Online transactions represent a large majority of all Airline ticket purchases. This article discloses how Airlines are dealing with cybercriminals and how cooperation with other Travel Merchants, Banks and Law Enforcement is fundamental
The battle Against Credit Card Fraud: Cooperation between Airlines and Law Enforcement is Key to Success
1. On the
World’s
Stage:
leaders have
their exits and
their entrances
ALSO:
CREDIT CARD FRAUD
CHECKPOINT NOT CHOKEPOINT
SCREENING THE NON-PASSENGER
CREATING SECURITY CULTURE
ARMLET AIR MARSHAL PROJECT
THE GLOBAL JOURNAL OF AIRPORT & AIRLINE SECURITY
www.asi-mag.com
2017
BUYERS
GUIDE
23 20
UNRULY
PASSENGER
DATA
SHARING
DECEMBER 2016 VOLUME 22 ISSUE 6
ACCESS CONTROL SYSTEMS
(EXCLUDING FENCES AND GATES)
ARINC (Rockwell Collins)
Astrophysics Inc.
Boon Edam
CEM Systems Ltd
Gallagher
NEC Corporation
Nuctech Company Limited
Rockwell Collins (ARINC)
Teknik
Ultra ID
AIRCRAFT PROTECTION
TECHNOLOGIES
DSA Detection LLC
S2 Threat Detection Technologies
Teknik
BAGGAGE HANDLING
AND RECONCILIATION
ARINC (Rockwell Collins)
Astrophysics Inc.
Integrated Defense & Security
Solutions (IDSS)
MacDonald Humfrey (Automation) Ltd.
Rockwell Collins (ARINC)
Teknik
Vanderlande Industries Santpedor, S.L.U.
BEHAVIOURAL ANALYSIS SOLUTIONS
Basis Technology
Green Light Ltd.
IOMNISCIENT PTY LTD
BIOMETRIC SOLUTIONS
ARINC (Rockwell Collins)
Cognitec Systems
Crossmatch
Herta Security
Human Recognition Systems Ltd.
MacDonald Humfrey (Automation) Ltd.
Rockwell Collins (ARINC)
SMi Group
Vision-Box
BLAST CONTAINMENT
CS3 Safety & Security
BODY SCANNING TECHNOLOGIES
(MILLIMETRE WAVE & X-RAY)
ADANI
Kötter Aviation Security GmbH & Co. KG
Nuctech Company Limited
OD Security
Rohde & Schwarz
Tek84 Engineering Group LLC
Wavecamm
www.asi-mag.com
2017
BUYERS
GUIDE
PRODUCTS&SERVICES
2. LEADEDITORIAL
December 2016 Aviationsecurityinternational2 VISIT WWW.ASI-MAG.COM – NEW & IMPROVED
T
here is always news, and much of it is depressing. We have
been saddened this year with the passing of sporting
legends such as Muhammad Ali, Arnold Palmer and Johan
Cruyff, as well as musical icons David Bowie, Prince and Leonard
Cohen. Political leaders who were the newsmakers of the 20th
Century have also made their exit – King Rama IX of Thailand
(Bhumibol Adulyadej), Elie Wiesel, and, so much part of aviation
security history, both Shimon Peres and Fidel Castro.
It has been a year of new challenges, some of which, such as
the outbreak of the Zika virus in January, we, as individuals can
do little about. However, 2016 has also been a momentous year
from a geopolitical perspective and many are asking whether
the lessons learned from World War II have, perhaps, been
forgotten? Or, and arguably worse, intentionally disregarded?
We seem to have become immune to human suffering and
intent on going down a xenophobic, self-protectionist route. So
much for multi-culturalism.
