It was nearly a decade ago that Apple launched Passbook as part of iOS 6. That opened the door to a mobile phone storing digital boarding passes, loyalty program cards, and more. Now the company wants to take an even deeper role in the travel experience: Apple wants the iPhone to be your ID as part of iOS 15.
As part of the latest updates to the iOS and Apple Wallet ecosystem, Apple will allow users to store an ID card on their device. And, more importantly, the company indicated that authorities such as the TSA will (hopefully) soon accept the digital version as valid for clearing an airport security checkpoint.
At many locations the TSA no longer requires passengers to present a boarding pass. This is facilitated by scanning an ID and validating the traveler details against flight departure manifests in real time. With the new Apple Wallet ID integration passengers could go back to scanning their phone screen at the checkpoint instead of an ID card, and still presenting the same information to the TSA.
The detail are already encoded in the barcode on a driver’s license, typically using the American Association of Motor Vehicles Administrators (AAMVA) schema. Getting that same data on to device and then securely to the TSA is both trivial and very complicated.
Security signature challenges
Reading the data from a license is easy. Apple can scan the ID or the barcode on the back (and, ideally both) to generate a verified ID token to store in the iPhone’s internal vault, just like credit card data.
Participation is limited to only select states, suggesting that the details will be further verified with the issuing authority. This is an important step, as forging the data in the barcode would be trivial, if not also illegal.
Beyond the barcode
Moreover, the demo video suggests that the TSA will read the ID data in via NFC rather than a barcode. This makes for a more secure and harder to spoof solution. And that’s a problem the TSA is very familiar with.
Passenger eligibility for TSA PreCheck is managed via a yes/no option encoded into a boarding pass. Back in October 2012 the TSA learned the hard way that generating a boarding pass bar code that included the PreCheck bit, even if a passenger was not eligible, was a trivial – if illegal – task.
The agency eventually recovered from that by requiring the boarding pass barcode to include a digital signature from the airline. Altering the passenger data without updating the signature would return an error at the checkpoint scanner.
Using NFC to present the ID to the TSA helps defeat the low-hanging fruit options for spoofing the data. Presumably the TSA will require the ID details to be signed as well to further ensure the security.
Less clear is if the existing TSA ID scanning hardware has an NFC reader already available or if new hardware will be required.
A favor to ask while you're here...
Did you enjoy the content? Or learn something useful? Or generally just think this is the type of story you'd like to see more of? Consider supporting the site through a donation (any amount helps). It helps keep me independent and avoiding the credit card schlock.
Leave a Reply