3 rd Generation Electronic Passport Supplemental Access Control (SAC) for future-proof security and privacy

Similar documents
Moving to the third generation of electronic passports

Implementation of biometrics, issues to be solved

Preventing fraud in epassports and eids

eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke

Sub- Regional Workshop and Consulta;ons on Capacity- Building in Travel Document Security: Colombia, 2013

Position Paper European Citizen Card: One Pillar of Interoperable eid Success

Electronic machine-readable travel documents (emrtds) The importance of digital certificates

Transaction Security. Advisory Services

PKD Board ICAO PKD unclassified B-Tec/37. Procedures for the ICAO Public Key Directory

CONTACTLESS INTEROPERABILITY IN TRANSIT

Keep Out of My Passport: Access Control Mechanisms in E-passports

Case Studies. National Identity Management Commission (NIMC), Nigeria eid Consulting for national ID system

SECURE IDENTITY MANAGEMENT. Globally recognised identity management expertise

Operational and Technical security of Electronic Passports

Sicherheitsaspekte des neuen deutschen Personalausweises

Best Practices for the Use of RF-Enabled Technology in Identity Management. January Developed by: Smart Card Alliance Identity Council

Common Criteria Protection Profile

CINTERION The global leader in cellular M2M communication. Cinterion Wireless Modules GmbH 2011, All rights reserved


Coesys Border Management

Biometrics for Public Sector Applications

E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption

Public Key Directory: What is the PKD and How to Make Best Use of It

Transaction Security. Test Tools & Simulators

MOBILE IDENTIFICATION:

Landscape of eid in Europe in 2013

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

Secure egovernment Where convenience meets security.

IEC A New Perspective in Substation Automation

IDENTITY SOLUTIONS END-TO-END SYSTEMS SOLUTIONS TO PROTECT IDENTITIES AND SECURE ACCESS FOR A MOBILITY WORLD

Transaction Security. Training Academy

International Civil Aviation Organization ASSEMBLY 38TH SESSION EXECUTIVE COMMITTEE

American Express Contactless Payments

EMV A Gated Parking Systems Perspective PIE March 18 th 2014

Best Solutions for Biometrics and eid

MACHINE READABLE TRAVEL DOCUMENTS

Complete. security. begins with 3M

Research Priorities Jean-Pierre Tual, Industrial Relations Director, Strategy and Innovation

ID Security Made in Germany Holistic Solutions for Biometric Systems and Identity Documents

Discover Germany s Electronic Passport

Allwin Initiative for Corporate Citizenship Dartmouth Center for the Advancement of Learning Dickey Center Ethics Institute Institute for Security

E-Government Service Delivery. Samir Said General Manager Microsoft Algeria

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

A c o n c i s e g u i d e t o t h e G e r m a n e Pa s s p o r t s y s t e m

Introduction ICAO PKD

COMMON CERTIFICATE POLICY FOR THE EXTENDED ACCESS CONTROL INFRASTRUCTURE FOR PASSPORTS AND TRAVEL DOCUMENTS ISSUED BY EU MEMBER STATES

Coesys Border Management

Statewatch Briefing ID Cards in the EU: Current state of play

Security by Politics - Why it will never work. Lukas Grunwald DN-Systems GmbH Germany DefCon 15 Las Vegas USA

EPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION

Advanced Security Mechanisms for Machine Readable Travel Documents and eidas Token

THE LEADING EDGE OF BORDER SECURITY

Defending the Internet of Things

Information Technology Policy

QUESTIONS & ANSWERS. How did the Department decide on the cost of the Passport Card?

End-to-end security with advanced biometrics technology

End-to-end security with advanced biometrics technology

Using Contactless Smart Cards for Secure Applications

Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs

Common Criteria Protection Profile for Inspection Systems (IS) BSI-CC-PP Version 1.01 (15 th April 2010)

Company Overview. Iraq: Activities & Experience

How To Hack An Rdi Credit Card

Doc. Machine. authority

Full page passport/document reader Regula model 70X4M

Questions & Answers clarifying key aspects of the SEPA Cards Framework

Highly Available Unified Communication Services with Microsoft Lync Server 2013 and Radware s Application Delivery Solution

NACCU Migrating to Contactless:

Wayne EMV Solutions. Protect your business with a complete EMV Solution inside and out.

esignature building block Introduction to the Connecting Europe Facility DIGIT Directorate-General for Informatics

Common Criteria Protection Profile. Machine Readable Travel Document with ICAO Application, Basic Access Control BSI-CC-PP-0055

The Canadian Migration to EMV. Prepared By:

Bank Assurance for Government

Identity Management Initiatives in identity management and emerging standards Presented to Fondazione Ugo Bordoni Rome, Italy

A Note on the Relay Attacks on e-passports

Final (RUSSIA-EU VISA DIALOGUE) GENERAL FRAMEWORK

Oberthur Technologies. A Technology Leader

Payments Transformation - EMV comes to the US

COMMISSION OF THE EUROPEAN COMMUNITIES GREEN PAPER

Secure Data Sharing and Processing in Heterogeneous Clouds. Bojan Suzic, Graz University of Technology

Chytré karty opět o rok dál...

