A conversation with ICAO’s Barry Kefauver
Barry Kefauver has more than 30 years of government experience and has been instrumental in the development of electronic passport programs. Kefauver served as the deputy assistant secretary of state for Passport Services at the U.S. Department of State. He has chaired many international fora, including the International Civil Aviation Organization (ICAO) Work Group on New Technologies and the main committee of the International Organization on Standardization (ISO) assisting ICAO in drafting the biometric passport guidelines.
Kefauver is principal at the consulting firm, Falls Hills Associates LLC. and has served as adjunct professor at the University of Mary Washington, teaching international business.
Kefauver was kind enough to answer a series of questions for re:ID readers on the latest with the electronic passport programs.
Q: What’s the state of e-passport issuance around the world?
First, I would like to clarify the ICAO “deadlines” that have been the subjects of some confusion. The first deadline is that which has just passed; that is, as of April 1, 2010, all countries must have begun to issue Machine Readable Passports (MRP). The second deadline, and clearly related to the first, is that all issued non-Machine Readable Passports must expire before November 24, 2015. Note that neither of these deadlines requires that biometric or e-passports must be issued at all. The deadlines are focused solely on machine readability on an international and globally interoperable basis.
With respect to the status of passport issuance at the time of this writing, there are approximately 81 countries that are issuing electronic, chip-based biometric e-passports that are in compliance with ICAO requirements.
I say approximately because this number and the others that I will cite are based on the best data available from all of the best sources, but subject to change on a daily basis, generally increasing the number of issuing authorities employing e-passport technologies. Also, there are several countries that characterize their passports as e-passports that are NOT in compliance with one or more ICAO specifications. These are not included in the 81 noted earlier. If and when these are brought into compliance, they will be counted as well. There are an additional 27 countries that indicate they intend to issue e-passports yet within 2010.
On the other side of the equation, there are approximately–note that word again, for the same reasons–20 countries that are not issuing machine-readable passports in compliance with ICAO standards. Several of these passports that are not in compliance can be brought into compliance relatively easily and the countries have been notified as to the discrepancies.
Therefore, hopefully by the time this is published, this number will be diminished. In addition, at least eight countries are moving toward machine-readable passport issuance still to occur in 2010. In sum, of all of the ICAO 190 member state contracting parties, approximately 170 are now issuing traditional machine-readable passports or e-passport issuance in accordance with ICAO standards.
Q: What was the risk that ICAO took on biometrics that paid off?
In the early days when the quest was colloquially called “Co-Existing Technologies,” the goal was primarily to link the bearer with the document in a way that would enhance the ability of the human inspection process through the use of machine-assisted identity confirmation.
Unknowns of many kinds, such as new technologies, contactless chips in a paper substrate, interoperability, the infancy of biometrics, untested public perception, political concerns, resource requirements, and others, swirled about as work was being carried out.
Very fundamental questions, some of which had never been asked, most of which had no clear answers, abounded. And of course, those questions that continued to arise as work went on, those that we didn’t even know existed until they raised their ugly heads, were the most vexing.
Interesting that we assumed that the most difficult areas of deployment would involve the application of biometrics, frankly the reason why the chip’s data carrying capability had been chosen in the first place. After all, we had the maturity and deployment experience of ISO/IEC 14443 that would serve as our turn-by-turn deployment GPS.
Wrong. In addition to having to rewrite 14443 to accommodate the travel document functionality, we also had to define de novo ways in which to test the chips for both performance as well as reliability and durability, encountering a number of new-science learnings regarding the behavior–and vulnerability–of radio frequency chip technology.
So the risks facing ICAO were of several differing types, each one complementing and feeding on the others. There were the kinds of risks that we knew about such as the untried and essentially untested field performance of biometrics on the kind of global scale that worldwide passport issuance required. And then there were the intangible perceived risks that began to become clearer and more daunting, the kinds associated with ways in which to insure privacy and data integrity, while capitalizing on the operational virtues of the contactless chip that had formed the basis for its selection in the first place.