The human tragedy in Aleppo that is unfolding as I write makes
for graphic television imagery, yet how many of us are actually
doing something about it? We, as a society, respond similarly to the
plight of the refugees risking their lives to cross the Mediterranean
to European shores. Anybody who has visited Yad Vashem in
Jerusalem, the Kigali Genocide Memorial in Rwanda, the Tuol
Sleng Genocide Museum in Cambodia or Holocaust memorials and
exhibits around the globe will have exited them with that feeling of
frustration that people knew but did nothing, or even self-disgust
that they were personally aware of the plight of people on distant
shores, but failed to act. Out of sight, out of mind. And it is against
that backdrop that we are seeing a surge in right-wing activism. We
don’t really want to see…
Many commentators have recognised the groundswell of
angst in Western society, yet few acknowledged its scale until
the anti-immigrant rhetoric of UKIP (the
United Kingdom Independence Party)
managed to win over more than
50% of the British electorate
who actually voted and set
the country on course for
Brexit. The immediate rise
in racial, anti-Semitic and
homophobic incidents
in the aftermath of the
decision to ‘Leave’ was
sickening.
Less than half a year later,
an even greater seismic result
emerged in the United States
with the election of Donald
Trump and Indiana Governor
Mike Pence as its 45th president
and 58th vice president. As Trump
vows to ‘make America great again’, the rest of the free world
has looked on in abject horror at the thought of a seemingly
misogynistic racist as its de-facto unelected leader. I am sure
that there are a few readers who might have voted Republican,
and I respect your exercising your democratic right to do so,
but I have yet to meet a single European who is anything other
than disgusted that Trump – a man who can even make jokes at
a political rally about people with physical disabilities – will be
entering the White House. “Great again”: in whose eyes? Whilst
I admit I am not optimistic, one hopes the reality of his taking on
the awesome responsibility of being Commander-in-Chief may
make the, as one commentator put it "imperfect candidate with
a near-perfect message” temper the rhetoric and build bridges
between nations and communities.
Eleven days after the US election, a meeting was held by
the alt-right movement in Washington DC, in which its leader,
Robert B. Spencer, spoke in a style one could only equate with
Hitler at a Nazi rally. He ended with the words, “Hail Trump! Hail
our people! Hail victory!”, but it might as well have been ‘Sieg
Heil’. I urge you to watch a clip of excerpts of the meeting at
www.youtube.com/watch?v=1o6-bi3jlxk posted by The Atlantic.
Can we really continue to justify such freedom of speech?
The political landscape in Europe is indicative of a surge
in right-wing activism. In Germany, the AfD (Alternative für
Deutschland) emerged, only three years ago, on an anti-
Euro platform and morphed into an anti-immigrant party;
more specifically, anti-Islamic with a proposal for banning the
construction of mosques on German soil. Its leader, Frauke
Petry, has even spoken of turning guns on people who try to
enter Germany illegally. In France, the National Front, led by
Marine Le Pen, is now a mainstream political party and many
think that her chances in next year’s presidential elections are
quite ‘good’. Le Pen has celebrated the success of both the
Brexit and Trump election campaigns and is urging French
voters to reject the EU and use the ballot box to vote to restrict
immigration. General elections in both France and Germany in
2017 will be further barometers of the political winds of change.
Italy is also on course for a referendum of membership of
the European Union, whilst in The Netherlands, the Party of
Freedom is advocating the closure of Muslim schools and even
the recording of the ethnicity of Dutch citizens. In Greece,
Golden Dawn has, like the National Front in France, become
a major player in the Greek parliament and, despite being
branded by many as neo-Nazi and having many of its leaders
arrested and charged with criminal activity, they continue to
be gaining widespread support, exacerbated by the country’s
geographical location putting it on the frontline for handling
trans-Mediterranean migrants.
by Philip Baum
ALT-RIGHT:
OUTRIGHT WRONG
“…as society polarises, the threat
is exacerbated…”
3. LEADEDITORIAL
December 2016 Aviationsecurityinternational 3EUR +44 (0)20 3892 3050 USA +1 920 214 0140
In Austria, the Freedom Party’s Norbert Hoffer has just
missed out on being elected the country’s President; in
Sweden, the Sweden Democrats are plotting a course for
exiting the EU; and the same is true in Slovakia where the
People’s Party-Our Slovakia is also gaining ground with its
anti-immigrant rhetoric. And worst of all, in Hungary, the
Jobbik party – voted for by 1 in 5 of the electorate at the
last elections – is now the third largest Hungarian party and
is promulgating an anti-immigration, anti-EU, anti-Semitic,
homophobic set of policies, whilst inciting venomous populist
uprisings through its agenda of public protests and church-
based speaking engagements.
