being held up for further screening, say airline and agency officials.
"What we want now is for people to be aware of this," said TSA spokeswoman Ann Davis. "We want them to start looking at their travel documents, to become familiar with how their name appears on their driving license or passport."
Air Transport Association spokesman David Castelveter said, "One of the reasons the TSA is phasing in the program is that all carriers are not ready. The TSA recognizes that, and we’re thankful."
For now, he said, "Customers should not experience anything different if there are any differences in their names" on various travel documents.
The airlines and TSA have started to work with travel agents, online travel agencies and other ticket distributors to make sure the process of collecting names, birth dates and gender information runs smoothly and effectively throughout the rest of the year and into 2010 as the TSA starts enforcing the collection and transmission of that information.
Paul Ruden, ASTA’s senior vice president for legal and industry affairs, said the TSA has embarked on a public awareness campaign to help airlines, travel agents and travelers make sure they comply with the new security measures. ASTA and the Interactive Travel Services Association are among several industry groups that have been engaged in an ongoing dialogue with the TSA about implementing the rule. (ITSA represents GDSs, online travel companies and other travel technology firms.)
The big holdup in developing proper GDS programming and formats to accommodate the new TSA rules was reaching a consensus on standardized data collection, storage and transmission, Martin said.
Reservation information from GDSs or other third-party distributors will not be sent directly to the TSA, he said, because the only allowable transmission link for the data is a secure network line between the airlines and the TSA.
Nevertheless, the GDSs and other distributors want to ensure that they’ll be able to transmit the data to the airlines in a standard format, rather than having each airline establish and impose its own format.
Executives of online travel agencies say they’ve been collecting some of the data for a while but have heard little back from the airlines about how they want the data transmitted.
In January, Martin said, the IATA Reservations Working Group ironed out the standardization issues, and on April 29 Amadeus rolled out a product designed to help bring its clients into compliance.
But each of the GDSs and other channels will have to revamp its website displays to collect the information, and those that don’t already collect the data will be doing that through the rest of this year.
During this dry-run period, ASTA and the TSA are working with travel agents to make sure they know what information they must collect and how to go about inputting it. ASTA has an online toolkit and interpretation guide that it developed for members from TSA material. Ruden said the GDSs have spelled out for agents how to manage inputs using their new formats.
ASTA sent a message on May 7 to members warning them to make sure that the name they input in the Passenger Name Record matches the name on the identification the traveler plans to use at the airport.
"Initially, TSA has built some flexibility in to the system," the message said. "TSA has stated that ‘small differences between the passenger’s ID and the passenger’s reservation information, such as the use of a middle initial instead of a full middle name or no middle name/initial at all, or prefixes and suffixes, should not cause a problem for the passenger in the near term.’"