IDENTITY DOCUMENTS TRUST AND SECURITY IN A DIGITAL WORLD

Similar documents
Preventing fraud in epassports and eids

eid Security Frank Cornelis Architect eid fedict All rights reserved

DOCUMENT SECURITY ISSUES

Full page passport/document reader Regula model 70X4M

Combatting Counterfeit Identities: The Power of Pairing Physical & Digital IDs

IDENTIFICATION Morpho Driver s license Solution for governments and road traffic authorities

CRESCENDO SERIES Smart Cards. Smart Card Solutions

Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi

Banking. Extending Value to Customers. KONA Banking product matrix. is leading the next generation of payment solutions.

Implementation of biometrics, issues to be solved

IDENTITY SOLUTIONS END-TO-END SYSTEMS SOLUTIONS TO PROTECT IDENTITIES AND SECURE ACCESS FOR A MOBILITY WORLD

Printing/Encoding and Engraving Solutions

Converged Smart Card for Identity Assurance Solutions. Crescendo Series Smart Cards

RF-Enabled Applications and Technology: Comparing and Contrasting RFID and RF-Enabled Smart Cards

ZEBRA CUSTOM LAMINATE QUOTE REQUEST FORM Custom Laminate Quick Reference Guide: Added Security to Meet Your Needs

Entrust Smartcard & USB Authentication

Smart Tiger STARCHIP SMART TIGER PAYMENT PRODUCT LINE. Payment. STiger SDA. STiger DDA. STiger DUAL

PrivyLink Cryptographic Key Server *

More Power and Performance With Each Printed Card

eidas as blueprint for future eid projects cryptovision mindshare 2015 HJP Consulting Holger Funke

Secure egovernment Where convenience meets security.

Global eid Developments. Detlef Eckert Chief Security Advisor Microsoft Europe, Middle East, and Africa

PRIME IDENTITY MANAGEMENT CORE

Landscape of eid in Europe in 2013

Best Solutions for Biometrics and eid

Introducing etoken. What is etoken?

European Electronic Identity Practices Country Update of Portugal

Entrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0

Moving to the third generation of electronic passports

Gemalto Mifare 1K Datasheet

Payment and Identification Secure solutions

Contactless Smart Cards vs. EPC Gen 2 RFID Tags: Frequently Asked Questions. July, Developed by: Smart Card Alliance Identity Council

Best Practices for the Use of RF-Enabled Technology in Identity Management. January Developed by: Smart Card Alliance Identity Council

Microsoft Identity Lifecycle Manager & Gemalto.NET Solutions. Jan 23 rd, 2007

White Paper PalmSecure truedentity

CERTIFICATION PRACTICE STATEMENT UPDATE

Smart Card Security How Can We Be So Sure?

Chapter 11 Security+ Guide to Network Security Fundamentals, Third Edition Basic Cryptography

E-Visas Verification Schemes Based on Public-Key Infrastructure and Identity Based Encryption

Application Note Gemalto.NET 2.0 Smart Card Certificate Enrollment using Microsoft Certificate Services on Windows 2008

Neutralus Certification Practices Statement

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

Measurement and Analysis Introduction of ISO7816 (Smart Card)

Smart Card Technology Capabilities

Using Contactless Smart Cards for Secure Applications

Research Article. Research of network payment system based on multi-factor authentication

Embedded Java & Secure Element for high security in IoT systems

Electronic machine-readable travel documents (emrtds) The importance of digital certificates

Key & Data Storage on Mobile Devices

TrustKey Tool User Manual

PUF Physical Unclonable Functions

1. Product Overview 2. Product Features 3. Comparison Chart 4. Product Applications 5. Order Information 6. Q & A

VPN. Date: 4/15/2004 By: Heena Patel

NIST s FIPS 201: Personal Identity Verification (PIV) of Federal Employees and Contractors Masaryk University in Brno Faculty of Informatics

