INTERPOL converges travel and employee IDs
Combined passport and smart card credential empowers globetrotting police
24 May, 2011
category: Biometrics, Contactless, Digital ID, Government, Library
When you’re chasing down international criminals, the last thing you need is a passport inspection slowing you down at the border.
That’s the idea behind the new travel documents issued to officers of the International Criminal Police Organization, or INTERPOL. With the new secure IDs, they can assist in transnational investigations or urgent deployments without the need for visas.
At its November 2010 general assembly meeting in Qatar, INTERPOL voted to enable its 188 member countries to provide special visa status for holders of the new travel document on official business for the organization.
Normally, visa requirements have a lead time of two to three weeks. But under the initiative, INTERPOL officers with valid travel documents can have the visa requirements waived or have the visa automatically issued upon arrival.
“Criminals can cross borders swiftly and effortlessly,” said INTERPOL Secretary General Ronald K. Noble, “while our (officers) are slowed down or stopped because of bureaucratic international red tape, which constitutes a major impediment to keeping the world safe.”
Identity and security provider Entrust partnered with EDAPS, a Ukrainian consortium of high-tech companies, to provide the set of ID documents. The officer receives both an e-identification smart card and an e-passport booklet. The travel documents are compliant with International Civil Aviation Organization (ICAO) standards and serves as identification at border checkpoints around the world.
In addition, the e-ID can be used to authenticate physical and logical access to INTERPOL facilities and computer networks. “I think you’ll find that this is the first time that physical and logical access has been tied into a machine-readable travel document,” says Mark Joynes, director of product management for Entrust.
When used in tandem with the international passport, the e-ID card identifies an officer to determine whether visa requirements can be waived.
Additional features–including laser engraving and holographic, micrographic and optical elements–further secure the documents.
Entrust developed the multipurpose smart card credential and provided the various software and electronic passport capabilities for the credential. EDAPS developed the card’s physical components, such as the plastic substrate, holograms and base physical security designs. EDAPS also produces the e-passport booklet.
Developing the documents
INTERPOL saw a need for the e-ID card after developing the passport booklet for use by senior management officers and heads of INTERPOL bureaus. “We (recognized) a big problem in the world of communication with police officers who are working on the ground,” says Ralph Markert, manager of INTERPOL’s travel document initiative.
In designing the e-ID credential, Entrust had to take into account the array of security requirements and access controls required by INTERPOL. The agency needed to set physical access controls for entry into its Lyon, France, headquarters, as well as logical controls for access to the organization’s complex system of computer networks.
All of these needs coincide with INTERPOL’s mandate for combating criminal activity around the globe. Expediting the travel process was a major concern, as INTERPOL needed to be able to execute its passport documents in real time, especially when officers from multiple countries are called in as first responders for natural disasters such as the Haitian earthquake or to secure global events such as the FIFA World Cup.
“You can have a team of six or seven different nationalities, all of which have different requirements for entering their countries,” Markert says. To meet those needs, Entrust enabled the credential with a smart card logon for access to Windows-based systems. The cards can be placed on a smart card reader that wirelessly reads the chip and confirms the individual’s identity by asking the user for a PIN.
Once authenticated, the card holder can use the digital identity on the card for logical functions such as securing applications, digitally signing e-mails and encrypting files. Previously, INTERPOL agents had to use a building access card and a separate token for logical access. Now, a single card controls access to buildings and computer networks.
INTERPOL issued several hundred of the travel documents on site at the general assembly meeting and is encouraging all of its member countries to recognize the new IDs. In total, about 600 credentials have been issued and more will follow as additional member countries sign on to the program.
Five countries have agreed to recognize the new travel document: Brazil, Egypt, Pakistan, Senegal and Swaziland. “We have also contacted various other countries that are in the recognition process,” adds Markert.
Card capabilities
Joynes calls the e-ID credential the strongest form of identity deployed today. It stores two biometric fingerprints, as well as digitally signed personal data. “From a logical standpoint, it’s designed to mitigate undetected forgery,” Joynes says.
EDAPS employed highly modern holographic security elements in the card’s physical creation. “So on every front,” Joynes says, “it’s giving you the strongest possible credential.”
The card contains two microchips, one for physical access to buildings and a second to manage applications including the e-passport capability. Today, document holders can access secure e-mail and document signing but other applications, including an electronic wallet, are expected.
The credential complies with X.509 standards for public key infrastructure and challenge response capability, which allows INTERPOL to revoke a user’s systems access at a moment’s notice, should the need arise.
On the passport side, the credentials comply with the Basic Access Control standards set by ICAO and the European Union requirements for Extended Access Control.
The documents are administered from INTERPOL’s Lyon headquarters, but Entrust hosts the data management out of its Washington facility. “That enables them to issue their cards and passports on the ground in Lyon, but it means Entrust can do the heavy lifting from a public key infrastructure perspective. It allows them to focus on the job at hand,” says Joynes, “combating global crime”
