Entrust PKI used in U.S. ePassports

Entrust PKI leveraged as security foundation for machine readable travel documents


On the horizon, the next generation of ePassport technology is already being considered. Enhanced security, known as Extended Access Control (EAC), provides an additional layer of security to control access to sensitive information, such as biometric fingerprints and iris scans on these next-generation ePassports. EAC also specifies protocols for authenticating the chip and inspection system to each other. Not based on the X.509 standard, EAC will leverage a different type of certificate known as a card verifiable (CV) certificate.

The EAC concept was introduced by the International Civil Aviation Organization (ICAO) in liaison with the International Organization for Standardization (ISO). EAC technical details, including certificate profiles and protocol specifications, are initially being defined by the Brussels Interoperability Group (BIG) for use within Europe. Entrust actively is participating in BIG as well as in the ISO Task Force on Security for ePassports. These next-generation ePassports, using EAC, will be required by all European Union (EU) Schengen member States by June 2009. Deployment mandates for the U.S. have yet to be determined.

For more information about the latest in ePassport technology, read Entrust's latest white paper, "A Trust Infrastructure for ePassports".