Technology advances improve passport issuance and control
23 November, 2015
category: Biometrics, Contactless, Government, Smart Cards
By Neville Pattinson, senior vice president for government sales at Gemalto North America
Without a passport, legal international travel is virtually impossible, but the potential to cross international borders using fraudulent documentation continues to open sovereign nations to major security threats.
Rigorous standards to ensure that all international travel documents are valid and legitimate are critical in matters of homeland security. These standards have evolved over the last decade to incorporate technological advances, but it is not clear whether these improvements are being utilized globally to the fullest extent.
The International Civil Aviation Organization (ICAO), under United Nations charter, develops standards for passports and other official international travel documents. In most nations, standard passports have long since transitioned from paper-based documents. Today secure plastic-laminated papers or full-page plastics, such as polycarbonate, provide additional surface features to make the passport more durable and far more resistant to tampering or forgery.
In the last 10 years, another major change to the ICAO passport standards is a mandatory transition to machine-readable passports, visas and other travel documents necessary for border crossing. All non-machine readable passports must be out of circulation by November 2015.
Typically, a transition to machine-readable cards means the inclusion of contactless smart card technology, which improves security by making forgery even more difficult. A smart-card enabled electronic passport (ePassport) contains both a security key that is unique to the passport and cannot be fraudulently generated as well as an embedded microchip that cannot be read without this security key.
The chip contains a duplicate of all the information physically presented on the passport, including name, date and place of birth, and an electronic copy of the passport photo. With an ePassport, border security officials can scan the document through a machine to read the embedded electronic information and quickly determine its authenticity. The chip also enables rapid automated reading, reducing waiting times and eliminating errors when processing passengers.
ePassports feature multiple layers of security to protect an individual traveler’s personal information and photograph for a higher level of security. The chip’s software contains an arsenal of technical measures to ensure any modification is not only extremely difficult but also easily detectable. The data is stored securely and cryptographically signed by the government agency that issued the passport.
The passport readers at border crossings verify not only the identity of the citizen, but also the authenticity of the document. If the data has been modified, the digital signature will no longer correspond and the document will be flagged as false.
Passport readers at border crossings verify not only the identity of the citizen, but also the authenticity of the document
This transition has not been seamless, however. Despite the fact that more than 600 million ePassports have been issued globally – including in the United States – it is unclear whether border control authorities worldwide have reduced their reliance on physical document inspection in favor of electronic checks of the ePassport’s chip. Anecdotal data suggests the number of authorities scanning the chip is far too low. Whether due to lack of proper training, equipment or some other reason, the promise of the ePassport has not been fully realized.
eVisas open new doors
This is also true of the ePassport’s counterpart: the eVisa. With eVisas, an individual submits their documentation via mail or directly at the embassy for approval by the issuing authority. The applications are then verified via multiple factors that include not only document authentication, but also biometric data as well as automatic cross-checks with national and international databases such as INTERPOL.
Once all authentications are verified, the visa is issued and logged into a national Visa Information System, a comprehensive database that anticipates all movement of foreign nationals into and out of the country. At the entry point, the eVisa “stamp” can be digitally incorporated directly into the ePassport, again significantly reducing the possibility of fraudulent documentation. Many countries – particularly throughout Asia and the Middle East – have transitioned to eVisa technology.
The transition to the eVisa in the U.S. could significantly reduce the ongoing challenge of visa overstays. This year, Customs and Border Protection issued its “Vision and Strategy 2020,” which outlines a number of policy improvements, including international partnerships to implement entry/exit strategies that “promote greater transparency and enable enforcement and interdiction of both travelers and cargo leaving the United States.”
The point is a critical one because currently foreign nationals are only logged upon entry through the U.S. border. Should eVisas be implemented, the technology and security improvements could be vast. eVisas could provide electronic verification of exit that could be automatically recorded in a central database as soon as the visitor steps through the airport gate.
The process of obtaining a visa, whether for tourism or for approved overseas work, could be significantly eased for visa applicants, as well. Visas could be securely requested over a smartphone or other mobile device, and after rigorous verification as noted above, the issued visas could be written directly onto a passport’s chip. This would make it even more secure and improve the government’s ability to prevent overstays via the database.
Revised ICAO standards in the works
This technology is likely to become more common further into the future, with the next generation of ePassport standards under development by ICAO. Called Logical Data Structure 2.0, these standards will focus on electronic requirements for the rest of the passport apart from the data page, including visas.
Additional biometric improvements to international passport standards are also on the horizon. The most recently issued ICAO standards include a new globally interoperable standard for biometric identification of the holder and for the storage of the associated data on a contactless integrated circuit. Biometric identification is most likely to continue to favor mostly fingerprints, but iris scans or facial recognition is also possible.
Obviously, protection of an individual’s biometric data against identity theft is a major concern, particularly if a passport is lost or stolen. Currently, the majority of issued ePassports include Basic Access Control protections, to ensure that only authorized parties, such as immigration officials, can wirelessly access the personal information stored on the ePassport’s chip.
The ICAO’s Extended Access Control standards are advanced features that protect additional biometric data stored on the passport as well. While Basic Access Control standards are required, Extended Access Control is optional for individual nations issuing the next generation of machine-readable travel documents.
Ghana raises the bar
An excellent example of a country that has fully upgraded its border management technology from end-to-end is Ghana. Ranked among the world’s top-ten fastest growing economies, Ghana has outstripped growth in African countries annually since 2008.
To steward the country’s booming economy, the government moved migration to the top of its agenda, especially as Ghana becomes an increasingly desirable destination for business investment and tourism. As part of a comprehensive overhaul of immigration procedures, Ghana transitioned from manual, decentralized documentation issuance to a centralized, thoroughly modernized system that is operational at six points of entry.
The system includes an online portal for visa and permit requests; eVisa application and issuance; and the integration of biometric identification capture for foreign nationals entering the country to facilitate flow and tracking.
Overall, improvements to the integrity and durability of passports and other international travel documents over the last decade have been tremendous. The next step for the international community is to better utilize the technologies that are available, including electronic verification of the passport, automation through borders via e-gates or kiosks, and eVisa usage to better manage the flow of international arrivals and departures.
