| by Dr.
Ruwantissa Abeyratne
( October 24,
2012, Montreal, Sri Lanka Guardian) The ePassport is the culmination of a
sustained process of development of technical specifications for machine
readable travel documents (MRTD). It
introduces a new dimension to aviation security in that, within
the conventional machine readable passport with its machine readable
zone, an additional layer of verification of information contained in an electronic chip is placed, which verifies
the information in the passport’s machine readable zone by the use of a special
reader. Much research has gone into the
areas of the technology and verification in the development of the ePassport.
Over 104 States
are currently producing and using ePassports and there are approximately 400
million in circulation. This accounts
for 33per cent of all passports used globally.
The additional feature that the ePassport carries in the conventional
machine readable passport is a chip containing biometric and biographic
information which have to be validated accurately, efficiently and quickly
while retaining the security and integrity of the information. Ideally, an ePassport should be issued in
accordance with the technical specifications approved by the International
Civil Aviation Organization (ICAO) .
However, this does not happen in all cases of issuance of ePassports. This lapse could seriously compromise global
security. The nuances of this threat are
described and discussed in this article against their legal background.
At a recent
Symposium on machine readable travel documents, biometrics and security
standards.held at ICAO on 10 to 12 October 2012, experts addressed ICAO machine
readable travel documents (MRTD) standards and specifications, identity
management best practices and related border security issues. Sri Lanka, an issuer of machine readable
passports, was represented at this
Symposium. Foremost among these discussions was the ePassport, which is defined
by ICAO as a passport which has a contactless integrated circuit (IC) chip
within which is stored data from the machine readable passport page, a
biometric measure of the passport and a security object to protect the public
key infrastructure (PKI) cryptographic technology, and which conforms to the
specifications of Doc 9303 part 1 . The
ICAO Facilitation Manual defines the ePassport as a machine readable passport
that has a contactless integrated circuit embedded in it and the capability of
being used for biometric identification of the machine readable passport holder
in accordance with the Standards specified in the relevant part of ICAO
document 9303 (Machine Readable Travel Documents) . ePassports are easily recognised by the
international ePassport symbol on the front cover .
Biometric
Identification
It is important
to note that the operative terms in the
definition of the ePassport are “biometric identification” and “public key infrastructure (PKI)
cryptographic technology”. Biometric
technology involves a measurable, physical characteristic or personal
behavioral trait used to recognize the identity, or verify the claimed identity of a person. Biometric identification has been defined as
“a generic term used to describe automated means of recognizing a living person
through the measurement of distinguishing physiological or behavioural traits”
.
Biometrics
target the distinguishing physiological or behavioral traits of the
individual by measuring them and placing
them in an automated repository such as machine encoded representations created by computer software
algorithms that could make comparisons with the actual features. Physiological biometrics that have been found
to successfully accommodate this scientific process are facial recognition,
fingerprinting and iris-recognition which have been selected by ICAO as being the
most appropriate. The biometric
identification process is fourfold: firstly involving the capture or
acquisition of the biometric sample; secondly extracting or converting the raw
biometric sample obtained into an intermediate form; and thirdly creating templates of the intermediate data is converted into a
template for storage; and finally the comparison stage where the information
offered by the travel document with that which is stored in the reference
template.
Biometric
identification gets into gear each time an MRTD holder (traveler) enters or
exists the territory of a State and when
the State verifies his identity against the images or templates created at the
time his travel document was issued.
This measure not only ensures that the holder of the document is the
legitimate claimant to that document and to whom it was issued, but also
enhances the efficacy of any advance passenger information (API) system used by the State to pre-determine the
arrivals to its territory. Furthermore, matching biometric data presented in
the form of the traveler with the data contained in the template accurately
ascertains as to whether the travel document has been tampered with or
not. A three way check, which matches
the traveler’s biometrics with those stored in the template carried in the
document and a central database, is an even more efficacious way of determining
the genuineness of a travel document. The final and most efficient biometric
check is when a four way determine is effected, were the digitized photograph is
visually matched (non electronically) with the three way check described above
. In this context, it is always
recommended that the traveler’s facial image (conventional photograph) should
be incorporated in the travel document along with the biometric templates in
order to ensure that his identity could be verified at locations where there is
no direct access to a central database or where the biometric identification
process has not entered into the legal process of that location.
Public Key
Infrastructure (PKI) Cryptographic Technology
PKI
Cryptographic technology uses a brand new technique known as quantum
cryptography, designed to eliminate the
terrifying vulnerabilities that arise in the way digitally stored data are
exposed to fraudulent use. This new technique uses polarized photons instead of
electronic signals to transmit information along cables. Photons are tiny particles of light that are
so sensitive that when intercepted, they immediately become corrupted. This renders the message unintelligible and
alerts both the sender and recipient to the fraudulent or spying attempt. The public key directory - designed and
proposed to be used by customs and immigration authorities who check biometric
details in an electronic passport, is based on cryptography - and is already a
viable tool being actively considered by the aviation community as a fail-safe
method for ensuring the accuracy and integrity of passport information.
