Secure Flight Roils Booking Tech

Global distribution systems and travel agencies are racing to meet newly established U.S. Transportation Security Administration requirements for airlines to begin requesting passengers' full names beginning May 15, and date of birth and gender on Aug. 15, as part of Secure Flight, the passenger-prescreening program that has been rife with delays and shifting compliance dates.

TSA is working with carriers "to phase in the implementation of Secure Flight with the plan that all domestic aircraft operators comply by March 30, 2010, and all international aircraft operators by the end of 2010," it said in a statement. TSA said it expects agencies "to request and collect the necessary data in a timeframe that corresponds with the aircraft operator's timeframe."

To facilitate the implementation of Secure Flight's new data requirements for the travel industry, officials from the International Air Transport Association and Department of Homeland Security this year decided to use passenger data fields already used to transmit visa and passport information. TSA noted those IATA standards go into effect May 1.

American Society of Travel Agents vice president of industry and consumer affairs John Pittman said TSA's rules "place the burden on collecting and distributing Secure Flight data on the airlines rather than directly on travel agents. The only way for the airlines to comply with the rule is to pass the burden on to travel agents."

Pittman said the GDSs intend to expand fields "originally designed to collect passport data," though work still is being done "by one or more of the GDSs so that the field will accept non-passport data for Secure Flight."

Amadeus North America product market manager Jim Martin said, "The schedule for implementation we were originally told was May 1, so all the GDSs were scrambling. The main issue we had at the outset was the airlines must decide in what manner or what form they want to receive the data from the GDS and the travel agency. That took the longest to get done."

Amadeus said it expects to implement the capabilities to capture the new data fields on May 1, setting foundations for agencies and others to alter their own systems to begin collecting Secure Flight data.

"Agency customers want to begin updating the data as soon as possible," Martin said. "They have to update passenger name records and client profiles, and many of them not only use our system but third-party applications as well. It's up to us to communicate how we intend to process the data, so those third parties can also code their applications to support this."

Sabre said it "will enable travel agents to store and transmit required Secure Flight data to the airlines, following IATA standards."

Meanwhile, agencies are at various stages of altering systems and procedures to accommodate the implementation of Secure Flight. Carlson Wagonlit Travel said it soon will enable its systems to collect the data through all agent-assisted or self- booked points of sale.

"Now we're being led by the GDSs and their readiness and also some of the airlines," said Carlson Wagonlit Travel North America product manager for CWT Horizon Christine Grabowski. "The Horizon tool is ready and we're launching it on April 25. We had to go back in and build shut-off switches, one for each GDS," she said, "so we're going to take it live and shut it off until the GDSs are ready to capture that information."

In addition to enabling pop-up reminders to collect the data at the point of sale, CWT also said it is incorporating those data elements into traveler profiles to prepopulate into bookings, Grabowski said.

Some of those data points already are included in certain profiles, particularly those with passport information, said BCD Travel senior vice president of global supplier relations Rose Stratford. BCD set up a "cross-functional team to understand from an operational, client-side and supplier perspective how to manage this," she said.

American Express said it is "still working with airline partners and the GDSs, since airlines are ultimately responsible for delivering this to TSA." The TMC said it has "scoped out some of the technology updates," but full implementation requires further guidance.

TSA late last month said it already assumed watchlist-matching responsibilities from four undisclosed commercial carriers and would take on more airlines "in the coming months." The government requests that carriers submit those expanded data fields to more accurately match passenger information against the government's "no-fly" and "selectee" databases.

Once fully in effect, airlines must transmit the new passenger data elements to the government 72 hours prior to departure, or if booked within that 72-hour window, immediately. In addition to date of birth, full name and gender, Secure Flight allows passengers to input a redress number for those travelers who have been cleared through the DHS Trip program after a false government watchlist match.

TSA characterizes Secure Flight's new data collection as "voluntary," but agencies warned that passengers who do not submit the new data could be subject to secondary screening.

The voluntary nature of the request complicates data collection, Grabowski said. "We can ask for this information, but because of privacy we can't necessarily require it. We have added all these fields into our profiles and Horizon to ensure we are capturing this information and passing it along accordingly—if the traveler wants it passed along."