Roman Vanek is the Chief of the Division Identity Documents & Special Tasks with the Federal Office of Police, Switzerland. Aside from his responsibilities in other areas (Measures against Hooliganism, Central Bureau for Firearms and Explosives), he is also responsible for the Swiss Passport and the Identity Card. This includes the project for the introduction of biometrics in the Swiss Passport. In this function, he is the representative of Switzerland at the Technical Advisory Group on Machine Read-able Travel Documents (TAG-MRTD) of ICAO and the Article 6 Committee of the Eu-ropean Commission. In May 2012 he became Chairman of the ICAO PKD Board. Roman Vanek joined the Swiss Federal Administration in 1997, where he has held various positions. In December 2003, he joined the Federal Office of Police.
A look ahead to advances in eMRTDS and secure travel in the context of border movements and the role of ICAO’s Public Key Directory
Electronic machine readable travel documents or in short eMRTDs have rapidly be-come a vehicle for enhanced border security. The transportation security industry is now looking at ways to make the best possible use of this new document type and also to offer the citizen added value by facilitating travel around the globe. ID People spoke to Roman Vanek of the Swiss Federal Police regarding ongoing effrots and recommendations for the use of the ICAO Public Key Directory (PKD) when checking eMRTDs.
There have been considerable advance in the area of eMRTDs for secure travel and controlled border movements. What is the current sta-tus?
First studies of ICAO to enhance MRTDs with electronically stored biometrics and therefore improve identity confirmations at border controls go back to 1998. In 2006, ICAO issued the sixth edition of Doc 9303, especially its Part 1 Volume 2 containing specifications for Electronically Enabled Passports with Biometric Identifications Capability. Since then well over 400, 000, 000 ePass-ports have been issued by more than 90 countries worldwide.
Compared to the introduction of the machine readable zone (MRZ) in the 80’s this has been a tremendous effort. Within ICAO, the Technical Advisory Group (TAG) and its New Technologies Working Group (NTWG) managed to unite the needs of border control authorities to improve authentication methods us-ing state of the art technologies. This requirement for global interoperability and citizens concerns for data protection took the different issuing and produc-tion processes around the world well into account.
Different minimum requirements exist for border control authorities need to check, but is there a way to standardize this?
Standardization of border control processes is always a delicate issue and as this is considered a sensitive area by countries, regulations have been – and could be seen – as an infringement of national sovereignty. This is best demonstrated by the fact that ICAO has just issued a guidance document for Border Control Authorities on handling ePassports that fail to read. I believe ICAO and other organizations should provide a toolset for border control authorities that demonstrates different ways to check documents and what to look for. But a worldwide standard is, in my opinion, not the way forward. It is each state’s responsibility to decide how it controls its borders and how a doc-ument’s security elements should be checked.
What is the typical process of checking eMRTDs ?
There are two basic types of eMRTD checks. In the traditional way of checking a document, the human factor plays an important role. The looks, the behavior and other ‘soft’ aspects provide border control authorities with additional in-formation on a traveler crossing the border. In automated border control situa-tions these elements play a lesser role and must be compensated by other information available.
But when it comes to the basics of the checking process of an eMRTD the same rules apply. Border control systems, whether automated or not, must have all the relevant information available and it must be used. In the interest of travelers’ facilitation and short waiting lines, with one request, a border control system must quarry all relevant national and international databases, such as API and PNR, national and international watch lists (i. e. SIS), Interpol’s database on lost and stolen travel documents (AFS-STD) and of course, ICAO’s Public Key Directory (PKD).
ICAO PKD has been mooted as the ideal setup for border control. How should priorities be reset to improve document control capabilities in this respect?
The introduction of ePassports has been a great success. In a relatively short period of time many countries have signed up to this new technology and in-troduced ePassports. Today, millions of travelers are presenting these docu-ments all over the world. eMRTDs have the benefit of electronically stored in-formation that can be read, matched to the traveler and its document and last but not least be authenticated.
Like the information in the visual inspection zone (VIZ) the date in the chip of an eMRTD is protected against falsification, but to check these security fea-tures special tools are required. In my opinion the capabilities to read and to check eMRTDs have to be extended otherwise there is a risk that the millions invested in this new document type become worthless. On one hand there is the risk that falsified eMRTDs go undetected while on the other hand, one must remember that facilitation is also an important aspect. Bona fide travelers should have some benefits such as fast and easy border control processing and shorter connection times at international hubs. This may be achieved by different systems, but ICAO PKD should always be a part of it.
