Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- D3.1: Overview on IMS.
- D3.2: A study on PKI and biometrics.
- D3.3: Study on Mobile Identity Management.
- D3.5: Workshop on ID-Documents.
- D3.6: Study on ID Documents.
- D3.7: A Structured Collection on RFID Literature.
- D3.8: Study on protocols with respect to identity and identification – an insight on network protocols and privacy-aware communication.
- D3.9: Study on the Impact of Trusted Computing on Identity and Identity Management.
- D3.10: Biometrics in identity management.
- D3.11: Report on the Maintenance of the IMS Database.
- D3.15: Report on the Maintenance of the ISM Database.
- D3.17: Identity Management Systems – recent developments.
- D12.1: Integrated Workshop on Emerging AmI Technologies.
- D12.2: Study on Emerging AmI Technologies.
- D12.3: A Holistic Privacy Framework for RFID Applications.
- D12.4: Integrated Workshop on Emerging AmI.
- D12.5: Use cases and scenarios of emerging technologies.
- D12.6: A Study on ICT Implants.
- D12.7: Identity-related Crime in Europe – Big Problem or Big Hype?.
- D12.10: Normality Mining: Results from a Tracking Study.
- Privacy and legal-social content.
- Mobility and Identity.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D3.6: Study on ID Documents
 |
Title: RFID FOR MACHINE READABLE TRAVEL DOCUMENTS |
 |
RFID for Machine Readable Travel Documents
The European Union sees the introduction of the epassport as a step towards rendering passports more secure against forgery while facilitating more reliable border controls. This is further driven by the USA’s insistence that countries wishing to use its visa waiver programme must have in place a programme to put ‘biometric chips’ in their passports.
The epassport is a specific type of Machine Readable Travel Document (MRTD). Many existing passports are already MRTDs which use a Machine Readable Zone (MRZ) at the bottom of the passport with two lines of forty-four characters each which encode all of the passports key information. These characters are printed in the monospace font OCR-B at “Size 1”, as required by the ISO Standard 1073-2:1976. The location of the MRZ, the type of paper, reflectivity and so on are specified in ISO 1831:1980. However, these documents have to be swiped through a reader, i.e. they are not contactless. The new epassports will not only be contactless, but will also contain other biometric details from the owner which can be used for identification in addition to the standard printed data, see .
Figure : A transparent sample epassport showing the normally visible MRZ at the bottom and the normally hidden RFID loop antenna with the small RFID tag in the antenna top left which holds the biometric data
Globally, the International Civil Aviation Organization (ICAO)’s Document 9303 has been adopted as the standard for these new epassports. By adopting a global standard, all passports should be interoperable between regions and countries. Differing from the traditional passport, the standard specifies the use of a microchip embedded in an a plastic card in the paper passport and a contactless mechanism for data communication.
Contactless Automatic Identification
Methods of automatic identification have become increasingly popular over the last few decades, perhaps being traced back to the now ubiquitous barcode and more recently the smart card.
However, it was found that a more flexible method of auto-ID would allow for reprogramming of the data the item carried, use a contactless method of transferring this data, and it would have power supplied to it by the reading device, i.e. it would not need its own power supply such as a battery. Implementations of such a device have become known by the generic term Radio Frequency Identification (RFID) due to the method of data transfer and power, i.e. by radio frequencies which exist at the lower end of the electromagnetic spectrum, see . RFID is a specific means of automatically identifying an item and is part of a class of technologies known as Dedicated Short Range Communication (DSRC) technologies.
Figure : Electromagnetic spectrum showing the broad range of the radio wave frequency component
The RFID system consists of two main components (see ), the small transponder, more commonly known as a tag, which is attached to the item needing identification and the interrogator, or reader, which is used to power the tag and read its data without contact. The tag is known as a passive transponder since it is unable to function without the reader since the reader supplies the power it requires to function. Note that ‘reader’ is somewhat of a misnomer as the device can in some cases actually be used to write to the tag as well to change its data.
