CHAPTER 6

Technologies, Interoperability, and Risk Management

This chapter presents to-do lists for selecting the right technologies, ensuring interoperability, and managing risk.

6.1 Identifying and Evaluating Emerging Technologies for Concessions

The quick-paced world of technology is providing a constant stream of innovations that can be applied to airport concessions. As a result, airports are constantly trying to keep up with the latest technological trends. Identifying and evaluating emerging technologies for airport concessions is very important and involves a strategic approach.

Following are various recommendations of strategic approaches that airports can utilize to identify and evaluate emerging technologies:

1. Identifying technologies:
   • – Industry research. Stay updated on industry trends by subscribing to aviation and retail technology publications, attending conferences, and participating in industry associations.
   • – Travel technology reports. Look for reports from travel research firms that highlight emerging technologies that affect the passenger experience.
   • – Startup communities. Explore startup communities and innovation hubs to discover promising new ventures. Consider attending pitch events or partnering with incubators.
   • – Competitor analysis. See what your competitor airports are doing. Analyze their concessions spaces and identify any innovative technologies they have adopted.
2. Evaluating technologies:
   • – Passenger needs and pain points. Focus on technologies that address passengers’ needs or pain points within the airport concessions environment.
   • – Alignment with the airport strategy. Ensure that the technology aligns with the overall airport strategy for passenger experience, operational efficiency, or revenue generation.
   • – Proof of concept. If possible, conduct pilot programs or otherwise obtain proof of concept to test the technology in a controlled environment before full-scale implementation (BlueFletch 2024).
   • – Scalability and integration. Consider the technology’s scalability to accommodate future passenger growth and its ease of integration with existing airport systems.
   • – Security and data privacy. Evaluate the technology’s security measures and its compliance with data privacy regulations.
   • – Cost–benefit analysis. Launch a comprehensive cost–benefit analysis to understand the up-front investment, ongoing maintenance costs, and potential ROI.

2. • – Vendor reputation. Look extensively at the vendor’s historical performance, customer support, and experience implementing similar solutions in other airports.
   • – Criteria factors. Critical factors include technical feasibility, airport organizational readiness (e.g., culture, leadership, financials, skills, ethics), and external factors, such as accessibility, regulatory, and social acceptance.
3. Additional considerations:
   • – Create a dedicated innovation team. Form a team within your airport to scout emerging technologies and assess their potential for airport concessions.
   • – Embrace a culture of experimentation. Be open to trying new technologies, even if they have not been widely adopted yet (Little 2025).
   • – Seek external expertise. Consider partnering with technology consultants who can help you evaluate emerging technologies and develop implementation strategies.
   • – Establish performance metrics and KPIs. Establish KPIs such as sales uplift, customer satisfaction scores, or operational efficiency gains to measure the success of the technology.
   • – Continuous monitoring. Monitor the technology continuously to ensure that it meets the desired performance standards.

The process shown in Figure 22 can be utilized for identifying and evaluating emerging technologies.

6.2 Ensuring Interoperability with Existing and Future Technology Infrastructure

The interoperability of legacy systems and new technology can be challenging for an airport concessions technology program. The reasons include technological diversity, outdated standards, data silos, security concerns, cost constraints, potential operational disruptions, vendor lock-in,

compatibility issues, and inadequate documentation. Addressing these challenges requires a strategic approach that balances the need for modern, integrated solutions with the practical realities of existing infrastructure and budgetary limitations at an airport. Figure 23 highlights top technology integration methods. Following are some best practices to consider for addressing the interoperability challenge:

1. Conduct comprehensive assessments:
   • – System audit. Perform a thorough audit of existing legacy systems to understand their capabilities, limitations, and integration points.
   • – Needs analysis. Assess the specific needs of the airport concessions to determine the necessary features and functionalities of new technologies.
2. Adopt open standards and protocols:
   • – Standardized interfaces. Use standardized communication protocols and data formats (e.g., RESTful APIs, JSON, XML) to facilitate seamless integration (Beland 2024).
   • – Industry standards. Follow industry standards for interoperability, such as those set by the International Air Transport Association and Airports Council International (Acceldata 2024).
3. Implement middleware solutions:
   • – Integration platforms. Use middleware or integration platforms to bridge the gap between legacy systems and new technologies. Middleware can facilitate data exchange and process coordination without extensive modifications to existing systems (AWS 2022).
   • – API gateways. Deploy API gateways to manage and secure communication between legacy systems and new technology platforms (Microsoft 2025). APIs allow different systems to communicate and share data securely. Open APIs provide greater flexibility for integration with future technologies.
   • – Cloud-based solutions. Cloud-based technology often offers inherent interoperability and scalability benefits that make it easier to integrate with existing on-premises systems and future cloud-based solutions (McGraw 2025).
4. Prioritize data integration and management:
   • – Data mapping and transformation. Develop data mapping and transformation processes to ensure consistent data formats and structures across systems.
   • – Master data management. Implement a master data management strategy to maintain data integrity and consistency across disparate systems.

