Smarter European borders through an increased use of biometric recognition Marc Sel Director PwC
Agenda Smart Borders introduction The challenge ABC and setting The eu-lisa 1 Smart Borders pilot Further references (1) Large-scale Information Systems Agency
Introduction This presentation will discuss the use of biometric recognition in improving Europe's border management. In February 2013, the European Commission proposed three new pieces of legislation known collectively as the Smart Borders package, containing proposals for: Entry/Exit System (EES) with capability to detect visa 'overstayers' Registered Traveller Programme (RTP) for the voluntary vetting of individuals before they arrive at EU borders Corresponding legal amendments to the Schengen Borders Code (SBC) 3
The challenge Facts about Schengen borders
The challenge Monitoring today Border check and calculation of the duration of stay relies on stamps on the passport Over-stayers could destroy their passport with the entry stamp to make impossible to calculate the effective stay Limited possibilities of automation
The challenge Forecast of border crossing numbers It is expected that by 2025 the number of travelers from non-european Union (EU) countries crossing the borders of the Schengen Area will have almost doubled to some 300 million crossings per year compared to today Managing border checks the same way in the future is not feasible, so Increase queue lengths Increase processing capacity including human experts Automate further, including the use of biometric recognition
Automated Border Control Schengen Dark blue: EU Schengen members Light blue: Non-EU Schengen members Yellow: Obliged to join Schengen eventually Green: Opt-out from joining Schengen area Schengen zone - February 2015
ABC Process for the traveller
ABC Process for the Border Guards
Smart Borders Enrolment Presentation Pre-validation Claimant Verifier Information sources Consulate VIS Traveller EU Citizen TCNVH/VE RT Undocumented BCP Officer SIS II Interpol EuroDAC Identity/Eligibility National Systems Competent Authority Passport MRZ [Visa] Fingerprints Facial image None / dysfunctional ABC-gates LEA
Smart Borders Enrolment Presentation Pre-validation Claimant Verifier Information sources Consulate V-Biometrics VIS Traveller TCNVH/VE RT EU Citizen Undocumented L-Capture data P-Capture data BCP Officer SIS II Interpol I-Biometrics EuroDAC E-Biometrics Competent Authority L-Biometrics Identity/Eligibility Passport MRZ [Visa] Fingerprints P-Biometrics Facial image None / dysfunctional ABC-gates National Systems L-Biometrics: Live Biometrics of the individual P-Biometrics: Passport Biometrics as stored Etc LEA N-Biometrics
Setting VIS SIS II EuroDAC PKIs National Systems Configurations ICAO 9303 Part 1 Vol 2 specifies PKI for readonly access IS application ISO/IEC 7816-4 for application level communication ISO/IEC 14443 for RF link RFID reader PA, AA and BAC are specified in ICAO 9303 Part 1 Vol 2 EAC and Encryption are left to the implementing States. EAC & PACE are defined in BSI TR-03110 ICAO Doc 9303
Setting ICAO scheme for chip integrity through PA Signs DSCA certificate Issuing State A CSCA Issuing Authority DSCA Signs SOD 1 2 Bilateral exchange Modified approach : Countersigned CSCA certificates published through Masterlists CS Certificates CS revocation ICAO PKD DS Certificates DS CRL May optionally contain DS certificate emrtd from Issuing State A Relying State B IS [BAC] PA SAC [AA] [EAC] RFID reader Verifies SOD ISO/IEC 14443 ISO/IEC 7816-4
The eu-lisa SB pilot The main objective of the Pilot (Testing Phase) is to test the limited technical options identified within the technical study for EES and RTP against specific measurable criteria Accuracy Effectiveness Impact on the border crossing duration In 12 Member States Timeline 1 2 3 Design Sep 2014 Feb 2015 Execution Mar 2015 Sep 2015 Reporting Oct 2015 Nov 2015
Pilot execution Lisbon x x x Schiphol x x x x Madrid x x x Stockholm A. x x Frankfurt x x x x Paris CdG x x x x Vaalimaa x x x Kipoi x x Sculeni x x x Udvar x x x Narva (Sillamäe) x Narva x x Helsinki x x x Piraeus x x x Genoa x x x Cherbourg x x x Iasi x x x Gare du Nord x x x Key : Sea border Land border Rail border Air border 13 Test Cases identified Duration vs Quality of the biometric acquisition Environmental factors Different types of equipment Different configurations Travellers and border guards experience
Execution phase Some project indicators More than 57 000 volunteers passengers participated in the pilot 49% female 42% with age from 31 to 50 46% in non Airport BCPs 52% replied to satisfaction survey Up to 89% of satisfaction 10587, 18% 11714, 20% 30705, 54% Traveler satisfaction 4299, 8% 89% 87% Air Road Sea80% Train Air borders Sea borders Land borders
TOR questions (selection) Chip reading questions: Which conditions influence the possibility of reading the facial image from the e-mrtd (e.g. chip damaged)? What are the minimum standards for equipment for reading the e- MRTD chip at each type of border? Can the FI be read from the chip while the live facial image is being taken? Specify under which conditions both operations can be performed. Reading the FI from the e-mrtd chip requires at least Passive Authentication to be performed. What does this condition add to the complexity of the set-up and the duration of the reading? Iris question: Is iris enrolment more or less prone to spoofing and which antispoofing measures need to be taken?
