EPassport standard status

1
E-Passport standard status and efforts at Japan
IC passport study committee
2004/09/16

• Head of Japan ISO/IEC JTC1/SC17/WG3
• Member of ICAO-NTWG
• Manager of Japanese IC-passport study committee

Junichi Sakaki (Panasonic) J-sakaki_at_so-net.ne.jp
2
Self Introduction

• 1995 - 1997 RD for Contactless Smartcard
  prototype
• 1997 - 2000Contactless IC card standardization
• 1997 - Driver License Standardization
• (ISO/IEC JTC1/SC17/WG10 Secretary)
• 1998 - Machine Readable Travel Document
• (ISO/IEC JTC1/SC17/WG3 TF4 leader)
• (Member of ICAO-TAG-NTWG)
• (Manager of Japanese IC-passport study committee)

3
Relationship ICAO and ISO at Passport standard
ICAO Secretary General
ISO
IEC
Airport Bureau
JTC1
Aviation Security Facilitation Branch
SC17 (Card ID)
Facilitation Section
WG3 (MRTD)
TF1 (New Technology)
TAG (Technical Advisory Group)
Official Liaison
TF2 (LDS)
EPWG
DCFWG
NTWG
TF3 (PKI)
EPWG Education Promotion WG DCFWG Document
Contents and Format WG NTWG New Technology WG
TF4 (Testing)
4
Passport standard committee in Japan
Japanese Industrial Standard Committee JISC
Information Standard Technology Committee of
Japan ITSCJ
Japan Business Machine and Information System
Industries Association JBMIA
SC17 (Card and Identification)
SC27 Security
WG3 (MRTDs)
SC37 Biometrics
SWG1 (Contactless)
PKI TF
SC17/WG8 Contactless Card
Biometric TF
5
Collaboration of ICAO and ISO

• SC17/WG3 is sole liaison partner for
  ICAO-TAG/MRTD within ISO
• Other liaisons International Criminal Police
  Organization(ICPO)
• International Air Transport Association (IATA)
• Airport Council International(ACI)
• Collaboration has been started from early 1990's
• Role of ISO is endorsement of ICAO document(ICAO
  Doc. 9303)
• ICAO document is usually published without ISO
  endorsement by only ICAO membership countys
  agreement and authority of ISO is just Fast Track
  voting after ICAO publishing.
• Six member from SC17/WG3 are allowed to
  participate into ICAO meeting as ISO
  representatives.
• ISO members are acting editors of the ICAO
  technical reports.

6
ICAO TAG-NTWG

• Two or three times meetings are held in every
  year.
• (Den Haag, Tokyo, Oakland 2004)
• Participants are increased after September 11
  (Mostly over fifty).
• Major participants are Government official
• (Passport Office, Immigration, Customs, Police)
  
• Regular participating countries
• (USA,UK,France,Germany,Canada,NZ,Australia,Netherl
  ands,
• Italy,Latvia,Swiss,Singapore,Korea,Japan)
• Chairman Gary McDonald (ICAO/Canada Passport
  Office)

7
ICAO-Doc. 9303
8
ICAO TR

• Three Technical Reports (Biometrics?Logical Data
  StructureLDS?PKI)
• Have been published as 2004 version at Web
  site(http//www.icao.int/mrtd/)

9
ICAO TR (Cont)
2003/5Ver-1, 2004/7Ver-2 Objective
Identification, Aid for Border control, Data
structure Basic Guideline Global
Interoperability Need to develop by 2005/10 for
US-Visit program Reliability, Practicability,
Durability

• Issues
• Biometrics technology is immature stage and
  standard is not final
• Future development of technology is
  unclear(Backward compatibility)
• Compatibility with public opinion, Law, and
  Culture of member countries.
• Technology obsolescence, Biometric aging
  (validity can be 10 years?)
• Card interoperability