The use of biometrics, especially the use of facial recognition as chosen by ICAO as THE globally interoperable technology, was viewed quite skeptically and by one observer I recall, characterizing biometrics as “the new snake oil.” Certainly the body of knowledge that had been assembled when ICAO was fully committed to biometrics was sparse. As well, it was the ICAO/travel document application that drove identity management initiatives and had substantial impact on the enhancement and improvements of biometrics as well as the attending enabling technologies.
These kinds of risks are often the companions of pioneering efforts in many efforts to effect change. However, this work was being carried out on a global and worldwide scale and demanded that international and multilateral cooperation drive each and every decision and direction, otherwise that all-critical global interoperability would be left to wave aimlessly in the breeze.
The stakes were very high and very visible. So the risks, known and unknown, were dealt with as they were encountered and they were addressed in ways of global collegiality, a sense of togetherness that has characterized the MRTD programs. While there is always room for improvement, I think the payoff has been in confronting these risks head on, addressing them as effectively as humanly possible and being strengthened by having done so; we now have the most secure passport the world has ever known.
Q: What are some of the risks that ICAO may need to face in the future?
This is a very timely question and one that I have pondered for a while before trying to answer. So I will try to respond with a two-part answer. The simple part of the answer is that the risks that will be faced in the future are very similar in nature to those faced in the past.
Independent of technological direction or substantive content, these risks will reside on the foundation of the unknown. The myriad of surprises that inevitably will occur and create speed bumps and stumbling blocks to any new direction in which the travel document community chooses to proceed. So, that is rather easy to capture and assess. The more difficult and far more troubling risk that we face is the risk of doing nothing, or too little too late.
There have in the past been views expressed that now that ICAO Document 9303 has been published, the work of development is completed and all that needs to be done is to carry out maintenance. It would be quite comforting to declare victory–”mission accomplished” to put into flawed context–and bask in the facts reflected in the answer to the first question showing that the vast majority of the world is ICAO compliant.
However, technologies are changing and improving literally day by day. Perhaps not on the scale of Moore’s Law, but the tools and technologies of identity management in the broadest sense are increasing at a very fast pace. The travel document community has to keep pace with these evolutions, not to chase technology but to insure that the fabric of the world’s border management infrastructure is as tightly woven as possible. Those who would make mischief with identity vulnerabilities, such as terrorists, drug and human traffickers and other international criminals, are all seizing on this same evolutionary technological progress in seeking ways to work their ills on humanity.
So, as I see it, there is no choice but to take the same kinds of risks that have led the visionary way forward for the travel document community over the past decade. The stakes have never been higher.
Q: Describe the types of partnerships that need to be put in place for the success of e-passports.
This is a crucial and pivotal question. The cornerstone of globally interoperable travel document utility and border management functionality has always been cooperation, interdependence, collegiality and accountability. Without the kinds of partnerships that have been forged, for example, between the world’s governments and the private sector, there simply would not be the bedrock that is now Document 9303.
As well, along with the growth in recognition of the travel document’s pivotal importance in the trans-border movement of people, has come the corollary need for like-minded entities and organizations to come together. Accompanied by the evolving and changing face of threat and vulnerability over the past several years, the realities of combining assets, resources, expertise, access and perspective have brought about a natural and critical coalescence of those who share in the stakes of enhanced identity and border management.
The partnerships that have formed and still shaping bring together a number of interests that find similarities of purpose in the use of machine readable travel documents, biometrics and the myriad tools of sound and effective identity management. To name a few of the key partnerships: ICAO, INTERPOL, IOM, OAS/CICTE, OSCE, UNCTED, among others.
Driven in part with the need to provide assistance and expertise, especially for those countries seeking to deploy a machine-readable passport program where none had existed before, these partnerships over the past couple of years have resulted in a number of direct interventions with specific countries as well as regional workshops intended to smooth the way for those in the development stage as well as those countries seeking to improve and build on that which already exists.