One might argue that European politics have little to do
with aviation security. I beg to differ. The long-desired clash of
civilisations sought by many Islamic extremists is fast becoming a
reality. As society polarises, the threat is exacerbated. As the West
becomes less tolerant, minorities will be further excluded from
society; the more they are marginalised, the greater the frustration
for this generation and the increased disillusionment for the next.
And that will play out in our airports and on board our aircraft.
Most supporters of the current mainstream political parties
in Europe and Republicans and Democrats in the United States
recognise that we cannot ignore the Islamic fundamentalist
threat, potentially one intensified by returning fighters as Islamic
State is being pushed back militarily. Yet to demonise an entire
section of our society is a lesson which we should have learned
is inherently, morally and practically wrong. Our greatest
challenge, going into 2017, is to work out how we can better
integrate with one another – especially within our own industry
where we can have a positive impact.
2016 was a taxing year for aviation: the attacks in Brussels
and Istanbul, the bombing of Daallo Airlines out of Mogadishu,
the loss of EgyptAir flight 804 (whatever the cause) and, most
recently, the tragic crash of the LaMia flight en route from Bolivia
to Colombia will all last long in our memories.
2017 will also be a challenge for us within the industry, but
more so for our elected leaders who have the unenviable
responsibility to protect the values previous generations have
fought for. As Angela Merkel so eloquently put it after Trump’s
election, “Germany and America are connected by values of
democracy, freedom and respect for the law and the dignity of
man, independent of origin, skin colour, religion, gender, sexual
orientation or political views.” Hear, hear!
In that vein, I bid all our readers a healthy, happy, prosperous,
safe and secure new year.
You may well disagree with the views expressed in this Lead Editorial.
We welcome your feedback and urge you to write to the Editor at
editor@avsec.com expressing your opinion. We are happy to include
such correspondence in our February 2017 issue.
“…values of democracy, freedom and
respect for the law and the dignity
of man, independent of origin,
skin colour, religion, gender, sexual
orientation or political views…”
4. December 2016 Aviationsecurityinternational 31EUR +44 (0)20 3892 3050 USA +1 920 214 0140
A
ccording to surveys done by
Cybersource, the annual damage
forallairlinescombinedis1.4billion
dollars. It is also estimated that between
1% and 2% of all booking attempts on an
airline website are fraudulent. Therefore,
it is fair to say that the airline industry
has faced an unexpected battering from
card fraudsters and has had to reorganise
rapidly to face this unforeseen threat.
In retrospect, there have been certain
key developments that, collectively, have
led to a turnaround in the industry and a
reduction in opportunities for the potential
fraudster. Airlines are now in greater
control of their payment operations, which
has resulted in a considerable reduction
in credit card fraud. The most important
development has been the ability of fraud
analysts to exchange information through
meetings and secure online forums. This
information includes structured personal
data such as names and e-mails that need
to be validated against a database, as well
as guidelines and best practices that are
shared informally.
Some of the meetings and online
forums are for members only, while
others are open to verified fraud analysts
and professionals from any accredited
organisation. A well-known open forum
in the industry is FraudChasers, which
facilitates a platform for fraud analysts to
chat, share information and to have one
place to post information about upcoming
meetings. For an individual who may be
the only fraud-fighter in their organisation
these forums are like a life-support
machine.
Additionally, on a strategic level, the
travel sector has created an industry-wide
body where executives can meet and
coordinate actions, both regionally and
globally. There is a regular programme of
working groups that takes place at venues
across Europe, Asia-Pacific, North America
and beyond. Key to the success of both
personal and corporate collaboration is
that people from different organisations
continue to meet regularly face-to-face.