Secure Web Access Solution

M2M For industrial and automotive

Chapter 1: Introduction

Enhancing Web Application Security

Fighting product clones through digital signatures

An Open Source eid Simulator Open Identity Summit 9th -11th September 2013

OECD workshop on digital identity management BELGIAN approach

The security features which are not visible on a photocopy

X-Road. egovernment interoperability framework

CardOS API V3.2. Standard cryptographic interface for using applications with CardOS smart cards

I N F O R M A T I O N S E C U R I T Y

Technical Description. DigitalSign 3.1. State of the art legally valid electronic signature. The best, most secure and complete software for

Secure Data Exchange Solution

Public-Key Infrastructure

Information Technology Policy

I N F O R M A T I O N S E C U R I T Y

Savitribai Phule Pune University

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

ECC Certificate Addendum to the Comodo EV Certification Practice Statement v.1.03

European Electronic Identity Practices

White Paper. Enhancing Website Security with Algorithm Agility

Certification Report

mcard CPK Supported Solutions

THE LEADING EDGE OF BORDER SECURITY

RFID Security. April 10, Martin Dam Pedersen Department of Mathematics and Computer Science University Of Southern Denmark

GoldKey Product Info. Do not leave your Information Assets at risk Read On... Detailed Product Catalogue for GoldKey

MEng, BSc Computer Science with Artificial Intelligence

Multi-Factor Authentication Protecting Applications and Critical Data against Unauthorized Access

EMV-TT. Now available on Android. White Paper by

W.A.R.N. Passive Biometric ID Card Solution

VASCO Consulting Services

Longmai Mobile PKI Solution

Security and Security Certificates for OpenADR systems. Background. Content:

Smart Card Certificate Authentication with VMware View 4.5 and Above WHITE PAPER

Certification Practice Statement

ISO/IEC for secure mobile web applications

Complying with PCI Data Security

Implementing high-level Counterfeit Security using RFID and PKI

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

EXPLORING SMARTCARDS: AN INDEPENDENT LOOK TO TECHNOLOGIES AND MARKET

For more information, please refer to our Check Armor FAQ: forms/checkarmorfaq.pdf

Transcription:

GOVERNMENT IDENTITY DOCUMENTS TRUST AND SECURITY IN A DIGITAL WORLD

Identity solutions by Trüb In today s mobile and networked society the need for secure and versatile travel and identification documents is continuously increasing. And with the availability of new standards and technology the concept of identity protection is permanently evolving and advancing. Trüb is responding to these ever increasing public and political expectations for trustworthy identity products with smartcards that match the latest public and private sector requirements. Premium quality Polycarbonate is the state of the art material for durable and fraud-resistant identity documents with high quality personalization features and security elements. Excellence in production Trüb develops and builds polycarbonate cards with adherence to the most stringent standards for over 20 years. As a leading supplier with reference projects worldwide and long-time broad experience, Trüb is excellently PREMIUM QUALITY IN POLYCARBONATE positioned to fulfill even most demanding requirements of ambitious customers. Electronic identity Trüb s scope of supply addresses a wide spectrum of customer needs. Be it a traditional national ID card without chip, an e-id with chip and biometric data for cross-border travel, or a PKI smartcard aligned to the demands of a digital society for online and e-government services. More than just cards In addition to manufacturing premium quality products, Trüb also supports customers in defining the identity document best suited to the needs of their administration, citizens and economy. Therefore Trüb can offer identity document solutions covering consultancy, card design services, client-specific Java Card software development, turnkey solutions for personalization centers and project management. Product portfolio National ID cards with or without chip Biometric Residence Permits Crew Member Certificates Civil servant ID cards PKI cards for Identification, Authentication and digital Signature Complete ID card technology portfolio: chip-less, contactbased, contactless, dual interface and hybrid (with both a contactless and contact-based chip) Wired antenna for superior performance Service portfolio Security concept design Secure logistics concepts Project consulting Artwork services Application development services Prototyping Personalization setup and services 2 IDENTITY DOCUMENTS

