Security on internal flights in the US is famously relaxed. Catching a domestic plane is said to be as simple as catching a bus. You don't need to have photo ID to prove who you are. And friends and relatives can go right to the gate to wave you off.

“On domestic flights, you can effectively walk on with nothing more than a credit card, as long as you've bought a ticket,” says Ian Johnson, an aviation security consultant who has worked with British Airways (BA) for more than ten years.

Unlike customs and immigration, which are controlled by the government, screening of passengers is delegated to the airlines, which then contract out the work to security firms. The firms then work within Federal Aviation Administration (FAA) regulations.

These regulations, until Tuesday's events, were pretty relaxed. The FAA didn't require all passengers to present ID and passengers without any form of photo ID were not prohibited from travelling by the regulations. Any traveller wanting to take a gun in their checked in baggage was asked to declare it to the airline. Knives with blades up to four inches long were also allowed through. The weapons used in Tuesday's hijackings have been described as small blades and box cutters, both of which the FAA considered suitable cabin baggage. The FAA has been considering its regulations and links to the regulations from the FAA website were blocked this week.

Chilled-out check-in
FAA security rules are not as stringent as those in the UK, says Johnson. “The FAA has always tended to follow its own rules – it didn't follow the international rule on cockpits being locked.”

Another security expert, ex-RAF man Ian Wheeler, who regularly flew as the security officer with the prime minister, agrees US domestic flight security is lax, but says the style of the suicide attacks would not have been thought feasible.

“I don't think it's something people thought would happen – hijacking, yes, but complete destruction by flying into a building is different.”

Security for the airlines involved in last week's attacks is contracted out to three firms. American Airlines' security at Boston's Logan Airport is run by Globe Security, part of the international Securitas Group, while United Airlines uses St Louis-based Huntleigh USA.

A statement from Securitas said it believed Globe was in the clear. “There is nothing to indicate checks were not performed correctly, in accordance with our instructions. The information available to date regarding the weapons that were used also indicates that no forbidden weapons were carried on board by passengers.”

Passenger screening at Washington's Dulles Airport and at Newark Airport, where the other planes departed from, is handled by Argenbright, owned by Securicor.

Criminal history
Airline security in the US is littered with tales of misdoings. In 2000, under its previous owners, Argenbright was fined more than $1.5m (£1.02m) for allowing untrained employees, some with criminal records to operate checkpoints at Philadelphia International Airport. Employees had backgrounds that included drug dealing, kidnapping aggravated assault and theft.

Logan Airport in 1999 was found by FAA agents to have three times the national rate for security violations, with scanners routinely failing to detect test items such as pipe bombs and guns in the agents' luggage.

Working as a security screener at an airport is not a career position. It pays about the same as working in a fast food outlet. Staff turnover is high. Both planes which crashed into the World Trade Center left from Logan Airport. It has a staff turnover rate among screeners of 207%.

So it seems the security companies have followed the rules and the problem lies with the FAA and the government.

The editor of Aviation Security International, Philip Baum, says: “The government attitude to security is really to blame. I wouldn't blame security companies for allowing a small blade through.”

Scanners on the minimum wage cannot be expected to pick up on clues vital to security, Baum says. “They are not capable and they are not qualified to do that.” Security has to be based on the appreciation of threat, he adds.

But Baum doubts the government would be too ready to take on responsibility for airport security. “It will take a long time for a government to assume that sort of responsibility. The reason they don't want the responsibility is that they know they won't find the items.”