260 likes | 953 Vues
ICAO: Biometrics for Machine Readable Travel Documents. Barry J. Kefauver Mitretek November 17,2003. ICAO Technical Advisory Group (TAG). Plenary Session, Montreal roughly annually, intervals vary from 10 to 18 months Most recent meeting May 2003, Montreal
 
                
                E N D
ICAO: Biometrics for Machine Readable Travel Documents Barry J. Kefauver Mitretek November 17,2003
ICAO Technical Advisory Group (TAG) • Plenary Session, Montreal roughly annually, intervals vary from 10 to 18 months • Most recent meeting May 2003, Montreal • Three Continuing Working Groups - New Technologies Working Group -Document Content & Format Working Group - Education & Promotion Working Group • Ad Hoc Sub-Groups as Needed
USA Canada Australia Netherlands United Kingdom France Japan Germany Czech Republic Sweden New Zealand India Russia TAG Members
US Delegation to TAG—An Example • Plenary attendance ranges from 4-10, with average of six, all Government representatives • Head of Delegation is State DAS Passport Services, called the “MEMBER” • Other US government reps are “ADVISORS” - DOS CA Project Officers - DOS Passport and Visa Offices - DHS Systems and Inspections - DHS Customs, e.g. TECS Database Manager - Other US government representation ( Hill, WH, GPO) • The US participates in all three TAG Work Groups
International Standards Organization (ISO) • Association of various national standards bodies (e.g. SCC, BSI, INCITS/ANSI, DIN) • Establishes technical standards requiring international cooperation • Develops test methods • Membership is voluntary, dues paying and both government and non-governmental (the latter for travel document meetings) • Serves as official forum for new technologies • Complex structure for committees and voting
ISO/IEC JTC1/SC17 Committee Int’l Stds Org/Int’l Elect Comm Joint Tech Comm 1/Sub Comm 17“Cards and Personal Identification” • WG1 - Physical Characteristics & Test Methods • WG3 - Machine Readable Travel Documents • WG4 - Integrated Circuit Cards with Contacts • WG8 - Contactless Integrated Circuit(s) Cards • WG9 - Optical Memory Cards • WG10 - Drivers Licenses • WG11 - Biometrics (status likely abolition) • SC 37 and M1 very important relationships
Meetings • ICAO FAL TAG-MRTD meetings occur every year to 18 months, always in Montreal ICAO headquarters. Attendance is about 50-70, Government-only, six SC17/WG3 reps invited to “observe” • ISO WG3 meetings are twice a year, spring and fall. The fall meeting is always held in conjunction with the SC17 plenary. WG3 meetings are held all over the world. Attendance is about 20-30. The most recent meeting was held in October, 2003 in Singapore • The respective technical Groups/Task Forces (NTWG/TF1, DCFWG/TF2, & EPWG/TF3) meet jointly once to four times a year, at various locations world-wide. Attendance ranges from 10 to 40, both Government and vendors, the latter are WG3 participants and by invitation.
