TECHNICAL ADVISORY GROUP ON MACHINE READABLE TRAVEL DOCUMENTS (TAG/MRTD)



Similar documents
Implementation of biometrics, issues to be solved

PKD Board ICAO PKD unclassified B-Tec/37. Procedures for the ICAO Public Key Directory

MACHINE READABLE TRAVEL DOCUMENTS

PKD Board ICAO PKD unclassified B-Tec/36. Regulations for the ICAO Public Key Directory

Doc. Machine. authority

Security by Politics - Why it will never work. Lukas Grunwald DN-Systems GmbH Germany DefCon 15 Las Vegas USA

Preventing fraud in epassports and eids

Electronic machine-readable travel documents (emrtds) The importance of digital certificates

Full page passport/document reader Regula model 70X4M

Public Key Directory: What is the PKD and How to Make Best Use of It

International Civil Aviation Organization ASSEMBLY 38TH SESSION EXECUTIVE COMMITTEE

MACHINE READABLE TRAVEL DOCUMENTS

Moving to the third generation of electronic passports

Machine Readable Travel Documents

Biometrics for Public Sector Applications

Operational and Technical security of Electronic Passports

39 myths about e-passports

Establishing and Managing the Schengen Masterlist of CSCAs

Statewatch Briefing ID Cards in the EU: Current state of play

Keep Out of My Passport: Access Control Mechanisms in E-passports

E-Passport Testing. Ensuring Global Acceptance. Jos Chehin Date: 17 November 2006 Location: ASML

Sub- Regional Workshop and Consulta;ons on Capacity- Building in Travel Document Security: Colombia, 2013

Common Criteria Protection Profile for Inspection Systems (IS) BSI-CC-PP Version 1.01 (15 th April 2010)

Protection Profile for UK Dual-Interface Authentication Card

Guide for Assessing Security of Handling and Issuance of Travel Documents

Best Practices for the Use of RF-Enabled Technology in Identity Management. January Developed by: Smart Card Alliance Identity Council

New Attacks against RFID-Systems. Lukas Grunwald DN-Systems GmbH Germany

Common Criteria Protection Profile. Machine Readable Travel Document with ICAO Application, Basic Access Control BSI-CC-PP-0055

Common Criteria Protection Profile

A Note on the Relay Attacks on e-passports

Doc. Machine. Part. authority

eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke

COMMON CERTIFICATE POLICY FOR THE EXTENDED ACCESS CONTROL INFRASTRUCTURE FOR PASSPORTS AND TRAVEL DOCUMENTS ISSUED BY EU MEMBER STATES

TÜBİTAK BİLGEM ULUSAL ELEKTRONİK & KRİPTOLOJİ ARAŞTIRMA ENSTİTÜSÜ AKİS PROJESİ AKİS V1.4N

Information about the European Union is available on the Internet. It can be accessed through the Europa server (

Deputy Chief Executive Netrust Pte Ltd

ID Document Scanning and Biometric Solutions

A c o n c i s e g u i d e t o t h e G e r m a n e Pa s s p o r t s y s t e m

How To Cancel A Passport In North Ireland

E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

Best Solutions for Biometrics and eid

Discover Germany s Electronic Passport

Mobile Driver s License Solution

CERTIFICATION REPORT

Common Criteria Protection Profile. Electronic Identity Card (ID_Card PP) BSI-CC-PP Approved by the Federal Ministry of Interior. Version 1.

Modular biometric architecture with secunet biomiddle

MOBILE IDENTIFICATION:

Audio: This overview module contains an introduction, five lessons, and a conclusion.

Certification Report

Passport policy - Damaged and Faulty Passports

Advanced Security Mechanisms for Machine Readable Travel Documents and eidas Token

I N F O R M A T I O N S E C U R I T Y

ASSEMBLY 38TH SESSION EXECUTIVE COMMITTEE THREAT RESPONSE SYSTEM USING STATE OF THE ART INFORMATION TECHNOLOGIES IN THE REPUBLIC OF KOREA

POSITION PAPER. The Application of Biometrics at Airports PUBLISHED BY ACI WORLD HEADQUARTERS GENEVA SWITZERLAND

Optical Memory Cards in Federal Government

Entrust Smartcard & USB Authentication

NOAA HSPD-12 PIV-II Implementation October 23, Who is responsible for implementation of HSPD-12 PIV-II?