Comparisons of counter-spoofing Ferrfake Mis-classified false acceptance IRIS (Livedet 2013) FP (Livedet 2013) FI (SEC2DFACE) 0.65 % to 62.05 %. 1.07 % to 53.95 % across the individual algorithms Avg: 5.04 %, 9.98 % and 30.42 % across 2 datasets Avg: 5.7% across 3 datasets (the Federico algorithm was the only one evaluated over the three datasets) 0 % and 0,6 % for systems 0.0% to 17.0% across the individual algorithms on 2D spoofing attacks.
Conclusions From Interim Report Preliminary results obtained from some test cases indicate that not all available today technologies for biometric enrolment are mature enough to support particular border management processes. In particular: Moving train Enrolment of 8 or more finger prints with mobile device Enrolment of iris Passengers in the car Iris enrolment Other Enrolment of 10 finger prints at any type of border Enrolment of iris of travellers with small eyes or in low light conditions
Conclusions Fingerprints lessons learned The question: it is feasible to enrol and use fingerprints as a biometric identifier within the context of a future EES system at all types of borders with various set-up? The fingerprint enrolment was negatively influenced by the environment, particularly in the extreme temperature conditions (mobile devices hanging up and scanner plate freezing) and direct UV light on the optical lens. The use of mobile devices to enrol more than one fingerprint is in general a challenge both for the border guards and for travellers Device s reading area is not large enough for large hands Capturing thumbs need more guidance. In general it s important to provide real-time feedback during the enrollment process Quality algorithm used in today s contactless scanners does not prove to be as reliable as with contact scanners
Conclusions Facial verification lessons learned The question: it is feasible to extract the picture from the e-mrtd and verify against live image within the context of a future EES system at all types of borders with various set-up? It is difficult to set one camera position for all travellers heights. An auto-adjustable camera could be an advantage Back-light and reduced lighting had been observed to impact verification success The camera should be more user friendly and integrated in the environment Reading the e-mrtd passport of some nationalities (US, Brazil, China) seems to be a blocking issue
Further references EC DG HOME Smart Borders http://ec.europa.eu/dgs/home-affairs/what-wedo/policies/borders-and-visas/smart-borders/index_en.htm eu-lisa http://www.eulisa.europa.eu/ Eu-LISA Smart Borders pilot: http://www.eulisa.europa.eu/aboutus/smartborders/pages/default.aspx ICAO PKD http://www.icao.int/security/mrtd/pages/icaopkd.aspx EU Tabula Rasa project - Trusted Biometrics under Spoofing Attacks - FP 7 2011-2015 EU BEAT project - Biometrics Evaluation and Testing - FP 7 2011-2015 EU FastPass projects (ABC gates) - FP 7 2013-2017 EU MobilePass project - FP 7 2013-2017 EU Mobio project - Mobile Biometrics - FP 7 2008-2011 EU Turbine project - Trusted Revocable Biometrics, included COSIC, FP 7 2008 2011 EU Biosec project - FP6 2003-2004 - creation of a multi-modal DB - BMDB EU 3DFace project - FP6-2009 EU Biopass 2008-2010 - biometrics and European Citizen Card EU Biofinger project - BSI, Bundeskriminalamt, Fraunhofer - 2004 EU RISE project