Biometric security Identity cards are not only personalized and hard to manipulate identity proving documents. Equipped with a secure microcontroller the functionality and security is further enhanced. Biometric and other Multi-functionality An increasing number of identification documents - like Identity Cards (e-id), Biometric Residence Permits or Crew Member Certificates - incorporate a chip for additional security. MULTI-PURPOSE IDENTITY CARDS card holder data stored in the chip is inseparably tied to the personalized data on the card body. At the same time unauthorized usage is prevented by implementing secure communication protocols. With the customized chip, operating system and applications such an electronically enabled identity document can be used for many additional purposes. Applications by Trüb Trüb offers an adaptable PKI application and partners also with leading independent software companies specialized in smartcard applications. ID card in polycarbonate PKI for e-government solutions Digital signature Citizen data management Biometric authentification Match on card ICAO travel document and European Citizen Card functionality e-travel documents E-ID APPLICATION PORTFOLIO Public Key Infrastructure Trüb application services ICAO applications Data structure and applications for machine-readable travel documents with Passive and Active Authentication (PA/AA), Basic (BAC), Enhanced (EAC) and Supplemental (SAC) Access Control EU specific e-passport & e-id applications Biometric data with advanced access control Biometric applications Match on card (MINEX II-compliant, ISO/IEC 19794-2) Trüb tru/sign TM PKI applet Customizable application for strong authentication & qualified digital signature (based on PKCS#15) Other IAS applets Off-the shelf application for Identification, Authentication ans Signature Trüb CDA Citizen Data Management Application Secure, role-based access to customer specific data stored on chip (based on ISO/IEC 7816-4 file structure and ISO/ IEC 7816-8 commands) Support for native and JavaCard operating systems Choice of various approved and certified hardware and software platforms Solutions and applications tailored to customer needs Project specific certification Development of customer specific middleware Delivery of secure smartcard readers Secure logistics concepts Personalization setup and services IDENTITY DOCUMENTS 3

embedded transparent DOVID (Kinegram, DID ) security background with guilloche and rainbow printing tru/window LOCK laser ablation feature Tactile surface elements tactile laser engraving Dynaprint MLI / CLI OVI Optically Variable Ink tru / vision serial number microlettering positive and negative in rainbow printing IR and UV printing LFI Latent Filter Image COMMITTED TO STRONG FRAUD-RESISTANCE Optical security features Security printing features such as micro lettering, guilloche and rainbow printing OVI Optically Variable Ink Diffractive Optically Variable Image Devices (DOVID) - embedded metallized or transparent hologram or Kinegram LFI Latent Filter Image optically variable image with integrated filter Dynaprint - optically variable images in combination with MLI /CLI tru/window ANIMATION - transparent window with optically moving element tru/vision - color image visible under 365 nm UV IR and UV printing Tactile micro lettering and other surface elements Personalization features Tamper-resistant, high quality true grayscale laser engraving Tactile laser engraving MLI / CLI based on lenticular structures PhotoLock - integrated photo security element ImagePerf - laser perforated secondary image IPI TM Invisible Personalized Information tru/window LOCK transparent window with inversely personalized ghost image on metal foil Electronic security features Choice of certified high security chips Chip modules embedded tightly into the card body Support of ICAO and EU security protocols and regulations Mechanical features Long lifespan due to high integrity of fused polycarbonate card layers Superb resistance to mechanical, chemical and thermal stress Encapsulated electronics for contactless cards Certified card body with test reports from international accredited testing institutions Company certification Produced in Switzerland by Gemalto AG, a certified high security printing company 4 IDENTITY DOCUMENTS