DOCUMENT SECURITY ISSUES

FAQs Electronic residence permit

A Guide To Selected U.S. Travel/Identity Documents For Law Enforcement Officers

October 2014 Issue No: 2.0. Good Practice Guide No. 44 Authentication and Credentials for use with HMG Online Services

Advisory Circular. 4. CANCELLATION. This is the first Advisory Circular issued on this subject.

ORDINANCE ON THE ELECTRONIC SIGNATURE CERTIFICATES IN THE. Chapter One GENERAL PROVISIONS

NACCU Migrating to Contactless:

PRIME IDENTITY MANAGEMENT CORE

Landscape of eid in Europe in 2013

CASE STUDY 3 Canada Border Services Agency (CBSA) Aéroport de Montréal Vancouver International Airport

THE VALSPAR CORPORATION

1. The human guard at the access control entry point determines whether the PIV Card appears to be genuine and has not been altered in any way.

E-passport testing equipment

QUESTIONS & ANSWERS. How did the Department decide on the cost of the Passport Card?

I N F O R M A T I O N S E C U R I T Y

International Civil Aviation Organization WORLDWIDE AIR TRANSPORT CONFERENCE (ATCONF) SIXTH MEETING. Montréal, 18 to 22 March 2013

TECHNICAL ADVISORY GROUP ON MACHINE READABLE TRAVEL DOCUMENTS (TAG/MRTD)

Complete. security. begins with 3M

Credential and Workflow Design with TruCredential. DataCard Corporation. All rights reserved.

)454 % 4HE INTERNATIONAL TELECOMMUNICATION CHARGE CARD

Synergy between Registered Traveler Programs and Visa-Processing for frequent travelers

Position Paper European Citizen Card: One Pillar of Interoperable eid Success

REAL ID Act Title II H.R.1268

EPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION

Basic Passport Checks 4 COLOUR SIMPLE VERSION

THE LEADING EDGE OF BORDER SECURITY

DELAWARE. Jurisdiction Impact Analysis Real ID Act

Security Analysis of Australian and E.U. E-passport Implementation

MIFARE ISO/IEC PICC

Degree Certificate Authentication using QR Code and Smartphone

ID Security Made in Germany Holistic Solutions for Biometric Systems and Identity Documents

Implementation of an Improved Secure System Detection for E-passport by using EPC RFID Tags

GLOSSARY ABTC APEC API ASEAN

CONTINIA DOCUMENT CAPTURE FACTSHEET ENGLISH LANGUAGE

EHIMA Guidance Document Revision: V05 Issue date:

Basic Passport Checks 4 COLOUR SIMPLE VERSION

FAQs - New German ID Card. General

FRAUD TECHNIQUE: IDENTITY DOCUMENT VERIFICATION

End-to-end security with advanced biometrics technology

End-to-end security with advanced biometrics technology

Delivery specification Labelling of components and products

Transcription:

International Civil Aviation Organization WORKING PAPER TAG/MRTD/22-WP/24 16/04/14 English only Revised No 1. 06/05/14 Revised No. 2 13/05/14 TECHNICAL ADVISORY GROUP ON MACHINE READABLE TRAVEL DOCUMENTS (TAG/MRTD) TWENTY-SECOND MEETING Montréal, 21 to 23 May 2014 Agenda Item 3: Activities of the ICBWG BASIC CONCEPTS OF MRTD AND emrtd TWO PAGE FACTSHEET (Presented by the Implementation and Capacity Building Working Group (ICBWG)) 1. INTRODUCTION 1.1 Since its very beginning, the ICBWG has been monitoring the compliance of MRTDs globally, working together with ICAO to identify, and correspond with, States that are issuing MRTDs with non-compliant elements. Many letters have been sent out and some of the problems have been solved. 1.2 Many stakeholders in those countries know very little about some of the basic technical concepts and terms of MRTD and emrtd, and are therefore vulnerable to manipulation by some unscrupulous vendors. Anecdotally, some attendees at ICAO events are confused about the basic concepts of MRTDs and emrtds. 2. BACKGROUND 2.1 Bearing this in mind, ICBWG has developed a two-page factsheet explaining in simple words the very basics of MRTD for people who know very little about them. This factsheet also shows what MRTD and emrtd have in common, and what is different. 2.2 This factsheet will become part of the documents given with the delegate bag at ICAO MRTD symposia, regional seminars and workshops. It could also be included in the ICAO MRTD Report or any other journal published by ICAO. (5 pages) TAG/MRTD/22

