Malaysia Airlines mistake: stolen passports 'soft underbelly' of air security

The two men who boarded Malaysia Airlines Flight 370 with stolen passports revealed 'a major hole in airport security internationally,' experts say.

This combination of images shows Iranians identified by Interpol as Pouria Nour Mohammad Mehrdad and Seyed Mohammad Reza Delavar, who boarded the now-missing Malaysia Airlines Flight 370 with stolen passports.

The two men who boarded Malaysia Airlines Flight 370 with stolen passports have highlighted a post-9/11 security weakness that has a relatively simple, though potentially costly, solution.

It is not known if Pouria Nour Mohammad Mehrdad or Seyed Mohammed Reza Delavar played a role in the disappearance of the plane, the fate of which remains a mystery. But it is becoming clear that some of the measures intended to tighten security of airports are not universal, and that risk can fluctuate by airline and airport.

Had the two Iranian men flown on an American or British airline – or from and American or British airport – the chances of them being caught would likely have increased significantly. Airline authorities in those two nations searched Interpol’s Stolen and Lost Travel Documents (SLTD) database more than 238 million and 140 million times, respectively, last year – more than any other countries.

In fact, fewer than 20 of Interpol’s 190 member countries used the database at all last year, authorities say. Many countries are reluctant to invest in the technology and professional training needed to implement the heightened security, says Amos Guiora, a law professor at the University of Utah who studies security issues.

The result is that “passports are the soft underbelly of the airline industry,” he says. “The system needs to reboot itself.”

Mr. Mehrdad and Mr. Delavar traveled from Tehran to Kuala Lumpur, Malaysia, using legitimate passports, Interpol says. But there, they booked tickets to travel to Beijing and from Beijing to Amsterdam and later to Germany. Authorities say the passports they used for those bookings were stolen in Thailand from an Italian and Austrian.

Both passports had been reported to the SLTD database and therefore would have shown up if a search had been made.

Countries’ reluctance to rely more fully on SLTD data means what happened on Flight 370 is a common occurrence. About 4 of every 10 international passengers are not screened using the SLTD database, Interpol says. The screening identifies people identified as war criminals, terrorists, and murderers, as well as listening stolen passports. There are currently more than 40 million entries, and these have resulted in more than 60,000 successful hits.

“Undeniably, this story represents a major hole in airport security internationally. There are airports in countries all around the world that do not bother to check readily available databases to see if the passports are being used by their actual owners,” says Thomas Mockaitis, a counterterrorism expert at DePaul University in Chicago. “Criminals are very good at finding gaps in security. Like a mouse getting into your house, it only takes a small hole.”

This lack of vigilance makes “stolen passports worth a fortune on the black market” in lax regions, adds Professor Guiora.

The vulnerabilities laid bare by Flight 370 suggest a need to reach out to airline authorities, some say.

“This should be a worry for us all,” said Interpol Secretary General Ronald Noble in a statement released Tuesday. “If countries are not carrying out full screening of international passengers against Interpol’s databases, then we must look to work with private industry in addressing this security gap.”

But wider use of the SLTD database is not a cure-all, experts say. Beyond better screening techniques, airline authorities need to rescreen passports whenever travelers board a connecting flight, as Mehrdad and Delavar were planning to do in Beijing.

“Each airport needs to consider itself as the initial point of departure,” says Guiora. “It strikes me that relying on another airport to do the right screening probably doesn’t really work.”

Passports themselves can also include various features that make them more difficult to manipulate. Passports issued in the US and in Europe, in particular, are encoded with watermarks, chips, and photo scans (as opposed to photos that can be removed and put on another document).

Meanwhile, passports issued in many countries are “easier to steal and use to make a fraudulent one,” says Sylvia Pacher, a forensics security expert at Corvinus Consulting Group near Washington. “If you have the kind of passport without a chip, it makes it much easier to manipulate.”

Many security experts say relying on passport validity as a security measure is inherently limited. If the passport is not reported stolen and the person’s appearance resembles that of the person in the photo, the passport will not show up in a database and security becomes dependent on the scrutiny of the individual screener.

One option is biometric technology, which can be embedded in a passport and includes face recognition and a fingerprint. Such technology is the only surefire method airports can use to ensure accurate identification, says Shahar Belkin, the chief technology officer of FST21, a biometric security company in Israel.

“If you are able to identify a person based on their face, fingerprint, body size, and voice, then you are in a much better position identifying the cardholder.”

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to