E-gate case study: The German EasyPASS Project

Similar documents
epassport Based Identity Check

FastPass and EasyPASS ABC from science to solution

Smarter European borders through an increased use of biometric recognition

ABC and Integrated Border management

CASE STUDY 2 Portuguese Immigration & Border Service

AGENDA. Focal Ideas A systemic approach. The enrolment The deliverance The control. Needs & Challenges Conclusion Look ahead

Implementing an ABC System: The Experience of the Czech Republic

THE ICAO MRTD PROGRAMME MAURICIO SICILIANO ICAO

Moving to the Second Generation of Electronic Passports

COMMISSION DECISION. of

APPLICATION REVIEW A SILICON TRUST PUBLICATION. May Utilising the synergies between passports and eid cards

Kosovo Passport Europe s first Passport with certified SAC. Labinot Carreti, Head of Sales Europe / CIS / North Africa Montreal, 07th of October 2014

ICAO MRTD & emrtd Specifications: High Level Overview

REPORT VOLUME 6 MAY/JUNE 2017

Using PKD for Validation at the Border Canada s Experience

The Canadian epassport Project

Machine Readable Travel Documents: Biometrics Deployment. Barry J. Kefauver

Tips to make your ID project successful. Claudia Schwendimann

The Canadian epassport Project. Jean-Pierre Lamarche Senior Director, Strategic Initiatives Passport Canada

TRUE IDENTITY IBORDERS BIOTHENTICATE: SECURING BORDERS WITH BIOMETRICS POSITIONING PAPER

Using Traveller ID for Streamlined Border Controls PROGRAMME

Mauritania integrated epassport Project. JW ter Hennepe Sales Manager Morpho. October 10, 2012 Montreal

Einsatz von Fingerabdrücken im Europäischen Visumverfahren. Bundesverwaltungsamt (BVA) Bundesamt für Sicherheit in der Informationstechnik (BSI)

2 nd Symposium on ICAO-Standard MRTDs, Biometrics and Security

Canada s FASTER-PrivBio Project Biometrics at the Virtual Border to enhance security and facilitation

Biometrics in Border Management Grand Challenges for Security, Identity and Privacy

David Clark Caicos Management Associates Ottawa, Canada

Mykonos Ports EU FastPass Project IISA 2014 Chania

MINISTRY OF INTERIOR AND COORDINATION OF NATIONAL GOVERNMENT Department of Immigration Services. East African Community e-passport: Kenyan Journey

BEST PRACTICES WORKSHOP ON TRAVEL DOCUMENT SECURITY ORGANIZED BY THE OAS/CICTE AND ICAO SAN SALVADOR, EL SALVADOR JUNE 9-11, 2008

STANDARDS & SPECIFICATIONS. General Manager, New Zealand Passports Chair, ICAO ICBWG

TECHNICAL ADVISORY GROUP ON MACHINE READABLE TRAVEL DOCUMENTS (TAG-MRTD)

ABC systems in Europe and beyond - status and recommendations for the way forward

EVIDENCE OF IDENTIFICATION

TECHNICAL ADVISORY GROUP ON MACHINE READABLE TRAVEL DOCUMENTS (TAG-MRTD)

Smart Borders Pilot Project Technical Report Annexes

Second wave of biometric ID-documents in Europe: The Residence Permit for non-eu/eea nationals

PROGRAMME DAY 1 TUESDAY, 7 OCTOBER

LESSONS LEARNT CARLOS GÓMEZ HEAD OF R&D AND INNOVATION FNMT-RCM, SPAIN

emrtd: Trends, Toward Smart Borders and mobile verification DL: Mobile online verification September Bern

ICAO TAG. International Civil Aviation Organisation Technical Advisory Group. Asbjørn Hovstø

Case studies. Swedish Police Board, Swedish Migration Board and Swedish Road Authority

INTRODUCTION 4 Borders under pressure 4 On the move 4 Open for business 4 Experience matters 4

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. amending Regulation (EU) 2016/399 as regards the use of the Entry/Exit System

ICAO: THE TECHNICAL ADVISORY GROUP FOR MACHINE READABLE TRAVEL DOCUMENTS

Ad-Hoc Query on Implementation of Council Regulation 380/2008. Requested by FI EMN NCP on 10 th September 2009

BIOMETRICS IN A HUMANITARIAN CONTEXT

International Organization for Migration (IOM) Identity Management and Biometrics

Singapore's Automated Clearance using Biometrics

Case Study. MegaMatcher Accelerator

TWELFTH SESSION OF THE FACILITATION DIVISION THE MALAYSIAN ELECTRONIC PASSPORT

Position Paper IDENT Implementation for U.S. VISIT

IOM, Migration, ID Management and the Responsible Use of Biometrics: Tools for Migration and Border Management

ICAO s Role in Setting Global MRTD Specifications and Overview of. ICAO MRTD Programme