Connections of trust, once formed, can
last a long time online, but occasional
meetings in person reinforce and develop
that trust.
The next step in industry-wide
collaboration is sharing data. When the
working group is small, this can be done
via e-mail, but once groups start to grow,
automation is essential. The need arose for
groups to establish steering committees
to choose a neutral technology supplier
who develops the various online forums
and databases. One of the requirements
was that the data-sharing technology itself
had to be cloud-based and highly secure.
Hence, it has to enable businesses to
submit and share suspected fraud data
legally, while always retaining ownership
of the data. Through this, a merchant can
remain completely in control of its data,
even after it has shared it.
The need for this capability led to
the development of Perseuss, a secure
community platform where merchants
can legally share information about
encountered fraud cases. It allows
merchants, such as airlines, to verify their
own sales data to identify any suspicious
transactions. This data sharing platform
The Battle Against
Credit Card Fraud:
cooperation between airlines and law
enforcement is key to success
The use of online payments
in trade has grown
immensely in the last
couple of years. We are
now at a point where online
transactions represent the
majority of all airline ticket
purchases, resulting in a
large amount of personal
and financial information,
particularly card data, being
stored on the internet.
Cybercriminals break into
databases, download credit
card information and then
sell this information on the
dark web, a collection of
websites that are publicly
visible but hide the server
or IP details that run them.
Fraudsters then use this
stolen card data to buy
airline tickets, causing huge
damages for travel service
providers. Shalini Levens
proffers a solution.
5. December 2016 Aviationsecurityinternational32 VISIT WWW.ASI-MAG.COM – NEW & IMPROVED
including analysis, reporting, scoring and
e-mail age verification. The database
is enriched and developed with a high
degree of participation and input from
working fraud analysts so the screens and
layouts blend naturally into the operational
workflow. This increases efficiency and
improves decision-making.
Merchants who provide travel services
rely on a vast network of partners to make
the payment process proficient. Among
these partners are payment service
providers, software suppliers, banks,
card schemes, industry associations, legal
entities, national police forces, as well as
international law enforcement agencies.
The travel industry had the foresight long
ago to involve all of these bodies in the
global war against card fraud.
Co-operation between travel companies
and law enforcement agencies in the
international battle against fraud has been
very fruitful during 2016. Through this
partnership, a plan is being developed to
organise ‘Days of Action’ against credit card
fraudsters, which will increase in frequency
until they become an everyday norm.
What makes airline-related fraud even
more difficult to tackle is that it is often not
a crime carried out in a single jurisdiction.
One transaction can involve several
countries, all with different police forces,
legal priorities and rules of evidence. For
example, a ticket can be bought for a
British passenger with a US credit card
using a Brazilian IP address for a flight from
Cyprus to London on an Egyptian airline.
In addition to this complexity, there are
other reasons why law enforcement cannot
effectively confront credit card fraudsters.
These include the lack of contact points,
the difficulty of compiling evidence, the
absence of complaints from the private
sector and the fact that the passengers
involved are usually innocent victims.
In 2013, a fundamental partnership
began to unfold. Law enforcement
agencies at national level knew that card
fraudsters were often involved in other,
even more serious crimes, such as human
trafficking, drug trafficking and terrorism -
but they needed partners who could help
them gather evidence.
Given the international nature of these
crimes, Europol - the EU law enforcement
agency - launched a working group to
look for collaborations between distinctive
players and ways to bring both the public
and private sector interests together. The
activities and behaviour of fraudsters were
studied until fraud patterns emerged and
could be documented. Fraud-reporting
processes were standardised to ensure
information was being shared legally. As
a result, a network of trust was created
between all involved partners committed
to fight against this kind of crime. In
this initiative, airlines, law enforcement
agencies, the wider fraud prevention
community, card schemes and different
industry associations played an important
role. All of these groups were supported
by Perseuss, the travel industry’s largest
shared negative database.