What is the set up of ICAO PKD in terms of its function and operation?
To be used effectively, border control authorities must have access to the se-curity certificates of all the countries that issue ePassports. For this reason, the International Civil Aviation Organization (ICAO) has created a system to facilitate the sharing of public key information between countries: the ICAO PKD. The PKD is a repository that enables PKD participants to input their Country Signing Certificate (CSCA), Document Signer Certificates (DSC), Cer-tificate Revocation Lists (CRLs) and Master Lists into the directory and that offers public access to the validated security certificates of all PKD participants that have completed their upload.
The PKD provides a simple, secure and reliable system for sharing validated information. Without the PKD, each country must go to one another individual-ly to securely exchange their DSC and CRLs. Although the initial trust should be established bilaterally, subsequent certificate sharing that would require hundreds of transactions and work hours can be accomplished in just two ex-changes — the upload and the download of validated information.
Why should participation in ICAO-PKD be the immediate next goal of a country after introducing e-passports?
At some time in the last decade it seemed almost like a race for who would be the next to introduce ePassports. But now, once these documents are in circu-lation, we must make the best possible use of them. This means enhancing security by setting up border control systems that can check eMRTDs rapidly and reliably. This also means that the information available in the ICAO PKD must be made available for border control authorities. If the electronic security features of an eMRTD cannot be authenticated in a reliable way, this docu-ment should be considered as a regular travel document.
In the best interest of fraud detection and prevention, eMRTD checks need to include PKD information. If eMRTD fraud should go undetected the trust in this new technology and the ePassport will suffer.
What are some of the main benefits in terms of security and efficiency by participating in this program tool?
The time factor can be a decisive element. The PKD offers on-line access to all information up-loaded to the PKD by an issuing authority. Border Control Authorities have immediate access to conformity checked via the DSC issued by a country, master lists containing trusted CSCAs and CRLs. This is much faster than any diplomatic or other bilateral exchange. It is also in the best in-terest of the national issuing authority of ePassports that the national docu-ments can be quickly and reliably inspected, facilitating its citizens’ travels. Furthermore, the built in conformity check of the ICAO PKD offers issuing authorities the certainty that their certificate meets ICAO Doc 9303 specifications. The PKD is in the benefit of national border control and issuing authorities alike.
Are there any perceived barriers to join and if so, how can they be over-come?
One barrier that has been lately mentioned to me is the divided responsibility between the different agencies in a country. As indicated above, the PKD is in the interest of both authorities. The concerned authorities need to get together and decide on who takes the lead and assures the finances for joining the PKD. To inform all possibly involved authorities the PKD Board is organizing -with the support of the UK Identity and Passport Services – a PKD ‘Borders Day’ on 23rd October 2012.
The financial obligations are also usually mentioned as an obstacle. But when looking at the stakes involved, this question should not be an issue. Countries will have to ask themselves how much the trust in their document and the po-tential hassle-free travel of its citizens is worth to them. There were large initial investments for ePassports and the annual running costs of a nation’s ePass-port and border management program are certainly higher than the annual PKD fee of USD 56,000. With increasing participation, this fee will go down.
In the case of technical questions, assistance is provided to participants through the PKD Board, the ICAO Secretariat, the PKD operator and organiza- tions like the OSCE have comprehensive programs to assist countries in their efforts to join the PKD.
How has Switzerland taken advantage of this and what benefits have been achieved?
There are of course all the above-mentioned benefits like direct access to cer-tificates, master lists, the conformity check and last but not least, the possibility to make Swiss certificates globally available in real time. By joining the PKD in 2009 as the 15th participant, Switzerland also received first hand access to valuable information regarding the fast developing eMRTD sector and had the possibility to help to shape developments. The experiences from participating in the PKD were directly used for developments in our ePassport project and for the set up off new border control systems.
What differing factors exist in terms of potentially leapfrogging legacy systems?
One of the challenges we faced and partly still are facing, are the existing bor-der control systems and MRTD readers in police stations around the country. These systems are already connected to different other data bases (National watch list, SIS, Interpol etc.). The PKD or, in general, the tools needed for a thorough ePassport check had to be added on top or a whole new system had to be introduced (depending on the organization and location).