Pros and Cons of a fully Automated Border Crossing. Alejandro Gomez de Cuenca Solutions Sales Director Middle East Gemalto

ICAO s Role in Setting Global MRTD Specifications and Overview of. ICAO MRTD Programme

IOM/ACBC CAPACITY BUILDING INITIATIVES

Technical Advisory Group on the Traveller Identification Programme

International Civil Aviation Organization TECHNICAL ADVISORY GROUP ON MACHINE READABLE TRAVEL DOCUMENTS (TAG/MRTD) TWENTY-SECOND MEETING

and Travel Documents with Biometrical Parameters

Making Air Travel More Secure and Efficient: Towards Better Traveller Identification Management for Enhanced Border Control Integrity

27 Sept Director of KISA K-NBTCK Dr. Jason Kim

Biometric Technology for DLID

The Philippine Department of Foreign Affairs began the issuance of the Philippine epassport (electronic passport) on 11 Aug 2009.

Identity Verification in Passport Issuance

MRTD & Biometric Seminar. 7-8July 2010 Montevideo, Uruguay

Control Process. Border. Fernando Moya Castro

Statement on Security & Auditability

Florian G. Forster Head, Immigration and Border Management, International Organization for Migration (IOM)

ICAO and IOM A Partnership for Implementation

Biometrics & Accessibility

MRTD Report. The implementation of epassports. The ICAO Secretariat outlines the official definition of epassports and the implementation principles

Emergence of multimodal biometrics at the Border Biometrics Institute Asia-Pacific Conference

CRS Report for Congress

COUNCIL OF THE EUROPEAN UNION. Brussels, 2 April 2014 (OR. en) 7317/14 LIMITE FAUXDOC 9 COMIX 138

Semlex, one print ahead

Border Management and Visa Management

Biometrics: primed for business use

THE FUTURE OF epassports AND BORDER CROSSINGS. A look at where technology might take us By Peter Schmallegger, NXP Semiconductors

Happy Flow and Border control. ICAO 13th TRIP SYMPOSIUM AND EXHIBITION 26 October 2017

ICAO Regional FAL Seminar Lima, Peru 9 12 September 2014

BIOMETRICS 101. Facial Recognition in Oregon

Estonian National Electoral Committee. E-Voting System. General Overview

Voting Corruption, or is it? A White Paper by:

The Angola National ID Card

TECHNICAL ADVISORY GROUP ON MACHINE READABLE TRAVEL DOCUMENTS (TAG/MRTD)

(Legislative acts) REGULATIONS REGULATION (EU) 2017/458 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL. of 15 March 2017

5/6/2009. E toll Database. Census Database. Database. Database. Consumer Balance and Bill Subscriptions. Mobile Connections.

Overview Purpose of the EU-VIS

BIOMETRICS - WHY NOW?

Trusted Logic Voting Systems with OASIS EML 4.0 (Election Markup Language)

(Havana, Cuba, 21 July 2017)

THE PASSENGER JOURNEY: New requirements for border control

Why Biometrics? Why Biometrics? Biometric Technologies: Security and Privacy 2/25/2014. Dr. Rigoberto Chinchilla School of Technology

DGD 1 EUROPEAN UNION. Brussels, 22 February 2017 (OR. en) 2015/0307 (COD) PE-CONS 55/16 FRONT 484 VISA 393 SIRIS 169 COMIX 815 CODEC 1854

Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

6. Presentation of Pakistan. Economic Cooperation Organization - ECO. Syed Mushabir Hussain, 15th April, Registration initiatives

Identity management in Belgium

PROGRAMME USING TRAVELLER ID FOR STREAMLINED BORDER CONTROLS ON-SITE REGISTRATION

e-passports: Uses, Limitations, and Impact on Simplifying Passenger Travel Initiatives

Transcription:

E-gate case study: The German EasyPASS Project Benjamin Marzahn Federal Office for Information Security (BSI) Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 1

BSI activities regarding emrtds IT security Specification and standardization of security mechanisms (ICAO, ISO, EU, national level) National root CAs (CSCA, CVCA, N-PKD) Biometrics Evaluation of biometric technologies Biometric framework BioMiddle Certification and approval Pilot projects epassports at the German border (e.g. EasyPASS) Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 2

Main steps towards EasyPASS Nov. 2005: Issuance of the 1st generation epassport (face) Nov. 2007: Issuance of the 2nd generation epassport (face and finger) Nov. 2007 June 2009: Pilot project Reading and Checking epassports Read and checked epassports from 62 countries Setup of the background infrastructure to provide trusted CSCA certificates Able to check the complete chain of trust from 40 countries Aug. 2009: Start of the pilot project EasyPASS Nov. 2010: Issuance of the new German ID card Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 3

EasyPASS project overview Pilot project of BSI and the German Federal Police Semi-automated egate scenario Monitoring (and if necessary interaction) by border police officer 4 Self-service egates, 1 monitoring station Open for citizens of EU/EEA/CH (18+ years old) Located at Frankfurt Airport Timetable Start of operation was in August 2009 Pilot phase until March 2010 Since April 2010 regular operation Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 4

