E-passport inspections lagging worldwide
Issuance remains strong but slow economy hinders infrastructure investment
01 March, 2011
category: Biometrics, Contactless, Government, Library
The issuance of electronic passports is going well with approximately 250 million documents in circulation as of October, according to Barry Kefauver, principal at the consulting firm, Falls Hills Associates LLC. On the other hand, deployment of inspection systems to read the contactless chip in these books is not going as well.
Mandates were the impetus to get the new documents issued, but no such pressure exists on the inspection side. “It’s obviously not as quick and not keeping pace with the issuance systems,” says Kefauver.
“The issuance has been on the front burner (but) the inspection is handled by organizations completely different from the issuance authority,” Kefauver explains, “and you have the dropped ball phenomenon.”
Combine that with a weak world economy and spending on new border control systems was just not a priority, says Mark Joynes, director of product management at Entrust, a passport systems provider. “The financial meltdown slowed things down,” he adds. “It stalled the European rollout of second generation e-passports and inspection systems.”
That’s not to say there aren’t inspection systems out there, Kefauver says. About a dozen countries have automated gates where the chips on the documents are read and the biometric confirmed with either facial recognition or fingerprint, depending on the document.
“They are overseen by a human supervisor but not necessarily in the same way as a traditional border checkpoint,” he says.
Switzerland was expected to roll out system capable of reading all countries passports, including those using extended access control (EAC), Kefauver says. EAC is a security protocol that only enables the biometric information on the chip to be read after the passport reader and country are verified. “About a dozen countries are doing EAC inspection,” he says.
It took eight-years for the optical character recognition-B (OCR-B) readers to reach critical mass and for countries to read that code, Kefauver says. It’s only been three-years that e-passports have been widely issued, he explains, stating that he is not that concerned. “Everyone is inspecting it,” he says.
For the majority of countries that involves reading the OCR-B stripe on the passport’s data page, Kefauver says. Many countries, including the U.S., are looking for multi-use readers that would be able to read the OCR and the chip.
But issuing a document with a contactless smart card chip and not reading that chip is problematic to some. “Of course you’re not getting the value until you’re doing the inspection,” says Joynes.
Entrust is has seen a lot of activity on the issuance side of e-passports but not as much on inspection, Joynes says. “We’re seeing a lot of activity in Asia and starting to see more in the Middle East and Africa,” he says. “But most of that interest is on the issuance side of things.”
One problem on the inspection side is the lack of standards, Joynes says. Countries have to distribute validation information to inspection points. It’s a difficult task and there are not yet standards on how to do it from the International Civil Aviation Organization (ICAO), the group responsible for the e-passport standards. “Distribution of validation materials is crucial but it’s not standardized,” he says. “Identifying travelers who raise concern and integration with Interpol’s lost or stolen passports lists need to be coordinated and integrated.”
Because of the lack of standards, countries are hiring vendors like Entrust to perform these tasks, says Joynes. The company released the capability to provide material to inspection systems using standard PKI and routing the information through an existing infrastructure.
PKD problems?
While issues around transmitting validation materials exist, there are equally pressing issues with participation in ICAO’s Public Key Directory (PKD). The PKD was established to support the global interoperability of e-passport validation and act as a central broker to manage the exchange of certificates and certificate revocation lists from different countries.
The idea around the central repository is to ensure interoperability by minimizing the volume of certificates being exchanged, providing timely uploads and to managing adherence to technical standards.
Participation in the PKD has been the biggest issue with just 20 of 80 eligible countries participating as of November 2010, Kefauver says. “Twenty out of 80 is a small percentage but (the participants) are the biggest countries,” he says.
Finding the funds to participate in the PKD has been a significant obstacle for many countries, says Kefauver. The European Union is considering funding participation in the directory for member countries.
Educating countries on what the PKD does is an important step, he says. Once they understand the importance they will be more likely to participate.
More countries are close to subscribing to the PKD and deploying inspection systems that read the chip, Kefauver adds. “2011 will tube the year we see a lot more activity,” he says.