5. Incremental implementation:
   • – Phased rollout. Implement new technologies in phases to minimize disruptions. Start with pilot projects to test interoperability and address any issues before full-scale deployment (McGraw 2025).
   • – Parallel operations. Run new systems in parallel with legacy systems during the transition period to ensure stability and allow for troubleshooting.
6. Ensure robust security measures:
   • – Security protocols. Apply modern security protocols, including encryption, authentication, and access controls, to all integrated systems.
   • – Regular audits. Conduct regular security audits to identify and address vulnerabilities in both legacy and new systems.
7. Vendor collaboration and management:
   • – Vendor partnerships. Work closely with technology vendors to ensure that their solutions are compatible with existing systems and adhere to interoperability standards.
   • – Service-level agreements (SLAs) and support. Establish clear SLAs and support structures with vendors to address integration issues promptly.
8. Training and change management:
   • – Staff training. Provide comprehensive training for IT staff and end users to ensure that they are familiar with both legacy systems and new technologies.
   • – Change management. Implement a change management strategy to help staff adapt to new processes and systems smoothly.
9. Futureproofing:
   • – Scalable solutions. Choose scalable and flexible technology solutions that can adapt to future changes and advancements.
   • – Innovation watch. Stay informed about emerging technologies and industry trends to anticipate future interoperability needs and opportunities.

By following these best practices, airports can effectively ensure interoperability between legacy systems and new technology infrastructure.

6.3 Risk Management

Airport concessions technology programs are faced with data management challenges related to personal and operational business data, along with operational challenges. Every program must develop a risk management plan that can identify, analyze, and mitigate potential program risk areas. These risks need to be identified early in the program planning process.

Following are various recommended best practices for managing risks related to data privacy, operational challenges, data security, and data protection in airport concessions technology programs. These practices will help safeguard passenger information, ensure the smooth operation of your concessions, and build trust with passengers. It is recommended that airports involve their IT subject matter experts in these risk management efforts.

To manage and mitigate risk, airport should consider addressing the following issues:

1. Data privacy:
   • – Data minimization. Collect only the data necessary for the purpose of the specific concessions program. Avoid collecting irrelevant or excessive passenger information (Nandan Prasad 2024).
   • – Transparency and consent. Inform passengers about what data are being collected, how the data will be used, and their rights regarding their data. Obtain explicit consent before collecting any personal information.

1. • – Compliance with regulations. Ensure that your data privacy practices comply with relevant data protection regulations, such as the GDPR and the CCPA.
   • – Data breach notification. Develop a plan for notifying passengers promptly in case of a data breach.
2. Operational challenges:
   • – Technology integration. Assess the potential challenges of integrating the new technology with existing airport systems and concessions management software.
   • – Vendor management. Clearly define expectations and responsibilities regarding data security and privacy in contracts with technology vendors.
   • – Change management. Develop a change management plan to address potential disruptions and ensure smooth adoption of the new technology by concessions staff and passengers.
   • – Training. Provide adequate training for concessions personnel on using the new technology securely and following data privacy regulations.
3. Data security:
   • – Access control. Implement strict access controls to ensure that only authorized personnel have access to sensitive passenger data (Corcione 2021). Utilize strong password policies and multifactor authentication.
   • – Data encryption. Encrypt data at rest and in transit to protect the data from unauthorized access in case of a breach (Terekhov 2024).
   • – Network security. Maintain robust network security measures, such as firewalls and intrusion detection systems, to prevent cyberattacks (Terekhov 2024).
   • – Vulnerability management. Regularly scan systems for vulnerabilities and patch them promptly to minimize security risks.
4. Data protection:
   • – Data backup and recovery. Establish a comprehensive data backup and recovery plan to ensure that data can be restored quickly in case of a system failure or cyberattack.
   • – Incident response. Develop a detailed incident response plan outlining steps to take in case of a data security incident. This should include data breach notification, containment, and remediation procedures.
   • – Regular audits and monitoring. Conduct regular audits and security assessments of your systems and data security practices. Continuously monitor for suspicious activity and potential breaches.

Airports may want to consider formalizing their risk management practices by adopting the National Institute of Standards and Technology (NIST) Risk Management Framework model (NIST 2016). This model typically includes the components shown in Figure 24.