Strengthening its position as a global supplier of e-passport security, Entrust will provide public key infrastructure (PKI)-based ePassport technology to help the Malaysian government (Jabatan Imigresen Malaysia) migrate to the International Civil Aviation Organization's (ICAO) Basic Access Control (BAC) standard.
"Malaysia has always prided itself on being at the forefront of border security," said Encik Ibrahim Abdullah, Director of Security and Passport, Jabatan Imigresen. "At the core of this project, we sought a solution that would enable us to align with ICAO BAC standards, but also enable straightforward migration to next-generation Extended Access Control (EAC) capabilities."
Entrust is an e-passport technology vendor that provides a commercial off-the-shelf, dual-rooted solution that allows for a straightforward upgrade from BAC to the more advanced EAC standard. Based on Entrust's PKI technology, Entrust e-passport security solutions enable a true "point-and-click" PKI system for strong border control and authentication of identities and biometric datasets on today's machine-readable travel documents (MRTDs).
"Secure border initiatives represents one of the most critical security undertakings for any government," said Entrust President and CEO Bill Conner. "The Malaysian government recognizes the value in not only deploying BAC e-Passports, but doing so via a solution that will enable them to adapt the EAC scheme when the time is right."
Facilitated by one of Malaysia's authorized certification authorities (CA), Digicert enables the Entrust e-passport solution to provide document-signing capabilities at the time a Malaysian e-passport is issued. Digicert is a local CA and their signed documents are legally recognized under Malaysian law.
In order to facilitate interoperability across countries, the ICAO has set global standards for e-passports. Since the e-passport contains sensitive personal information, the security and integrity of the e-passport are critical. As a result, two e-passport standards, BAC and EAC, help migrate countries from traditional paper-based travel documents.
Created to mitigate passport forgery, first-generation e-passports use a BAC RFID chip containing a simple biometric, usually a digitized photo of the individual, along with the digitized identity information of an individual duplicated on the paper document. Entrust provides the digital signature on BAC e-passports that is designed to help prevent a cloned or modified passport, when it is properly processed, from being used to illegally cross a border.
The second generation of e-passports, the EAC standard allows governments to leverage a stronger biometric that makes impersonation of the legitimate document-holder more difficult. The use of biometrics, typically a digitized fingerprint or iris scan, establishes a much stronger binding between the individual and the travel document. To safeguard the biometric data, EAC-enabled e-passports enforce strong mutual authentication between the chip and the reader before biometric data is released. The combination of BAC and EAC mechanisms establishes a strong defense to mitigate the threats of forgery and impersonation.