Figure : The two main components of the RFID system
The range of RFID implementations available are broad, and are covered in more depth in other FIDIS deliverables. As such, here we shall only be concerned with the implementation utilised in the proposal for the new European epassport.
Use of Contactless Technology in MRTDs
For MRTDs, the ICAO specifies the use of the ISO 14443 standard for proximity coupling transmission between the epassport and the reader. It should be noted that this standard relates to contactless smart cards and not specifically to RFID tags. However contactless smart card and RFID technologies are related, and as the range of RFID technologies grows, the distinction between the two will continue to blur. However, essentially the contactless smart card is a ‘high-end’ RFID device, with the ‘low-end’ consisting of devices which have a simple, fixed data set, usually a serial number.
The ICAO specification details the range over which the epassport should be readable, i.e. the distance from the reader in which the tag will be activated, and the operating frequency of radio waves which the reader should use and the tag should respond to. The different RFID transmission frequencies are classified into the three ranges, LF (low frequency, 30-300 kHz), HF (high frequency)/RF radio frequency (3-30 MHz) and UHF (ultra high frequency, 300 MHz-3 GHz)/microwave (>3 GHz). RFID systems are also classified by range into close-coupling (0-1 cm), remote-coupling (0-1 m), and long-range (>1 m) systems.
The MRTD standard specifies an operating frequency of 13.56 MHz and a read/write range of up to 10 cm. This frequency was chosen for various technical reasons such as suitability for efficient proximity inductive coupling (power transfer), compliance with EMC regulation (already allocated as ISM band) and low absorption by human tissues.
MRTD Data
The new epassport is to contain additional biometric information, stored within the embedded microcontroller and memory. The ICAO recommends a minimum memory size of 32 kBytes to store the data, although it indicates 512 kBytes as a target memory size. The MRTD storage mechanism has to operate in a write-once/read-many fashion, i.e. after the document is issued, it is impossible to change any data.
Data on the epassport is organised in the ISO 7816-4 standard logical data structure (LDS) which specifies a number of Data Groups, as well as the encoding of the data:
DG1 is mandatory and contains the same data as printed on the passport, such as name, date of birth, expiration date, document number, nationality, etc.
DG2 is mandatory and contains a ~15 kByte JPEG2000 encoded facial image and corresponding biometric data
DG3 is optional and is designated for biometric fingerprint data
DG4 is optional and is designated for biometric iris data
The ICAO standard specifies that the data in DG1 and DG2 are stored unencrypted, since the same data is human-readable on the printed pages of the passport. However, it is up to the issuing country’s discretion as to whether optional biometric data are encrypted – although this has wider interoperability issues. In any case, all biometric data are stored in the Common Biometric Exchange File Format (CBEFF) NISTIR 6529-A.
Basic Access Control
On the simplest level, the transmission between tag and reader incorporates basic error checking and correcting coding to ensure data integrity. However, this is only in place to protect against data corruption through outside interference during the data transfer. In order to protect against unauthorised disclosure of the digital data, Basic Access Control (BAC) is used to deny access to the MRTD data until the inspection system has proven that it is authorised to access it. The standard specifies that any communication leading-up to BAC has to be encrypted via ISO 7816-7/8 secure messaging.
The reader first acquires the standard MRZ information from the data page of the passport, generally via an OCR scanner. This MRZ information is used for computing the encryption and message authentication keys used for the “secure” exchange of the session keys. Using information that is available on the actual travel document is intended to limit access to only those people who have physical access to the passport.
Authenticity of the RFID
It is a further mandatory requirement that the data stored on the epassport is digitally signed by the issuing country. These digital signatures are stored on the epassport and are checked during validation of the document to ensure that the data has not been altered in anyway. This however does not alone protect against cloned MRTDs or the unauthorised disclosure of the digital data.
Active authentication is employed to verify that the chip has not been substituted. It is based on a challenge response protocol, using the Public Key Infrastructure (PKI) mechanism. The keys required for this process that are stored in the epassport are located within secure memory, and cannot be accessed until the BAC stage has been successfully completed.
| |
   |
|
| Denis Royer | 8 / 56 |