Meetings (Cont.) • ICAO plenary meetings • Vote is cast by the government ‘member’; Government persons, ‘advisors’ or ‘observers’ may speak • SC17/WG3 has no vote, speaks primarily through the Convenor of WG3 • SC17/WG3 attendance limited by ICAO regulation to 6 persons (nominally) • Selected and invited NGOs may attend & speak, but not vote • SC17 WG3 meetings • Vote is by national standards body representative, but any company representative may comment in discussion • Government observers may attend and speak, but not vote • Technical Level meetings (NTWG, DCFWG, EPWG, TF’s1-3) • Vote is by members of the given group, one per country • Most decisions by consensus and agreement • Interested parties may attend and speak, vendor participation at Work Group meetings by invitation and limited in number
Summary of Recent Accomplishments • Finalized 9303 Part 1 Passports, Part 2 Visas, Part 3 Cards • “Securing Data in Optional Capacity Expansion Technologies” paper completed • Durability test methods review for Doc 9303 launched • Technical report on Biometric Selection completed • Technical report on LDS agreed upon • Minimum Security standards paper accepted and published • Involve EU/Schengen and Interpol with TAG • Issue papers completed/launched, e.g., on Imposters, Inadmissible Persons, System Integrity, PKI, Transliteration/nomenclature • Vendor presentations via RFI on MRTD Automated Inspection, Security Features, Biometrics, and Document Verification • Brochure issued and publicity underway for TAG/MRTD • Web site established • Chose contactless chip as successor to OCR-B, TR adopted • Chose facial recognition as THE globally interoperable biometric
US Border Security Act • Section 303(b)(2)(A): “The Attorney General, in consultation with the Secretary of State, shall install at all ports of entry of the United States equipment and software to allow biometric comparison and authentication of all United States visas and other travel and entry documents issued to aliens, and passports issued pursuant to subsection (c) (1).” • Section 303(c)(1): Requires that the Visa Waiver Program “. . . shall be available to foreign countries that shall certify, as a condition for designation or continuation of that designation that it has ‘a program to issue to its nationals machine-readable passports that are tamper-resistant and incorporate biometric and document authentication identifiers that comply with applicable biometric and document identifying standards established by the International Civil Aviation Organization’."
Current Issues in TAG • Refining the use of biometrics and the enabling technologies (New Orleans Resolution amplified by Glasgow directions) • Biometric deployment for global interoperability • Privacy, National Legislation, data use/sharing and the role of Biometrics • Balancing technical influences:cost/performance/effectiveness • Geographic Diversity in issuance as well as inspection • Implementing the choice of next generation storage medium, contactless IC • Address system-related issues affecting overall integrity including breeder documents
Work in Progress • Reporting on Facial Recognition pilot programs • Other Biometrics and biometric testing • Biometric deployment TR-next version • Electronic government service delivery, electronic visas and policy for new technology use/data sharing • Technical paper in draft on system integrity • Refinement and application of PKI principles and use of digital signatures • Strategy/Vision Paper for an integrated Automated Border Clearance System • Analysis of privacy, data protection and related implications
Documents of ICAO • ICAO Doc 9303 when endorsed becomes ISO Standard 7501 • Doc 9303 Parts 1 (Passports) and 2 (Visas) are endorsed by ISO as Std 7501 Parts 1 & 2 • Doc 9303 Part 3 (Other Travel Documents/Cards) endorsed by ISO as Standard 7501 Part 3 • Doc 9303 Part 4, Crew Member Certificates, abolished; survives as Annex J to Part 3 • ICAO document approvals are generally carried out within one year, TR’s issued by Work Group responsible
Related ICAO Technical Reports • The Original TAG/MRTD Biometrics Selection Report • The Logical Data Structure LDS Technical Report • The PKI (Security of Electronic Data) Technical Report • The Contactless IC Chip Technical Report • The Minimum MRTD Issuance Security Standards Technical Report • The Minimum MRTD Security Standards/Features Technical Report (The above as input for the Biometric Deployment TR)
ICAO Biometrics Selection Technical Report • Developed in 1997- 2002 • Centered around a set of multilateral criteria • Evaluated factors associated with enrollment as well as inspection • Considers the compatibility and ranking of the available biometric technologies with the complete set of unique requirements imposed on machine- assisted identity confirmation with MRTD's • Endorsed by TAG 13 in Feb 2002
Ratings Methodology • Compatibility with MRTD enrolment requirements (walk-in,mail-in,electronic,outsourced) • Compatibility with MRTD renewal requirements (walk-in,mail-in,electronic,outsourced) • Compatibility with MRTD machine-assisted identity verification requirements (walk-in,mail-in,electronic,self-service) • Redundancy (availability of displayed feature and backup verification method) • Global public perception (privacy,health risk,incentive,threat,acceptance,stigma) • Storage requirements (template size,compatibility with database,document storage) • Performance (speed,accuracy,susceptibility,compatibility,maturity,operational efficiency)