ICAO TR is scheduled to integrate into ICAO Doc.
9303 in 2005.
10
ICAO TR (Cont)
Recommended Biometrics Face Primary
(Image) Finger Secondary (Image) Optional
Minutiae Iris Secondary (Image) ? Pattent
Issue(Base Patent only)had been resolved
by mutual agreement of ICAO and
Iridian Tec.
Berlin Resolution(2002/6) ICAO TAG-MRTD/NTWG
endorses the use of face recognition as the
globally interoperable biometric for machine
assisted identity confirmation with machine
readable travel documents. ICAO TAG-MRTD/NTWG
further recognizes that member states may elect
to use of fingerprint and/or iris recognition as
additional biometric technologies in support of
machine assisted identity confirmation. Adoption
Unanimous
11
ICAO TR (Cont)
New Orleans Resolution (2004/3) ICAO
TAG-MRTD/NTWG recognizes that Member States
currently and will continue to utilize the facial
image as the primary identifier for MRTDs and as
such endorses the use of standardized
digitally-stored facial images as the globally
interoperable biometric to support facial
recognition technologies for machine assisted
identity verification with machine-readable
travel documents. ICAO TAG-MRTD/NTWG further
recognizes that in addition to the use of a
digitally stored facial image, Member States can
use standardized digitally-stored fingerprint
and/or iris images as additional globally
interoperable biometrics in support of machine
assisted verification and/or identification.
Member States, in their initial deployment of
MRTDs with biometrics identifiers, are encouraged
to adopt contactless IC media of sufficient
capacity to facilitate on-board storage of
additional MRTD data and biometric identifiers.
subject to the resolution of intellectual
property issues
12
Major topics of ICAO TR 2004
Rquired Memory Capacity Minimum 32k Byte(Case
of One Facial Biometrics) Interface Proximity
IC card(ISO/IEC14443) only Location of IC chip
Location and Material are Note specified All
personal data are written in issuing process(Can
not be changed after issuing) To resolve
interoperability issues, supplementary practices
have been added Facial data is defined as not
privacy and not encrypted Optional Finger and
Iris data should be encrypted as privacy and its
means is left as agreement between countries
Basic rule is free to read all personal data
13
Major topics of ICAO TR 2004
Document security Passive Authentication
Authenticity and Integrity Basic Access control
Skimming and Eavesdropping for Privacy Active
Authentication Chip Substitution and Data
Copying
Face Biometrics spec is simply refer to ISO/IEC
19794-5, and 19785-1
Image encording JPEG, JPEG2000(Optional)
Protection Profile (IC chip card OS) EAL4
Even if IC chip is broken, Passport is still
valid by printed data (electronic data is just
an aid).
Lots of Option, No best practice for receiving
state
14
Issues on ICAO TR
Still unclear on Public key distribution and
Revocation list
Undefined on VISA data Virtual VISA using
internet? Append VISA data on a same chip
memory? Independent VISA sticker(2D barcode,
IC-Chip, others)?
Issuing cost, Chip durability for 10 years?
Insufficiency on face biometrics accuracy(Aging,
Lighting)
International interoperability issue on
contactless chip interface
Lack of consideration on transaction speed at
immigration booth (Slower than human?)
Several countries are in procurement stage
although standard is not yet completed
15
Reason of ICAO decision
Why Face recognition?
Few changes are required on the issuing
process Portrait has been used at passport and
immigration for long time Psychological
comfort Compatible with human inspection (Machine
verification is aid) Compatible with negative
list which has been accumulated
Why Image?
Good interoperability Flexibility for future
technology progress Can be reused for visual
human inspection
Why Contactless-IC?
Enough memory capacity(32k 64k Byte is
available) Easy to handle High speed data
read High security
16
IC chip implementation
Inlay (Thin plastic sheet with IC-chip and
antenna)
IC chip
Antenna coil
Issuers choice

• Chip location Cover page, Middle, Back cover
• Material PVC or PET
• Chip size(Phisical Memory) proportionality
  relation
• Read range Tradeoff relationship at
  functionality Speed
• Cost Depends on memory capacity
  functionality

17
Issuing process (Example)
Inlay
Assemble to Booklet
Transport
File create Lock with transport key
Application
Complete
Print / Personalize
Grant
Scan from Application form
(Identification )
18
Logical Data Structure
MF
Issuer Application (DF)
User Application (DF)
(Not defined)
Common Data (EF)
MRZ Data (EF)
Other Personal Data (EF)
Note MF Master File DF Dedicated File EF
Elementary File MRZ Machine Readable Zone
(i.e. OCR)
Face Data (EF)
(Option)
Finger Data (EF)
Security Object (EF)
Iris Data (EF)
(Option)
(Digital Signature)
19
Digital Signature
Generate key pair
Issuing Key (Secret Key)
Verification Key (Public Key)
Data
Verify data using public key
Data
Signature
Compute and add digital signature using a secret
key
Signature
Issuer
Inspection
20
ICAO Schedule
ICAO TR Ver-1 May 2003
ICAO TR Ver-2 July 2004
London NTWG July
Glasgow NTWG Sep
Tokyo NTWG Sep
NZ NTWG Dec
New Orleans NTWG Mar
Den Hague NTWG Feb
2003
2004
ICAO TAG14 (Montreal )Apr
ICAO TAG15 (Montreal) May
21
e-Passport Study Committee
ICAO/NTWG
Other ministries IC card Immigration Airport
Domestic SC17/WG3(passport)
Ministryof Foreign Affairs
e-passport Study committee
22
e-Passport Study Committee Timeline
e-Passport Introduction
Report
23
Face biometrics experiments
1.Aging test
Experiment outline Face recognition test by
using past 11(mostly 6) years database of
diplomatic passport. Since the database contain
many photos taken at different year for same
person, it is anticipated that it can be used for
an good aging test data. Objective Validate
passport period of validity from biometric points
of view
2.Photo quality test
Experiment outline Specify obstructive factor
at photo quality through various environments
(speed photo box, simulation of airport etc.) of
photo shoot. Objective Review a current
photo guideline of MOFA
24
Image quality test -1
Immigration
e-passport
Photo studio
Pre Face Recognition Test
Best Practice
Instant photo stand
?32-person images ?8 engines
25
Image quality test -2
Immigration
e-passport
Simulated immigration booth (bright lighting)
Best Practice
Face Recognition Test
Simulated immigration booth (dark lighting)
Instant photo stand
?300 images ?9 engines
26
Aging test
6 Years ago
5 Years ago
4 Years ago
New Photo
Face aging Recognition Test
3 Years ago
2 Years ago
1 Years ago
?Total 32,000 images ?10,000-person images ?7
engines
Present image
11 years database (Mostly 6 years)