The EMV Readiness. Collis America. Guy Berg President, Collis America

A Secure and Open Solution for Seamless Transit Systems

What is SEPA? Fact Sheet. Streamlining Payments in Europe

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

Dr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C

E-passport testing equipment

INTRODUCTION AND HISTORY

MasterCard Contactless Reader v3.0. INTRODUCTION TO MASTERCARD CONTACTLESS READER v3.0

Cloud Service Contracts: An Issue of Trust

Summit Delhi Sep Copyright Telefon AB LM Ericsson All rights reserved

4 PAYMENT CARD SECURITY IN THE CONTEXT OF EUROPEAN HARMONISATION

EMV in India: Giesecke & Devrient India. Mastering Successful Implementations with G&D

Shifting The Ticketing Paradigm

Supporting Smart Cards in UEFI

The Convergence of IT Security and Physical Access Control

Payment and Identification Secure solutions

39 myths about e-passports

Synergy between Registered Traveler Programs and Visa-Processing for frequent travelers

SOLUTIONS FOR HEALTHCARE PROFESSIONALS AND GOVERNMENTS

Transcription:

3 rd Generation Electronic Passport Supplemental Access Control (SAC) for future-proof security and privacy Gemalto Verna Heino ICAO MRTD Symposium Montreal ICAO MRTD Symposium, Montreal September 12 th 2011

Securing Identity Documents 2

The use of a contactless system entails an element of risk Skimming Retrieve the data from the chip without passport holder s approval Eavesdropping Intercept data while the passport chip communicates with the reader August 2011 Securing Identity Documents 3

Natural evolution of the epassport... 1st Gen 2nd Gen 3rd Gen Antieavesdropping BAC SAC Data access control EAC 2000 2010 2020 2030 4

Supplemental Access Control (SAC): future-proof f security in travel documents Beyond BAC... Privacy for citizens Strengthen BAC mechanism ICAO interoperability and backward compatibility...to SAC Protection against eavesdropping Similar in function to BAC but higher entropy cryptography Allows usage of Card Access Number (CAN) 5

...translated into legislations and standards Legislation ICAO recommends SAC for epassports worldwide in 2014 Europe mandates SAC in 2014 (epassport and eresidence Permit) ICAO Technical Report (TR-SAC) for MRTD Specifications & Standards Common Criteria Protection Profile SAC from ANTS Certified by ANSSI 6

Complete SAC Suite ICAO Technical Report Supplemental Access Control (TR-SAC) Common Criteria Protection Profile SAC Certified by ANSSI Conformity Test Plan Universal Reader Tool 7

Transparent within existing usages, systems and processes Travellers: more privacy... and no other change! Transparent usage, same as a BAC passport Border Control: same process, same equipment Officer manipulation of SAC epassport similar to BAC Software upgrade of the readers to add SAC protocol in addition to BAC Passport issuers: enhanced security with minimal effort Sourcing of SAC-enabled passports Operating Software Software update of issuance: data preparation, quality control 8

Key requirements for smooth migration Full compliance Full compliancy with international regulations and standards Rely on partners involved in standard bodies Leverage ICAO and EU interoperability tests (2004 2008) Seamless migration BAC-SAC-EAC flexible configurations for efficient stock management Return on experience from BAC to EAC migrations Trusted and future-proof Long-term viability through widest set of security features Trusted, long term, reliable supplier leveraging international best practices 9

Who is concerned? Europe: EU Mandate Why: to secure the non-eac protected data: name, face Who: all 27 EU countries Non-European: ICAO recommendation Countries already with 2nd generation EAC passports Why: to secure the non-eac protected data: name, face Who: Korea, Morocco, Singapore Countries with 1st generation BAC passports Why: to upgrade their security from BAC to SAC Limited impact on infrastructure Who: all other countries on all continents All countries in the world are concerned by SAC 10

When? Deploy in 2014 Issue new SAC passports to citizens Migrate in 2012-20132013 Agree on plan with supplier Upgrade issuance system Source SAC-ready passports Prepare it now Build understanding Define migration plan 11

Gemalto Trusted Partner The number one choice Over 25 epassport references 500 million citizens addressed with a long track record 2004-08 Fastest ICAO OS in all ICAO and EU interoperability tests 2005 2011 World s 1 st BAC epassport, EU-compliant (Sweden, Norway) Europe s 1 st SAC-enabled eresidence Permit, in line with EU 2014 specification 12

Thank you. Verna Heino verna.heino@gemalto.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information