In 2013, the first coordinated ‘Day of
Action' was held against card fraudsters. A
command post at Europol’s headquarters
in The Hague was jointly staffed by law
USAGE OF PERSEUSS
How Perseuss members use the system in everyday operations
Merchants upload fraudulent bookings data
“…in October 2016, a Day of
Action was launched by the
law enforcement community
and travel industry…”
6. December 2016 Aviationsecurityinternational 33EUR +44 (0)20 3892 3050 USA +1 920 214 0140
enforcement and the travel and card
scheme communities. Information on live
card fraud occurrences was circulated to
national police forces at airports around
Europe. More than 100 fraudsters were
arrested during this operation. Continuing
investigations further discovered that
a high percentage of these fraudsters
were involved in other crimes including
trafficking of people, drugs smuggling
and illegal immigration. Thus, in many
cases the secondary crimes were far more
serious than the primary card fraud.
The negative database was then
enhanced by Perseuss in order to provide
users with an easy-to-use fraud reporting
mechanism. This tool could be used by
all parties involved in a Day of Action to
enlarge their knowledge. The Day of Action
Tool brought together merchants, card
schemes, airport police and the operations
command post into a single team. It was a
trusted system that removed the need for
faxes or other time-wasting communication.
In October 2016, a Day of Action
was launched by the law enforcement
community and travel industry. As ever,
it targeted card fraudsters and the
international criminal societies who profit
from stolen card data. However, the
action became more global than ever
and as result Global Airport Action Days
were launched over five sequential days.
Coordination centres were set up not only
at Europol (The Hague), but jointly with
other international police organisations
such as INTERPOL (Singapore), Ameripol
(Bogota) and participating countries
(Pittsburgh in US and Ottawa in Canada).
Europol’s European Centre (EC3)
positioned officers at the most critical
airports in Europe to provide quick access
to Europol’s databases as well as maintain
communication with coordination centres
in other regions of the world to exchange
information. This operation affected 189
airports in 43 countries across the world
and involved 75 airlines and 8 online
travel agencies. During the operation,
350 suspicious transactions were reported
and 193 people were detained, denied
boarding and criminally charged. The
Day of Action Tool was used successfully
on every continent sending shockwaves
throughout the dark web. "The feds only
need one slip up to grab you”, wrote one
source, demonstrating that the process is
clearly working.
Investigators are now looking into areas
where fraudsters may have connections
with major crime including terrorism.
Credit card fraud, considered just a few
years ago to be a non-violent offence, is
now associated with some of the most
serious threats against humanity.
The most recent 'Day of Action' initiative
against fraud has not ended. In fact, law
enforcement agencies are now tackling this
international occurrence on a daily basis in
close cooperation with the travel industry.
Shalini Levens is a business
development executive at
Perseuss, the global travel
industry's own solution to
the battle against fraud. Its
flagship offering is an online
shared negative database, recently updated
to include email age verification and artificial
intelligence. It also operates FraudChasers,
an online forum for anti-fraud professionals.
Perseuss plays a major role in cross-border
police Action Days to apprehend fraudsters.
SECURITY
&COUNTER
TERROR EXPO
PROTECT ı PREVENT ı PREPARE
3-4 MAY 2017 OLYMPIA LONDON
Supported by
The leading event for professionals shaping the
future of international security
Book your exhibition space now for the following benefits:
• Pre-book meetings with 100s of senior VIPs
• Get involved in shaping show content and new visitor attractions
• Take part in exclusive pre-event networking opportunities
• Become part of a global marketing campaign covering 100+ countries
WWW.SCTX.CO.UK/ASI
Organised bySponsored by
www.sctx.co.uk/linkedin
@CT_EXPO
Contact us today to book your stand
T: +44 (0) 20 7384 7894
E: sophie.mckimm@clarionevents.com
J331965_SCTX_ASI Advert_178x121_2017_v1.indd 1 30/09/2016 16:44
“…a ticket can be bought for a
British passenger with a US
credit card using a Brazilian
IP address for a flight from
Cyprus to London on an
Egyptian airline…”