In order to
assure inspecting authorities (receiving States) that they would know when the authenticity
and integrity of the biometric data stored in the MRTD, which they inspect, are
compromised and tampered with, the
Public Key Infrastructure (PKI) scheme was developed by the TAG/MRTD, which has
been pioneering work on the MRTD for
over a decade . The scheme is not
calculated to prescribe global implementation of public key encryption, but
rather acts as a facilitator enabling
States to make choices in areas such as active or passive
authentication, anti-skimming and access control and automated border crossing,
among other facilitative methods. The
establishment of a public key directory, through means of public key cryptology
and in a PKI environment, is consistent with ICAO’s ultimate aim and vision for
the application of biometric technology on
the fundamental postulate that there must be a primary interoperable
form of biometric technology for use at border control with facilities for
verification, as well as by carriers and the issuers of documents. This initial premise is inevitably followed
by the assumption that biometric technologies used by document issuers must
have certain specifications, particularly for purposes of identification,
verification and the creation of watch lists.
It is also ICAO’s vision that States, to the extent possible, are
protected against changing infrastructure and changing suppliers, and that a
technology, once put in place, must be operable or at least retrievable for a
period of ten years.
The ePassport
The story of the
passport- the precursor of the ePassport – starts with the birth of an
individual and his birth certificate, which records the event of birth and time
and place thereof. The Civil Registry is
able, with this document to primarily establish the identity of the person at birth and inform his country of his
details for purposes of maintaining census and vital statistics. The passport, which uses this information,
gives a person a name and natonality that is required for him to travel
internationally. The passport is a basic document in the transport by air of
persons. Its use therefore is of fundamental importance as a travel document,
not only because it reflects the importance of the sovereignty of a State and
the nationality of its citizens but also because it stands for the
inviolability of relations between States that are linked through air
transport.
The key
consideration of an ePassport is Global Interoperability — the crucial need to
specify a system for biometrics deployment that is universally interoperable. a
Logical Data Structure (LDS) for ePassports required for global
interoperability. It defines the specifications for the standardized
organization of data recorded to a contactless integrated circuit capacity
expansion technology of an MRP when selected by an issuing State or
organization so that the data is accessible by receiving States. This requires
the identification of all mandatory and optional Data Elements and a
prescriptive ordering and/or grouping of Data Elements that must be followed to
achieve global interoperability for reading of details (Data Elements) recorded
in the capacity expansion technology optionally included on an MRP
(ePassport). The other considerations
are Uniformity — the need to minimize via specific standard setting, to the
extent practical, the different solution variations that may potentially be
deployed by member States; Technical reliability — the need to provide
guidelines and parameters to ensure member States deploy technologies that have
been proven to provide a high level of confidence from an identity confirmation
viewpoint; and that States reading data encoded by other States can be sure
that the data supplied to them is of sufficient quality and integrity to enable
accurate verification in their own systems; Practicality — the need to ensure
that specifications can be operationalized and implemented by States without
their having to introduce a plethora of disparate systems and equipment to
ensure they meet all possible variations and interpretations of the standards;
and Durability — the requirement that
the systems introduced will last the maximum 10-year life of a travel document,
and that future updates will be backward compatible.
The major
components of a biometric system are: Capture — acquisition of a raw biometric
sample; Extract — conversion of the raw biometric sample data to an intermediate
form; Create template — conversion of the intermediate data into a template for
storage; and Compare — comparison with the information in a stored reference
template.
In terms of
security and privacy of the stored data, both the issuing and any receiving
States need to be satisfied that the data stored on the IC has not been altered
since it was recorded at the time of issue of the document. In addition, the
privacy laws or practice of the issuing State may require that the data cannot
be accessed except by an authorized person or organization. Accordingly ICAO
has developed specifications in Section IV regarding the application and usage
of modern encryption techniques, particularly interoperable public key
infrastructure (PKI) schemes, to be used by States with their machine readable
travel documents as made in accordance with the specifications set out in Doc
9303. The intent is primarily to augment security through automated means of
authentication of MRPs and their legitimate holders internationally. In
addition, ways and means are recommended to implement international ePassport
authentication and to provide a path to the use of ePassports to facilitate
biometric or e-commerce applications.
Conclusion
The foremost
necessity is to establish a strong security culture in every State. For this, there must be a clear definition of
State responsibility and accountability brought to bear by a close and
unbreakable link between government and industry stakeholders. A security culture would make States aware of
their rights and duties, and, more importantly, enable States to assert them.
Those who belong to a security culture also know which conduct would compromise
security and they are quick to educate and caution those who, out of ignorance,
forgetfulness, or personal weakness, partake in insecure conduct. An ePassport
must necessarily be the result of efficient and fail-safe organizational
arrangements. It should be tested at
border control by trained professionals.
eGovernment and
eID are the bare essentials for State security. The digital economy has also
brought much facilitation that helps the world move to paperless processes
which result in greater economy and streamlined processes. However, there must
essentially be global harmonization in this process. In this regard ICAO has made remarkable
progress in advancing its MRTD programme to the level it is at now. If harmonization means ensuring consistency
between global practices, standardization means compliance with international
Standards. There is no room for doubt
that both harmonization and globalization are needed in this context.
 The ePassport is the culmination of a sustained pro...){kind=link}