Known Crewmembers (US)

Wednesday, Oct 9, 2024 | 5 minute read | Updated at Wednesday, Oct 9, 2024

Pepsi

The Known Crewmember (KCM) system is a security screening program implemented in the United States to streamline the process of passing airline crew members through airport security. Launched in 2011, this initiative was developed as a partnership between the Transportation Security Administration (TSA) and the Air Line Pilots Association (ALPA), with support from Airlines for America (A4A). The system allows eligible flight crew members, such as pilots and flight attendants, to pass through expedited security checkpoints, separate from the general public, following identity verification.

The KCM system is designed to enhance the security screening process while providing operational efficiencies in airports. By recognizing trusted airline personnel, the program aims to reduce congestion at security checkpoints and ensure that TSA resources are focused on passengers and crew who require more thorough screening. This document provides an in-depth analysis of the KCM system, covering its key features, security protocols, applications at aerodromes, weaknesses, known security breaches, and the rationale for its implementation.

Purpose

  • Expediting Security Screening for Airline Crews
  • Improving Operational Efficiency
  • Improving the allocation of TSA resources

The KCM system is available at over 80 airports across the United States, and more than 40 airlines currently participate in the program. The system is widely used by major carriers, including American Airlines, Delta, United, and Southwest, as well as many regional airlines.

Implementation

KCM Tag

At participating airports, KCM checkpoints are typically located near standard TSA security lanes but are clearly marked as reserved for crew members. These checkpoints are equipped with KCM kiosks that allow crew members to scan their credentials and pass through security more quickly than the standard passenger screening process.

The process for using the KCM system at an airport is straightforward:

  1. Crew members arrive at the designated KCM checkpoint and present their identification documents.
  2. The KCM kiosk scans the crew member’s airline ID and government-issued ID, cross-referencing the data with the KCM database.
  3. If the crew member’s credentials are valid, they proceed through the checkpoint without undergoing full TSA screening. However, if they are randomly selected for additional screening, they are directed to a separate area for a full security check.
  4. Once cleared, the crew member can proceed to the secure areas of the airport (airside), where they can board their flights or access other restricted zones.

Security Features

One of the foundational security features of the KCM system is a robust identity verification process. When passing through a KCM checkpoint, crew members are required to present two forms of identification:

  • A secure airline ID badge, which is issued by their employer and includes a photograph of the crew member.
  • A government-issued ID, such as a driver’s license or passport.

These identification documents are cross-referenced with the KCM database, which contains information about the airline crew members who are enrolled in the program. The KCM system verifies the crew member’s employment status in real-time, checking to ensure that they are an active, authorized employee of their respective airline.

Although the KCM system offers expedited screening for crew members, it is not a completely bypassed security check. One of the additional layers of security is the implementation of random screening. At unpredictable intervals, crew members passing through KCM checkpoints are selected for full TSA screening, including bag checks and body scans. This random selection ensures that the system cannot be exploited by individuals attempting to evade security protocols.

The KCM system is directly connected to a real-time database that maintains updated information about enrolled crew members. This database is constantly updated by airlines to reflect changes in employment status, such as terminations, leaves of absence, or suspensions. If a crew member is no longer active or authorized, the system will flag their credentials and prevent them from using the KCM checkpoint.

More recent developments in the KCM system include the integration of biometric technologies. In some airports, biometric scanners such as fingerprint or facial recognition systems have been introduced to further enhance identity verification. These biometric features allow for faster processing and reduce the risk of identity fraud.

Key Weaknesses

Human Errors

One of the most significant weaknesses of the KCM system is the potential for human error. TSA officers at KCM checkpoints are responsible for verifying crew members’ identification and ensuring that they are correctly processed through the system. Mistakes in verifying IDs or overlooking discrepancies in the database can lead to unauthorized individuals gaining access to secure areas of the airport.

Insider Threats

Although the KCM system requires individualized identification, there have been instances where crew members have attempted to share their credentials with unauthorized individuals. For example, a crew member might try to take a family member or friend’s luggage through the KCM line to bypass standard TSA screening. While this is against the rules and punishable by revocation of KCM privileges, it remains a potential vulnerability, especially in airports where security personnel may not be thoroughly checking ID documents.

The KCM system assumes that airline crew members are trusted individuals who pose little to no security risk. However, there have been instances where airline employees have been involved in criminal activities, such as smuggling contraband or assisting individuals with unauthorized access to secure areas. The KCM system may allow such insiders to bypass traditional security checks and carry out illicit activities more easily.

Known Security Breaches

Smuggling

In 2019, a security breach involving the KCM system came to light when several airline employees were arrested for smuggling 8 million USD of drug profits through secure areas of JFK International Airport. The crew members used their KCM privileges to bypass standard security checks, allowing them to transport large quantities of illicit funds onto airplanes without detection. This incident highlighted the potential for insider threats within the KCM system and led to increased scrutiny of crew members using the program.

Third Party Provider Breach

In August 2024, Ian Carroll and Sam Curry discovered a method of injecting their personal information into KCM through a third-party provider with an insecure login panel. This method would provide an unauthorised individual access to any KCM airport with no security screening. The TSA and Department of Homeland Security have provided limited information on the mitigations of this attack vector, including publishing inforrect information around the level of risk posed by the attack.

© 2024 Airport (in)Security

Written with ❤️ for COMP6441 by Pepsi. All rights reserved.

Social Links