By joining forces, with ICAO serving as something of the catalyst or fulcrum, these groups have been able to better utilize the increasingly scarce fiscal resources as well as to capitalize on access to that most elusive commodity, objective and knowledgeable expertise in the breadth of disciplines needed for modern, effective border security and identity management.
The expansion of scope and reach of these kinds of partnerships is perhaps the single most important factor in insuring a successful future for the travel document evolution, the enhancement of border security and, most of all, the improvement in facilitation and security of the world’s traveling public.
Q: What’s the status of deploying inspection systems for e-passport around the world?
There is no question that the deployment of machine-readable passports and e-passport issuing programs has proceeded with somewhat greater speed and broader impact than the reading and inspection tools. This is to be expected and resembles the time lag that accompanied the initial wave of machine-readable passports and their inspection and reading.
That took more than eight years to catch on with any meaningful critical mass, so, if measured by that standard, we are currently a bit ahead of the power curve. The introduction of new technologies and the kinds of changes effecting change represents is always a learning and slow process. The use of new reading systems, new storage media, new measures that are required to protect privacy and insure data integrity, new traveler throughput models, new human resource requirements and a number of similar issues must be addressed and solved. Much work has been done and much remains, but at this point the progress is noteworthy.
The question of “who reads/inspects machine-readable travel documents and for what purposes” has been with us forever. So any quantification must be preceded by a very big “approximately” for the same reasons that caveat my response to the first question. However, the ICAO New Technologies Work Group (NTWG) launched a formal new work item at its recent meetings in Bangkok specifically aimed at being able to authoritatively answer these questions. So, with the word “approximately” modifying each of these data, the following provides a snapshot of where things stand at the moment.
- 16 countries are currently reading and “using” the biographical and biometric data stored on the chip
- 53 countries are using biometrics in some form for border management purposes (primarily face and finger or a combination of those two, but a couple using iris)
- All 81 countries that issue e-passports are, of course, capturing biometric data in those chips (36 facial image, 45 both face and fingerprint)
- 16 countries currently participate in the ICAO Public Key Directory (PKD), the organization that handles the exchange of PKI certificates among countries.
The use of biometric and other related tools is increasing as these data reflect. Of particular note is the last bullet, focused on PKD membership. There is immense power offered by reading and confirming the PKI aspects of machine-readable travel documents for data validation and verification.
Additionally, coupling the resource that the PKD represents in assuring and verifying a number of integrity attributes on which today’s inspection systems must reside with that PKI process is the foundation that potentially takes today’s MRTD beyond the reach of most of the unscrupulous.
I say potentially because inspection authorities must capitalize on this power by reading the data stored on the chip and comparing that data to the live subject who claims to own the document. As well, the corollary PKD membership provides the vehicle to insure that information on the origins of the data stored in a chip is valid and real. Simply stated, many more countries need to do so. For an issuing authority to have invested in an e-passport program and not join PKD or use the chip data has been likened to buying a very expensive, beautiful luxury car, but scrimping by not buying the wheels to go with it.
Q: Any prediction on what ICAO may be looking for in its next e-passport request for information?
The ICAO Request For Information process has been functioning on a roughly three-year basis since 1995. The intent of the RFI has been to give governments an opportunity to formally engage in a dialogue with industry in terms of more clearly and systematically identifying longer term needs, directions and priorities.
This allows the private sector to give some peeks into the laboratory for emerging technologies as well as to showcase current products that might be of interest to the travel document community. This mutual exchange sharpens both the government’s sense of direction and provides a clearer business case justification for industry to invest in research and development.
The first request for information, supplemented by the several other similar undertakings, yielded something of a feast on which the travel document community thrived for quite some time. That earlier emphasis was on biometrics, physical security features and data storage media.
All of these areas have borne demonstrable fruit. At the moment, the next request is a discussion item that has just begun. While I would expect some of the same areas of interest of the past to remain into the future, the idea of the RFI is to look out over the next decade or so and articulate a sense of vision of the travel document and border-identity management needs of the future. So, with thought just beginning, all I can advise is: Wait and see.