TAG/MRTD/22-WP/24-2 - 3. CURRENT STATUS 3.1 The document went through several reviews by ICBWG and members of ISO WG3-TF2 and is now ready for submission to TAG/MRTD. It is attached as an Appendix to this working paper. 4. ACTION BY THE TAG/MRTD 4.1 The TAG/MRTD is invited to: a) approve the content of this factsheet; and b) approve the distribution of the factsheet Basic concepts of MRTD and emrtd" at appropriate events and through appropriate means by ICAO; END

TAG-MRTD/22-WP/24 Appendix A APPENDIX A BASIC CONCEPTS OF MRTD AND emrtd TWO PAGE FACTSHEET (see next pages)

Basic concepts of MRTD and emrtd This document provides clarification on the differences between an MRTD and an emrtd, explaining basic concepts of each and focusing on compliance with the International Civil Aviation (ICAO) 1 Document 9303. Other resources are available for free in the download section of the ICAO 2 MRTD-website. Machine Readable Travel Documents (MRTD) The MRTD is an official travel document issued by a State or organization, used by its holder for international travel. It contains in a standardized format, various identification details of the holder, including a photo (or digital image) with mandatory and optional identity elements. The mandatory elements, apart from the photo, are reflected in a two- or three-line machine readable zone (MRZ). Passports & other booklet-mrtd Card-MRTD Visa labels 125x88 mm (TD3) 54x86 mm (TD1) 74x105 mm (TD2) 80x120 mm (visa A) 74x105 mm (visa B) Figure 1: MRTD sizes According to the Annex 9 of the Chicago Convention (3.10 and 3.10.1)3, all passports being issued have to be machine readable from April 1st 2010. In addition, all non-machine readable passports have to expire before November 24th 2015. If an MRTD is a passport, one of the most important elements is the personal data page. The data page shall contain a Visual Inspection Zone (VIZ), which groups mandatory and optional data elements, and a machine readable zone (MRZ) of fixed dimensions containing two lines of information printed in OCR-B font. National characters are not allowed in the MRZ and must be transliterated. The recommended transliteration for some scripts is provided in Doc 9303, as well as a list of country codes to be used in the MRZ. Print specifications of the MRZ are also defined in Doc 9303. Barcodes are not recognized as globally interoperable and therefore are not permitted on the data page. 1 http://www.icao.int/security/mrtd/pages/document9303.aspx 2 http://www.icao.int/security/mrtd/pages/downloads.aspx 3 http://store1.icao.int/index.php/publications/annexes/9-facilitation.html

Electronic Machine Readable Travel Documents (emrtd) In order to be called as such, an emrtd must additionally contain a contactless integrated circuit (IC) chip with an antenna, commonly refered to as an RFID chip. This chip stores data from the travel document data page and the mandatory biometric feature of the passport holder: the photograph. The data encoded in the chip are protected by Public Key Infrastructure (PKI) cryptographic technology against tampering. An emrtd can be recognised from its cover bearing the ICAO "chip inside" logo: The ICAO emrtd specifications are included in ICAO Document 9303 Volume 2 of both Parts 1 and 3. Additional details and clarifications are available from Doc 9303 Supplement. Any MRTD that does not comply with the specifications given in this volume may not be called an emrtd and cannot display the emrtd logo. The chip used in an emrtd must have a minimum data storage capacity of 32 kilobytes 4 and must comply with ISO/IEC 14443 and ISO/IEC 7816-4. File Explanation Data Group 1 Data Group 2 Security Data (EF.SOD) duplication of the machine readable zone data holder s facial image digitally signed file to check authenticity and integrity of content Figure 3: Mandatory content where chip is present in the passport The mandatory and optional data stored in the chip should be protected against unauthorised reading and against cloning by security mechanisms as described in Doc 9303. As the chip contains digitally signed data, a country willing to issue emrtd has to maintain a dedicated public key infrastructure (PKI) in secure facilities. The "Root" of this PKI is the Country Signing Certification Authority (CSCA). The document signer (DS) certificate, signed by the CSCA, proves the authenticity and integrity of the data on the chip and the link to the issuing country. Figure 4: PKI and issuance 4 http://www.iso.org/iso/home.htm Figure 5: Border control

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information