EasyPASS border control process using facial recognition Check of entitlement Optical checks Electronic checks Background checks Capture and Comparison Chip image Live image Border crossing Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 5

EasyPASS system architecture Software integration platform BioMiddle Modular and platform independent architecture for biometric applications Standard interfaces and protocols (SOAP, BioAPI 2.0, ISO/IEC 19794-x, etc.) Allows for an easy integration of document readers, biometric components and background systems Image acquisition Integration of camera via BioAPI Capture BSP Internal pre-qualification regarding ISO19794-5 Face verification 3 different face comparison algorithms, each integrated as BioAPI Verification BSP Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 6

Operational figures Characteristic of the user group (Oct. 2009 Sept. 2010) Citizens of EU/EEA/CH (18+ years old) entering the Schengen area at Frankfurt Airport Origin: 89% German nationals 11% foreign nationals from EU/EEA/CH Gender: 60% male 40% female Age: 28% 18 29 years old 46% 30 49 years old 23% 50 69 years old 3% 70 99 years old Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 7

Operational figures No. of users (Oct. 2009 Sept. 2010) 50.000 users passing through EasyPASS 43.000 users passing EasyPASS automatically 86% success rate border crossing without manual interaction 14% rejection rate additional manual inspection by border guard Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 8

Operational figures Rejections by EasyPASS control process (Oct. 2009 Sept. 2010) Decomposition of the 14% rejection rate 5,5% rejected due to face verification failed @ 0,1% FAR (False Accept Rate) 8,5% rejected by the system due to other reasons non compliant user behaviour document check failed hits from background database checks Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 9

Operational figures Process time (Oct. 2009 Sept. 2010) 18 sec. average time period to pass the egates Time from presenting the epassport on the DocReader until the system is ready to process next traveller Average time periods for main sub-processes 5-6 sec. for Reading and checking epassport data (optical and electronic checks) 5-6 sec. for the traveller to enter the egate 1 sec. for biometrics (face capture and comparison) 5-6 sec. for the traveller to leave the egate Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 10

EasyPASS lessons learned Verification thresholds recommended by vendors did not fit to the actual application scenario Appropriate thresholds have to be calculated based on the real user group and the actual system setup Electronic document checks are reliable Only 10 out of 50.000 travellers (0,02%) have been rejected due to failures of the electronic document checks Travellers do not know if they have an epassport are not familiar with the document reader are happy with the fast and easy process Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 11

TCC EAC extension for new German ID Card Extended Access Control (EAC) via Terminal Control Center (TCC) for Timetable Read access to EAC protected data in epassports Support for the new German ID Card in EasyPASS and during regular border control Pilot phase since May 2011 Regular operation estimated Q2/2012 including exchange of DV certificates within EU Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 12

emrtd PKI landscape EasyPASS before TCC ICAO-PKI Central storage of trusted CSCA certificates Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 13

emrtd PKI landscape Additional EAC-PKI EAC-PKI Central storage of private keys in HSM Easy certificate management incl. Renewal Certificate exchange within EU via SPOC Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 14

TCC Terminal Control Center TCC as central PKI component Centralized checking of DS certificates Management of certificates and cryptographic keys Authentication of connected terminals Communication to DVCA and terminals via standardized interfaces Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 15

emrtd PKI landscape incl. TCC EasyPASS in Q4/2011 Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 16

EasyPASS summing-up key issues Combination of different checks to ensure a secure ABC process Validation of optical and electronic document security features Biometric comparison on a high secure level Online background checks Complete checking of the electronic features Biometrics are of no use, if not authenticated! Fast and easy process (approx. 18 sec) Innovative software architecture (BioMiddle) Detailed evaluation of real life performance Support for the German ID card Centralized checking of DS certificates and EAC via Terminal Control Center (TCC) Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 17

EasyPASS project partners BSI System design Realisation of pilot project Federal Police Specification of requirements Operation of EasyPASS FRAPORT AG (owner and operator of Frankfurt Airport) Provision of infrastructure Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 18

EasyPASS technology providers secunet Security Networks AG Software framework System integration Project evaluation Implementation of TCC L-1 Identity Solutions AG (in cooperation with Magnetic Autocontrol GmbH) egate hardware Intelligent camera system Biometric verification algorithm Biometric quality measurement Cognitec Systems GmbH Biometric verification algorithm Biometric quality measurement NEC Deutschland GmbH Biometric verification algorithm Biometric quality measurement Bundesdruckerei GmbH Document readers Document database Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 19

Thank you! Federal Office for Information Security (BSI) Benjamin Marzahn benjamin.marzahn@bsi.bund.de www.bsi.de Benjamin Marzahn 20.TAG/MRTD Montreal, 7.-9. September 2011 20

2024 © lawsdocbox.com Privacy Policy | Terms of Service | Feedback