INNOVATION IN SECURITY tru/window TM unrivaled document protection Trüb s window technology tru/window both enhances document strength against illegal alterations and provides visually attractive security elements. tru/window is a transparent area within the multilayer polycarbonate card body. Such a window element is a strong counter measure against grinding attacks on the card body itself, therefore safeguarding the integrity of the card and protecting against forgery. Furthermore, polycarbonate documents which include tru/window security elements benefit from an enhanced defense against counterfeit attacks such as copying or reproduction. tru/window LOCK a new dimension in photo protection This patented security feature effectively prevents manipulation of the card holder portrait after issuance. This is accomplished by a secondary portrait image personalized into a metallic foil integrated into the transparent tru/window area inside the polycarbonate card body. In fact, tru/window LOCK implements a negative personalization process where lightcolored image information is selectively removed from the metallic foil by laser ablation, leaving transparent areas. The result is a positive halftone ghost image visible in high resolution under transmitted light. Due to the negative personalization process it is not possible to add any additional dark image information to the secondary image. Hence, the tru/window LOCK security feature prevents a concurrent manipulation of both the primary and secondary card holder portrait. tru/window ANIMATION striking visual effects This first line security element both is visually appealing and allows for a distinct individual design. The optically variable security feature is based on Moiré technology and requires sophisticated algorithms and printing technology. Dynamic image transitions, linear and circular movements, objects shifting in different directions or flashing and pulsating effects all can be realized. To observe these stunning effects it s enough to tilt the card. It s therefore easy to judge whether the card is genuine without needing special equipment or dedicated knowledge. tru/vision TM brilliant true-color UV images This security and design feature implements images invisible under normal daylight that turn into brilliant true-color images with excellent color reproduction under ultraviolet light. Customer specific true-color UV images can be integrated into the document design, offering a distinct visual appearance with high recognition value and enhanced document security. The high resolution images comprise UV fluorescent inks with advanced color separation and halftone printing. Compared to standard UV security printing, tru/vision technology provides enhanced protection against duplication and reproduction. Resistance towards document counterfeits is significantly increased due to the complexity of the underlying image processing algorithms. The true-color images can be observed by naked eye under 365nm UV exposure. Thus tru/vision is an attractive and distinct security feature allowing easy verification of document authenticity. IDENTITY DOCUMENTS 5

tru/sign TM PKI security highlights Based on its extensive experience gained as card manufacturer of Switzerland s PKI card SuisseID and especially as supplier of the highly advanced e-id scheme in Estonia, Trüb offers its own Public Key Infrastructure solution. The centerpiece constitutes Trüb s tru/sign TM PKI application - a proven and reliable tool to gain fast but secure access to web based e-government and e-commerce services. Developed for the certified Java Card Open Platform, tru/sign connects the user in the most efficient but easy way to e-services in tightly secured IT-environments. tru/sign implements a future proof design since the applications and their settings can be configured according to specific customer requirements and allow for postissuance application download. PROVEN PKI SOLUTION 2-factor dentification e-voting digital company founding strong uthentification digital tax declaration municipal e-services qualified digital ignature IAS Functionality e-procurement others Web Applications Functionality SSL client/server authentication Digital signature VPN client support Secure e-mail client Authentication profile: two PIN one PUK Optional passphrase authentication PIN/PUK replacement procedure Post-issuance certification renewal Support for all current customary PC platforms and browsers: Microsoft, Mac, Linux Extendable with CDA (Citizen Data Management Application) Security Certified Java Card v.3.0.4 chip-platform with Common Criteria EAL5+ security level Global Platform Specification v.2.2.1 On-chip and external key generation Distinguished PKI use cases for authentication and digital signature Cryptographic performance: RSA and ECC, AES, SHA-2, Diffie-Hellman ECC key agreement Support of PIN pad reader for secure PIN entry Turnkey solution Including secure chip operating system and application on chip with integrated client software Ready to execute trusted web services Proof of concept for new e-id projects Consultancy for customer specific PKI-solution based on tru/sign TM Hands-on training by Estonian e-governance Academy System integration support for e-id program implementation Software development kit for application development by customer 6 IDENTITY DOCUMENTS

