This article will cover one specific aspect of the e-passports security layer – the chip. So, why should passport verification be done in a suggested way with the help of an NFC connection?
What is NFC?
NFC stands for near-field connection. It’s a low-frequency signal for close-distance communication between two devices. But what do we imply by NFC check? NFC check is a process when the chip data of the passport is read by a user’s phone.
For instance, you are paying with a credit card for your groceries at a counter. Both devices have mini antennas. At a distance of four cm or less, they can exchange encrypted data to process the transaction.
The first country that adopted chipped passports was Malaysia in 1998. The modern standard e-passport or biometric passport was accepted in 2008 across sixty countries. Now the number of countries supporting e-passports exceeds 190, including the USA.
E-passport technology allowed the government to bring an exceptional layer of security to the existing physical anti-forge measures. Passports started to be supplied with RFID (radio frequency identification) chips. These chips become secure containers for the storage of biometric data and authentication tools.
Authentication and trust source
The authentication term is the action of proving actual possession. You do this with your password and log in to show the system that you are the account owner. In our case, it’s the identity stated in the passport.
To access data on a chip, you need to have a code printed in the document. The code area is called the Machine-readable zone (MRZ). Its name comes from usage by devices to read data and compare it with information about a person. Moreover, the chip information covers biometric data and information conditions written on it.
Public Key Infrastructure (PKI) is the specific approach for data authentication on a chip. Data has read-only access; only government can modify it. If there are changes in the data inside the chip, PKI allows the system to notice a mismatch and act accordingly.
When you don’t use NFC, you rely solely on the physical features of printed material. It has many features to prevent forging, but still, it allows fraudsters to create a fake identity.
You can’t prove its origin when you have limited access to chip data. You have only:
- The match between MRZ and the chip
- The basic information about a person (like DOB and facial photograph)
Good start, but you still need proof of whether the data is genuine and not forged by someone.
Mob.id builds its authentication mechanism around the usage of PKI. In future articles, we will study deeper operations with keys. With public certificates issued by each country, we can prove with 100% precision whether the document is authentic or forged.
In the end, our verification covers the following:
- MRZ
- Data groups of all levels (we will cover this in future articles)
- Cross verifications profile photo
- Cross-check passport data
- Data chip hashes
- Country e-signature verification (PKI)
Summary
Mob.id proves the authenticity of an identity owner and verifies the origin of the passport. As you see, a chip data review is necessary to prove the person’s authenticity.
Without it, you need to search for additional sources of information, like a digital fingerprint or phone number, bank account data, or utility bills to build your confidence about the identity of a user.