Government

Entrust ePassport Security Solutions

Proven with more real-world deployments than any other vendor, Entrust is the ePassport security leader for Basic Access Control (BAC) and Extended Access Control (EAC) environments.

"Entrust's PKI operated flawlessly [during the Prague tests], and it will serve as a strong security foundation for our deployment of EAC-enabled ePassports."

Bob Carter, Chairman
Brussels Interoperability Group

Based on Entrust's trusted public key infrastructure (PKI) technology, Entrust ePassport security solutions enable a true "point-and-click" PKI system for strong border control and authentication of identities and biometric datasets on today's machine-readable travel documents (MRTDs).

Interoperable, scalable and validated by third-party testing, Entrust is the unquestioned leader in global ePassport security deployments.

Protecting Biometric Data with Extended Access Control [135 kb]

Overview

Security concerns, developing technologies and emerging standards have led national governments to pursue the issuance of more sophisticated machine readable travel documents (MRTD) to their citizens. Commonly known as "ePassports," these documents contain a chip that stores information that can be verified against the data on the passport.

In order to facilitate interoperability across countries, the International Civil Aviation Organization (ICAO) has set global standards for ePassports. Since the ePassport contains sensitive personal information, the security and integrity of the ePassport are critical. As a result, two ePassport standards have been developed to help migrate countries from traditional paper-based travel documents.

  • Basic Access Control (BAC): Created to mitigate passport forgery, first-generation ePassports use a Basic Access Control RFID chip containing a simple biometric (usually a photo of the individual) along with the identity information of an individual duplicated on the paper document. Entrust provides the digital signatures on BAC ePassports that help prevent a cloned or modified passport, when it is properly processed, from being used to cross a border.
  • Extended Access Control (EAC): The second generation of ePassports, the EAC standard allows governments to leverage a stronger biometric that is more difficult to impersonate on the RFID chip, typically a fingerprint or iris scan. EAC ePassports also require the encryption of the chip contents; even if a criminal has the ability to impersonate the enhanced biometric, access to the chip contents is denied with encryption.

PKI is an integral technology for the security and verification infrastructure around ePassports. Entrust, who released the first commercial PKI in 1994, is providing leadership for the security of these important and sensitive documents through innovative solutions, which reduce fraud by verifying the integrity of the personal and biometric data contained on the chip imbedded in the ePassport.

Why Entrust

Entrust has been a trusted advisor to many countries as they pursue ePassport projects and our software is currently in production use in a number of countries issuing a high volume of ePassports including the United States, the United Kingdom, Singapore, Slovenia, New Zealand and Finland.

Entrust would be pleased to share our experiences and lessons learned related to ePassport and citizen identification with you. Expertise in information security has been a hallmark of Entrust since we began developing best-in-breed solutions over thirteen years ago and we are proud of the value Entrust provides to government customers across the world. Click here to contact us.

Entrust would be pleased to share our experiences and lessons learned related to ePassport and citizen identification. Expertise in information security has been a hallmark of Entrust since we began developing innovative, award-winning solutions more than a decade ago.

Request to be Contacted

For more on Entrust's solutions for government, click here.

EAC Demo

Extended Access Control (EAC) is the process defined for ensuring that only authorized entities are able to access biometric data (iris scan and/or fingerprint) stored on the contactless chip on an electronic passport. EAC includes the authentication of a passport Inspection Station (IS) to the contactless chip as well as the authorization of that IS to access the protected biometrics.

To learn more, try our interactive demo that highlights the capabilities of Entrust's EAC ePassport Solutions.

To access the EAC demonstration site, click here.

Countries are beginning to evolve their ePassport programs to include capabilities for Extended Access Control (EAC). Entrust is participating in related standards bodies and is consulting with our customers as technical specifications solidify and progress is made towards implementation of EAC. With flexible solutions for Basic Access Control (BAC) passive authentication (CSCA PKI) today, Entrust is also releasing security solutions to meet the certificate management requirements of Extended Access Control (CVCA PKI).

With flexible solutions for Basic Access Control (BAC) passive authentication (CSCA PKI) today, Entrust is also releasing security solutions to meet the certificate management requirements of Extended Access Control (CVCA PKI).

Entrust Authentication and Information Security Solutions

Entrust is an industry recognized leader of information security solutions that help organizations protect critical information through innovative products and services. Our solutions enable risk based authentication, multifactor authentication, file encryption, and digital signatures along with numerous other security capabilities. Entrust provides trusted security and encryption software for less.