Veri

Hello, having just filled in an Advanced Passenger Information form for BA to fly between UK and Spain, the info not being taken correctly, my worrying about having to match it exactly to my passport, calling them up, etc. etc., I've tried out of pure curiosity to work out exactly what the API is *for*, especially since I am for the first time travelling as a dual national, which means I have had to make decisions about which travel documents to use that I've never had to make before.

So far, I've determined

1. It seems to be an outgrowth of one of the USA's responses to 9/11 that has been exported worldwide (like ETIAS seems to be a tit-for-tat response to ESTA).
2. It's obligatory, so you have to supply it no matter whether you understand it or not.
3. You're supposed to match exactly what's in your passport, but if you're checking in online then the passport isn't actually checked to make sure it's you nor that you've entered the correct information (obviously "don't be a dick" applies here, but it makes it weird as a security procedure).
4. It doesn't have to match the passport you're using at emigration barriers (for countries that have them) and immigration barriers - which would make sense, since dual nationals flying between both their countries are gonna use separate passports at each end.
5. As far as the airline's job, it it is to collect and submit API to the destination and probably origin countries' immigration authorities around 24h and possibly again 0h before the flight.
6. Those immigration authorities don't need to actively confirm to the carrier that each person on the list is allowed / not allowed to fly, i.e. the information passes one way.
7. It's likely that immigration authorities use the list to check for people who have a warrant for arrest, are suspected of whatever is defined as terrorism today, etc. <-- this is the only thing that I actually have found is the purpose of the whole exercise, but it seems to conflict with 3 (ETA: not 2).
8. It's separate from visa waiver travel authorisations (ESTA, future ETIAS, etc.) which will actually give you a yes/no result in advance as to whether travel is permitted.
9. It's separate from the check at security barriers that bring you into the departure lounge, since they compare your boarding pass with your passport, and the boarding pass is separate from the API.

These days I hardly fly at all, so I'm extremely out of date on the modern dance, but I am curious. What am I missing, if anything, please?

Ari

Quick question for those who have an ESTA: Has anyone ever made a mistake entering their passport info into APIS (like transposing a digit) and still gotten an online boarding pass? What about those with US passports?

Honest questions! I don't know the answers-- I have never tried with my US Passport, and I obviously don't have an ESTA!

kyanar

A lot of these are partially correct, but not entirely. Especially in the case of dual citizens travelling between their two countries of citizenship you'd encounter a very un-fun experience.

For a start, as you recall the gate agent will scan your passport through the reader before letting you on the plane - it will appear with either a green light which you no doubt recognise and an "OK TO BOARD" response, or a red light and "DO NOT BOARD". This is checked - in real time - with the border agency of the country you are travelling to. If you do not have an API record for the plane, this will usually result in "DO NOT BOARD" and the agent must request a "Governmental Override" from the border agency.

Typically for a dual citizen, they in many cases actually present both passports at each end of travel, as they must leave each country on the passport they entered on, and cannot travel on each other's passport to the other country, as they cannot be granted a visa (and therefore will be denied boarding by the API check). Another option is to present the exit immigration control with the opposite passport to the one that is presented to the airline (and included in API). This carries risks where the API is used by the immigration agency to determine your exit (ahem, USA) - there is actually a working group proposing multiple passports in an API record to solve just such a problem.

Incidentally, an ESTA/ETIAS/ETA isn't really a yes/no result as to whether travel is allowed, it's merely permission to approach immigration control and request entry into the country. You can still be denied, and returned to your origin country at your own expense.

TWA884

From the U.S. Customs and Border Protection Fact Sheet (PDF):

Section 107

CBP uses API to identify high-risk passengers and crew members who may pose a risk to border, aviation, or public security; may be a terrorist or suspected terrorist or affiliated with or suspected of being affiliated with terrorists; may be inadmissible; may be a person of interest; may otherwise be engaged in activity in violation of U.S. law; or may be the subject of wants or warrants.

Davvidd

The actual API (Advance Passenger Information) is a UN security council requirement. This is the basis of it.

In its resolution 2178 (2014), the Security Council called upon Member States to require airlines operating in their territories to provide advance passenger information (API) to appropriate national authorities to detect the departure from, attempted travel to, entry into or transit through their territories of FTFs. In resolution 2396 (2017), the Security Council built on resolution 2178 (2014) by creating new international obligations. In addition to reaffirming its requirements on API, the Security Council called on Member States to ‘develop the capability to collect, process and analyze, in furtherance of ICAO standards and recommended practices, passenger name record (PNR) data and to ensure PNR data is used by and shared with all their competent national authorities, with full respect for human rights and fundamental freedoms.’ In addition, enhanced use of lists with known criminals and terrorists is of the highest importance.

This was an issue raised at the first and second ICAO TRIP Conferences in Montreal. They do not seem to take in consideration that there are certainly multi millions of people who have dual passports. I am certainly hoping that they can do this ASAP. It is not a technical issue at the back end but IATA was reluctant at that time because obviously of the cost of transmission of data and it is going to double with two passports and the governments are reluctant to let them charge a high fee on the passengers as obviously there all sorts of taxes on the air traveling public now.
Why all machine readable passports are only now accepted is because of ICAO requirements and why all the same is also the same. ( This is not about your comments Kynar as I am just adding to what you eloquently have said).

kirkbauer

I just filed an APIS from US to the Bahamas and accidentally entered the passport issue date for the passport expiration date for one of my passengers. In other words, I said that their pasport had already expired. I didn't notice until later, so it was approved and I did the flight with no issues. I'm not sure if anybody really looks at it.

