Cambridge, UK - 15 September 2008
A solution that will dramatically accelerate the speed of inspecting ePassports has been launched by security solutions specialist, Cryptomathic. The new technology addresses government concerns that the extended time taken to retrieve ePassport biometric data will result in unmanageable queues and costly delays at busy international border points, by eliminating the need to transfer data from the ePassport chip onto the border control system every time a traveller enters the country.
Part of Cryptomathic's ID Inspector portfolio, the solution allows inspection systems to store elements of a traveller's biometric details - at a port-of-entry or national level - such that it is impossible to access the data unless the physical ePassport is present. The technology will enable Basic Access Control ePassports to be read almost instantaneously, while increasing the speed of inspecting Extended Access Control ePassports by a factor of four. Known as the 'encrypt and destroy technique', the solution satisfies EU ePassport privacy and data protection laws.
Mike Bond, Security Director at Cryptomathic UK and creator of the solution, explains: "As the EU has mandated that all its issuing authorities will introduce second generation ePassports containing fingerprint biometrics by June of 2009, border inspectors are increasingly concerned that it will be impossible to electronically process every traveller within a reasonable time without radical increases in staffing levels. And they have every right to be concerned: it can take as long as ten seconds to read out all biometric data from some ePassports, which would result in immense delays at international border crossings. The travellers are disrupted and so is security."
The Cryptomathic solution is a special sort of caching mechanism, a storage area that holds an encrypted version of the ePassport biometric data, scrambled using an encryption key and identified by a pseudonym which are both derived from the ePassport itself. When the ePassport has its initial contact with the border control station, the biometric data is transferred from the chip into the inspection system, and at the same time a unique key is calculated from the ePassport chip which is used to encrypt the stored data. Crucially, the storage key is then deleted from the memory of the border control system to make it impossible to retrieve the stored data. In order to recreate the decryption key for the record and view the biometric data, the original ePassport document must be connected to the inspection system.
Mike concludes: "The quantity of biometric data stored on ePassports will inevitably rise as other biometrics gain popularity, like iris codes. Advances in chip technology will make a difference over the coming years, but it is hard to achieve the optimal inspection conditions required to benefit from faster chips at busy border points, and such improvements can do nothing to assist the hundreds of millions of ePassports that are already in the field.
"The global investment and commitment to deploying ePassports is considerable. If a country's implementation is too hurried or poorly thought out, border controllers will have to compromise in the inspection procedures. They may only inspect ePassports for travellers already identified as suspicious for example, which would weaken the security benefits of the technology, and travellers would soon be asking why they had to pay so much for their ePassport if it is hardly ever read. By securely caching traveller details upon passport application or first border crossing, these delays can be significantly reduced saving both time and money. Cryptomathic is delighted to bring this important solution to market."