the future is now physical & digital passport …...physical security and digital security...
TRANSCRIPT
The Future is Now
Physical & Digital Passport Validation
Henry Leung –Entrust Datacard
© Entrust DataCard Corporation. All rights reserved.
SECURITY THREATS
2
MAKE IT! FAKE IT! TAKE IT!Counterfeit Alteration Impostor/lookalike
DOCUMENT ATTACK
IMPOSTOR
© Entrust DataCard Corporation. All rights reserved.
CITIZEN ENROLMENT
3
© Entrust DataCard Corporation. All rights reserved.
SECURE ISSUANCE
4
© Entrust DataCard Corporation. All rights reserved.
SECURE CREDENTIAL
5
© Entrust DataCard Corporation. All rights reserved.
TRUST INFRASTRUCTURE
6
© Entrust DataCard Corporation. All rights reserved.
BORDER VALIDATION
7
© Entrust DataCard Corporation. All rights reserved.
SECURITY AT TIME OF PERSONALIZATION
8
© Entrust DataCard Corporation. All rights reserved.
MACHINE PERSONALIZATION FINGERPRINT
9
9
How does it work?
Printer contains a
MPF signing identity
(certificate and key)
stored in a secure
element
During document personalization,
the MPF algorithm creates a
signed data structure based on
the machine fingerprint and
citizen biographical data
(e.g. MRZ)
The MPF security feature is
printed onto the document
the form of a barcode — and
optionally encode onto chip
© Entrust DataCard Corporation. All rights reserved.
BINDING PHYSICAL AND DIGITAL TECHNOLOGIES
Personalization
Inkjet
Dye Sublimation
Retransfer
Laser
Binding Physical and Digital Security
Physical Security Digital Security
Substrate
Paper
PVC
Polycarbonate
Smartcard
Security Features
Laminates
Hologram
STOP
Laser
Machine Perso
Fingerprint
Document Issuance Validation
Document Validation eValidation
Form Factor
HSM
USB
Mobile
Smartcard
X509
ICAO BAC/EAC
ISO7816
PIVCertificate
Identity
Encryption
Hash
Keys
PKI
Digital Signature
Identity P Key
Digital
Signature
Combines a unique
machine fingerprint with
variable user data into a
digitally signed object that
can be printed on the
document
When validated provides
proof of origin, integrity
and authenticity
10