207 151 652 DIGITAL SIGNATURES IN ESTONIA At the forefront of leading edge PKI-solutions since 2001, Trüb provides one of the most advanced e-government schemes worldwide the e-id card of Estonia with Trüb PKI application tru/sign. Identity in a digital world The card - next to being used as «normal» identification card by more than 1.2 million citizens - comprises a chip with the PKI application tru/sign to provide electronic identification, authentication and digital signature. Cryptographic keys can be generated directly on chip and currently two pairs, each consisting of a private and public key bound to qualified digital certificates, are used on the Estonian e-id card: one for strong authentication and one for electronic signature. A multitude of services Today all citizen of Estonia can enjoy the benefits of this e-id platform that supports, just to mention a few, innovative e- services like e-voting - popular since 2007, or digital company register - which allows a card holder to establish a company online within 15 minutes. Other examples are digital tax declaration, e-procurement, e-banking and many other national and municipal e-government and private services. A complete system The Estonian e-id card with tru/sign TM PKI-application is part of the comprehensive Estonian public key infrastructure (PKI) allowing many e-services to be accessed securely by means of digital certificates, which are released and managed by one Certification Authority. This increases efficiency and reduces costs for administration. Today, citizens have access to more than 700 e-services in the public and private sector, all connected by the Estonian IT-system X- Road. This availability of manifold online services at any time makes the e-id card a very popular token for daily use for the better part of the population. Now available as Mobile ID, too, the Estonian e-id allows for an ever increasing number of options with more and more e-services many usable even internationally. High usage Evidence of the active use and the popularity of the Estonian e-id with tru/sign TM PKI solution is that more than 207 million digital signatures and 335 million electronic authentications have been processed since launch (Status 3/2015). Public sector - e-government Private sector - B2B / e-commerce database I database II database III database IV database V Security server Security server Security server Security server Security server Secure data transfer platform - Internet based on Estonian X-Road architecture Security server Security server Security server Security server State portal: www.utopia.ch Administrative center of the state information system tru/sign TM card & client software National register database Certification Authority Citizen view Enterpriser view Central monitoring Central servers Authority view Help desk IDENTITY DOCUMENTS 7

SPECIFICATIONS Dimensions ID-1: 54.0 mm x 85.6 mm Thickness: 0.8 mm typical Standards ISO/IEC 7810 (Physical characteristics of ID cards) ISO/IEC 10373 (ID cards test methods) ISO/IEC 7816 (ID cards chip with contacts) ISO/IEC 14443 (ID cards - contactless chip for proximity cards) ICAO 9303 (Machine Readable Travel Documents): Part 3 TR-03110 (Technical Guidelines on Advanced Security Mechanisms for Machine Readable Travel Documents): Parts 1 (BAC, EACv1), Part 2 (EACv2, PACE) and Part 3 Cryptography PKCS Public Key Cryptography Standards (#1:RSA; #5: Password-based Encryption; #11: Cryptoki; #13: Elliptic Curve; #15: cryptographic format) RFC 2631 (Diffie-Hellman) X.509v3 (Digital certificates) AES Advanced Encryption Standard Material Genuine polycarbonate Option: PCC Polycarbonate Color for color personalization Fused under heat and pressure, free of adhesives Real lifetime proven for 10 years Surface: matt or glossy All information provided in this document is subject to change without any prior notice. The information is provided in good faith and the publisher cannot be held liable for any discrepancies. No part of this document can be published without the authorization by Gemalto AG. Processing Layout: customer-specific artwork provided by Trüb Personalization: laser engraving modules from leading personalization suppliers supported Gemalto AG Hintere Bahnhofstrasse 12 5001 Aarau Switzerland Tel. +41 62 832 00 00 Fax +41 62 832 01 00 info@trueb.ch www.trueb.ch Gemalto AG 03.2015

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information