Biometrics Selection Technical Report -- Results • Group 1 = Face • Group 2 = Fingerprint and Iris • Group 3 = Signature, Hand, Voice • Sufficient data are available from the assessment to advance three (3) of the currently available technologies to more detailed assessment work, i. e. face, fingers and eyes. • Testing of these technologies should be undertaken immediately. (Which has been underway since inception) • Codified in the New Orleans Resolution
Key Considerations: ICAO Technical Report on Biometric Deployment • Global Interoperability • Uniformity • Technical Reliability • Practicality • Durability • Timeliness
Applicability to MRTD's • MRP (open) vs. MRV (closed) • Enrollment • Border Control • 2- way: person to passport or person to database • 3- way: person to passport and database • 4- way: person to passport and database and data page
Border Control Considerations • States are encouraged to use biometrics to establish or validate identity at border control. • The use of biometric data does not ensure that a person has provided their correct name, citizenship and other information, but when biometric identity has been confirmed, it does help to prevent the person from using another name in their dealings. Biometric identity should be identified at ports of entry and ideally points of exit. • If the biometric verification is negative, or there are other actions to be taken determined at the primary port of entry, the traveler may be sent to secondary inspection for detailed inspection. • Primary or Secondary inspection can include a three-way visual comparison of the MRTD holder, the printed portrait image on the Data Page of MRTD and the stored digital record read from the biometric storage medium in their MRTD (passport) or central database (visa). • Ideal would be a gate/booth that captures those biometrics noted in that holder’s passport, e.g.. booth capable of capturing all 3, but only actually captures based on read of the LDS, if passport holder has face biometric only stored, face (image) is captured; if passport holder has fingerprint and face biometrics in their LDS, fingerprint and face are captured.
Border Control Considerations (Cont.) • Procedures need to be determined for how inspection officers would handle exceptions such as when the biometrics on the MRTD do not match the person at the border because the document is not working, the storage medium is damaged or not functioning properly, the verification software does not match the person successfully, the document has been physically tampered with, or the traveler is an imposter. Similarly inspection officers need to be aware of, and have procedures in place, with respect to liveness checking and detection of spoofing. • States need to change the focus of border systems from merely processing entries and exits, to systems that confirm identities through automated systems; and thereby seek to also identify fraudulent identities and fraudulent travel documents. • One-to-one verification systems (and one-to-few watch list checking systems) are the appropriate ones to implement at primary inspection. These could be supplemented by use of one-to-many systems at borders as appropriate. • States need to be aware that land borders present unique challenges – many people cross the same land border regularly for commuting purposes and several people may cross in the same vehicle. • Border Control systems can be complemented by the use of pre-entry systems including API (Advanced Passenger Information) which may also use verification systems as part of their processing.
Face—Perception vs. Reality • Traditional Applications Access Control (live capture by user) Surveillance –poor results Third party developers • The above all inhibit obtaining reliable metrics on Facial Recognition • MRP distinguishing traits High quality Images Constrained images with legacy year database Personally vetted, passport print level quality Scanned images
Common Face Traits • Already captured and verified now • No change to the enrolment process • Immediate deployment –if you already scan and store • “Watch list matching” capability e.g. terrorism, child abduction • Always acquired • Human Verification possible against the photograph • Children still do not need to appear in person
The Business Problem: Where and How ? • Data Storage Technology Types • Which Data Storage Technology ? • What Minimum Data Capacity ? • Future- proofing & Flexibility • “Absolute Minimum” wording • Image or Template ? • Cropping and storage of image issues • Supporting Research – e.g., sizing of storage needs of 12K, 10K, 30K
Contactless Chips • ISO 14443 compliant • Readable at less than 10cm • High capacity of at least 32 K • Data stored for interoperability in accordance with LDS • Security critical—decision to use PKI- enabled digital signatures
QUESTIONS? Barry J. Kefauver Jetlag10@earthlink.net