Davvidd

The APIS is not filed by the Passenger. The APIS is done by the airline when they scan your passport at check in. That information is sent normally by SITA (owned by airlines and is the IT company for the airlines) to the immigration of the arrival destination. It is all automatic and sometimes the name itself can cause a problem though it is someone else that they are looking for. By the time you land, the immigration already knows who is on that flight. sometimes they may even share that information with other law enforcement agencies.

Veri

Is this one of those things that is *supposed* to happen but might not happen outside the US? Just leaving the UK a few days ago, which has no exit immigration anyway as I understand it, the first time my physical passport was needed was just before entering the plane, and that just involved its being looked at for a few seconds, not waved over any scanner. I was too tired to recall what happened boarding the return plane, though Spain has exit immigration and I certainly had to scan it myself there.

Ooh, I suppose this might be a problem here when the EU's ETIAS and the UK's ETA are introduced...

For this week's travel, I gave my Spanish details to both airlines, and used my Spanish passport for API and to wave at the gate at both ends, as well as for Spanish entrance and exit immigration. The only place I used my British passport was for British (entrance) immigration.

Since as I understand it the British authorities want the API data for flights with origin in the UK as well as destination, I suppose they now have an API exit record somewhere of a Spaniard who they never knew existed in the UK (as I gained my Spanish nationality at the consulate), followed by an API entrance record of that same Spaniard a few days later that can't be matched with an immigration record because I used my British passport at immigration. If their sytem is sufficiently smart then I suppose they'll do a fuzzy partial name match (not exactly the same first names *or* surname since Spain has strict name rules) as place / date of birth / gender all correspond precisely. (When I renew my British passport, I am supposed to declare my foreign passports, but there seems to be no process / obligation to do so beforehand. And Spain doesn't seem to care from a passport issuance PoV what foreign IDs/nationalities/names I have.)

But after ETIAS/ETA, if I were to do the same thing, travelling back to the UK the airline would presumably expect to see my Electronic Travel Authorisation as a non-British person if I present them my Spanish passport, since there was no way to enter another passport's details. So, I'd have to do as you say: present my Spanish passport at exit immigration, but present my British passport to the airline. Maybe Spanish exit immigration isn't as fussy as American exit immigration - I have come to learn that Spain has a very different values when it comes to the benefits of migration than the UK, which itself seems to lockstep with the US - but I don't *know*.

I'm learning!

Davvidd

Currently the API is done by the airlines and using a format that is approved by ICAO. So far it has not completed the new format for dual passports yet. I am sure that they will do it. So I do not think that is technically possible yet for all the airlines yet. It is complicated and some countries operate two systems for the border control for their citizens and one for visitors. But bear in mind the purpose of the API has been to pass the information to the destination and not as a border departure control. But there is a departure passenger manifest that airlines have that can be passed on to the departure immigration if required.

mozilla

Yes and no. The airline files the APIS information with the authority. But some airlines allow passengers to fill in the supplemental data themselves that is required for APIS, often at the time of reservation or as soon as the reservation is ticketed, and up until check in. OLCI may require it before proceeding.

I've received boarding passes for flights to the UK (on BA), and the EU (for destinations that require APIS), and the only time my passport was checked was a cursory check with boarding pass at the gate. I was about to say I had similar experiences traveling to the US, but the airline's app did scan my passport or had it on file.

Note: not every airline allows this, and it may not be allowed for every destination.

Not in the way you experience it in the EU, but similarly to the US, carriers (airlines, boats, Eurostar, Shuttle, etc) need to report to British immigration who is leaving. So an exit record is kept.

It's possible your Spanish passport has been flagged in the UK database for the exit with no matching entry - although the border agency could've stopped you at the gate if they really wanted to investigate - and if you attempted to enter using that passport you may be referred to secondary. APIS wouldn't be denied as there is no proof of actual illegal immigration, it would be up to the border agent to find out what happened.

An APIS entry that can't be matched with an actual presentation is not a concern. The passenger that the APIS record refers to would not be considered immigrated or illegally immigrated.

Davvidd

Are you saying that there is no passport scan at all on some International flights to the UK? The US one with the scan on the app I would understand. I tried to check in a family member who had dual citizenship and the system would not even accept his passport going back because it has expired. As the other OP mentioned I wonder why the passport was not flagged at check in when mistakenly put in the expired passport? I guess in the UK they are a lot more lax in these kinds of issues but it may be that they are more strict with non UK and US citizens than that from other countries?

mozilla

Yes, I have flown internationally to the UK with hand luggage only and the single time my passport was actually scanned was at the British immigration facility in the UK itself. At the gate, my passport was visually checked to see if the name matches the name on the boarding pass, and probably also to check that I have my passport with me, but it was not scanned.

APIS information was requested, BA offers a form for APIS data in "Manage My Booking" as soon as your reservation is ticketed. If you don't fill it in before check-in, it will be mandatory to fill it in at OLCI, and IIRC the APIS form always appears at OLCI and will show the data you filled in before if you did, allowing last-minute changes. If you still don't fill it in at OLCI, you won't be able to finish check-in/get a boarding pass and will need to see a check-in agent at the airport, who will presumably scan your passport so he/she doesn't have to type all the data, or scan your passport at a check-in kiosk.

Section 107

A lot more info here 05-6522.pdf (govinfo.gov) from the Notice of Proposed Rulemaking and the Final Notice about the history and justifications of the APIS.

Veri

As a data point, it was also BA for me that did not scan my passport at the gate when I left the UK this week, just glanced at it. My full name as it appears on my passport doesn't fit on their online API form either, although the API specs seem to allow for greater length - the fact that nobody has told them to get their act together is oddly reassuring as it must mean no official body minds enough!