Airline screening programs: can terrorists outwit computers?

A secret computer program detected something suspicious about the middle-aged passenger heading to Eugene, Ore.

He traveled often, usually taking one-way flights on short notice. In the months following the Sept. 11 attacks, every time he tried to board a flight in Portland, he was pulled out of line and searched as a possible terrorist threat.

The passenger was Peter A. DeFazio — congressman from Oregon, former Air Force officer and ranking Democrat on the House subcommittee overseeing airline security.

“My constituents found it very amusing,” DeFazio said.

It soon became less humorous when he learned he could stop triggering the security checks by simply joining a frequent flier program, a trick that in the computer’s mind transformed him from a suspect into a trusted customer.

“A terrorist can’t figure that out?” DeFazio asked.

Since the Sept. 11 attacks, creating an effective system to screen out both known terrorists and would-be hijackers — plotters with spotless records but nefarious intent — from millions of airline passengers has become a top priority in the war against terrorism.

But as DeFazio’s experience showed, even the most elaborate current computer systems stumble when trying to decipher human motivations, and, like any security scheme, have been perpetually vulnerable to being gamed.

In the face of such challenges, the federal government has embarked on a costly program to create a second-generation profiling system designed to verify the identity of every passenger and analyze their lives through a “black box” of government intelligence and law enforcement databases. Though details of the system are secret, security experts believe that more than 100 factors will be used to sniff out terrorists based on telephone records, travel patterns, law enforcement files and other sources.

The system will turn the new federal Transportation Security Administration into one of the most intrusive government agencies, perhaps second only to the Internal Revenue Service — investigating about 70 million passengers who take 675 million trips by air annually.

And possibly, all for an illusion of security.

“The U.S. is so much oriented toward a technology (solution) that the people are serving the technology,” said Offer Einav, former director of security for Israel’s national airline, El Al, widely considered the world’s most secure carrier. Like other aviation security experts, he views computer profiling as beneficial only if paired with seasoned security officials who exercise common sense and conduct their own psychological assessments of passengers — not part of the U.S. program.

“They are dealing with enemies who are human beings. Human beings will always beat the technology,” Einav said.

No computer-based system has ever verifiably thwarted a hijacking or bombing, according to federal and private security experts. But given the enormousness of the task, the airline industry’s current system — the Computer Assisted Passenger Pre-Screening system, or CAPPS — has occasionally shown flashes of brilliance.

Its greatest success may have been on Sept. 11, 2001. In the 24 hours leading up to the hijackings, CAPPS would have checked more than 1.8 million passengers. It actually flagged six of the 19 terrorists later involved in the hijackings, according to the national commission on the Sept. 11 attacks. About 92,000 innocent travelers were also singled out.

Unfortunately, only a brief luggage check for explosives and weapons was required. The hijackers — and the then-legal box cutters several were carrying — were all welcomed aboard their flights.

CAPPS was deployed in 1998, following the crash of TWA Flight 800 off Long Island two years earlier. It was part of a package of anti-terrorism measures put in place — including baggage X-rays and bomb-sniffing dogs — even though mechanical failure was later blamed for the crash.

The system largely relies on government watch lists and passenger travel histories. It provides a relatively rudimentary check that the industry designed as a compromise between maintaining efficiency in boarding passengers and finding possible terrorists, said consultant Douglas Laird, former security director for Northwest Airlines, who helped develop CAPPS.

Laird praised CAPPS for targeting nearly a third of the Sept. 11 hijackers. “What failed on 9/11 was the follow-up,” he said.

After the events of Sept. 11 exposed CAPPS’ weaknesses, the airlines and the government tried to compensate by hedging their bets — flagging 15 percent to 20 percent of travelers — an estimated 370,000 per day — for hand luggage searches and extra security checks. That is an increase from 5 percent in 2001, according to the TSA.

But casting such a wide net can overwhelm the system, resulting in long delays at the airport. The government believes the best way to increase security and efficiency is to create a more advanced computer system.

CAPPS II, an upgrade expected to cost more than $105 million, is designed to transform a few simple database searches into an omniscient eye on terrorism. The TSA, which will operate the system, plans to introduce it next year, pending approval from lawmakers.“I don’t think there is a single project that will do more potential good for aviation security,” said Adm. James M. Loy, head of the TSA. CAPPS II will have “an astonishing capability” to trace would-be terrorists, even if they lead apparently unremarkable lives, he added.

In addition to checking travel records, CAPPS II would require each passenger to provide his name, birthdate, home address and phone number when making a reservation. Commercial database companies would check the information against billions of public records and issue an identity rating, handicapping the likelihood that the passenger is lying and judging how “rooted” the person is in a community, rating such factors as local family connections and the amount of time in the same home.

The government would then check the information against national security and law enforcement watch lists of more than 100,000 suspects. It would mine CIA, FBI and other intelligence databases to pluck the rare unknown terrorist from an ocean of innocents with a kind of technological mind-reading.

The government estimates that no more than 4 percent of passengers — about 74,000 people a day — would be rated “unknown risk/yellow light” by CAPPS II and get closer screening, such as shoe checks and physical searches of carry-on items.

An average of only one or two people per day would be rated “high risk/red light” and be barred from flying or even arrested.

Those are the theoretical projections. Reality could be far different.

“Systems that involve wholesale surveillance of innocents tend not to work,” said Bruce Schneier, a leading cryptographer and chief technical officer of Counterpane Internet Security, a cyber-security company. “It’s not feasible to catch the bad guys without also catching too many good guys.”