Entrust ePassport Solutions

In order to facilitate interoperability across countries, the International Civil Aviation Organization (ICAO) set global standards for ePassports. Since the ePassport contains sensitive personal information, the security and integrity of the ePassport are critical. As a result, two ePassport standards help migrate countries from traditional paper-based travel documents.

Basic Access Control (BAC)
Created to mitigate passport forgery, first-generation ePassports use a Basic Access Control RFID chip containing a simple biometric (usually a photo of the individual) along with the identity information of an individual duplicated on the paper document.

Entrust provides the trust and cryptographic architecture that produces digital signatures on BAC ePassports, and subsequently validates the signature and trust at border control checkpoints. This prevents a cloned or modified passport, when it is properly processed, from being used to cross a border.

Extended Access Control (EAC)
Created to mitigate impersonation attempts, second-generation ePassports use the EAC standard that leverages a stronger biometric (e.g., fingerprint or iris scan) that is more difficult to impersonate on the RFID chip, but also implements privacy controls for controlled access to the biometrics.

EAC ePassports provide a stronger binding of the individual to the document as the digital biometric can be matched between the document and the holder at border control.

PKI is an integral technology for the security and verification infrastructure around ePassports. Entrust, who released the first commercial PKI in 1994, provides leadership for the security of these important and sensitive documents through innovative solutions, which reduce fraud by verifying the integrity of the personal and biometric data contained on the chip imbedded in the ePassport.

Reliable

Entrust's PKI technology is dependable, and is currently used by more than 35 governments to secure the largest, most complex 'trust' environments across the world. Entrust has a 15-year track record helping customers achieve critical, scalable PKI in complex, cross-border environments.

Powerful

Entrust is one of the few vendors capable of handling the scale, complexity and reliability demanded by the EAC framework.

Proven

Entrust is acting as a trusted advisor to many countries as they pursue ePassport projects. Our software is currently in production use in some of the largest and most complex ePassport environments in the world, including the United States, Canada, Ireland, Slovenia, Singapore, Taiwan, Finland and New Zealand.

Interoperable

Entrust strives to maintain and expand technology integration and interoperability with many of the leading vendors that provide additional hardware and software components used in eMRTD issuance and verification.

Data Sheets

• Entrust ePassport Solutions
• Entrust ePassport Solutions — Single Point of Contact (SPOC)
• Entrust ePassport Solutions — Master List Signing
• Entrust ePassport Solutions — Document Inspection
• Entrust Credentials for Citizen eID
• Entrust Authority PKI
• Entrust Authority Toolkits

White Papers

• Protecting Biometric Data with Extended Access Control
• The Trust Framework for ePassport Extended Access Control
• A Trust Infrastructure for ePassports

Podcasts

• The PKI Phoenix Rises

Webinars

• Extended Access Control: The Future of ePassports

Extended Access Control Demo

EAC is the process defined for ensuring that only authorized entities are able to access biometric data (iris scan and/or fingerprint) stored on the contactless chip on an electronic passport. EAC includes the authentication of a passport Inspection Station (IS) to the contactless chip as well as the authorization of that IS to access the protected biometrics.

To learn more, try our interactive demo that highlights the capabilities of Entrust's EAC ePassport Solutions.

• View the Demo