EP1915742A1 - Procede et dispositif pour controler un passeport electronique - Google Patents

Procede et dispositif pour controler un passeport electronique

Info

Publication number
EP1915742A1
EP1915742A1 EP06776718A EP06776718A EP1915742A1 EP 1915742 A1 EP1915742 A1 EP 1915742A1 EP 06776718 A EP06776718 A EP 06776718A EP 06776718 A EP06776718 A EP 06776718A EP 1915742 A1 EP1915742 A1 EP 1915742A1
Authority
EP
European Patent Office
Prior art keywords
data
passport
personal data
passbook
authenticity
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP06776718A
Other languages
German (de)
English (en)
Inventor
Werner Ness
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Giesecke and Devrient GmbH
Original Assignee
Giesecke and Devrient GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Giesecke and Devrient GmbH filed Critical Giesecke and Devrient GmbH
Publication of EP1915742A1 publication Critical patent/EP1915742A1/fr
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/22Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder
    • G07C9/25Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition
    • G07C9/257Individual registration on entry or exit involving the use of a pass in combination with an identity check of the pass holder using biometric data, e.g. fingerprints, iris scans or voice recognition electronically

Definitions

  • the invention is based on an electronic passport as it can be removed, for example, from US 2003/0168514 A1.
  • the passport described therein has the shape of a passport book, in whose lid an RFID arrangement with a chip for receiving data and an antenna is incorporated as an interface to the outside world.
  • the pass described can be read by machine without contact.
  • a method for the fully automatic performance of certain tests using a passport can be removed, which has a non-volatile memory, which is electronically readable.
  • the check comprises a comparison of an image information taken by the owner of the passport with an image information read out of the passport.
  • the authenticity of the passport is also determined.
  • test information can also be entered in the passport.
  • Advantage of the method is that the presence of a test person is eliminated.
  • the proposed steps require some data processing effort, which precludes rapid implementation.
  • EP 1 170 705 A2 discloses a fully automatic intake system which is particularly suitable for the handling of air passengers, in which information from a passbook is used in order to determine the identity of the traveler and to check the legitimacy of the passport.
  • the personal identity check is performed by data comparison of a photograph taken by a traveler with an automatic camera and a photograph taken from the image in the passport.
  • machine-readable data in the passport are read out and compared with a "black" list.
  • the proposed system eliminates the need for panelists to have their personal presence on the intake system, but works comparatively slowly because of the need to convert photos into data twice, or requires a very powerful and therefore expensive data processing system. For safety reasons, the complete removal of test persons from the control process is frequently not desirable; this applies in particular to border controls. However, for an arrangement involving a test person, the proposed system is not suitable because of its comparatively slow operating speed.
  • DE 199 61 403 C2 discloses a method for controlling persons by checking an electronic authorization card in the form of a smart card containing formal and biometric personal data.
  • a person to be controlled is directed successively through two locks. In the first lock, a check is made on the authenticity of the smart card and the personal data, in the second a check of the biometric data underlying the biometric data of the person.
  • the examination of personal data is done cryptographically secured using so-called MACs (Message Authentication Code). The procedure allows an accelerated automatic processing of personal checks.
  • MACs Message Authentication Code
  • the steps to be taken to read personal data from electronic passports are set by standards. Thereafter, it is provided that the reading takes place via a secure data connection.
  • the backup is achieved by applying the known technique of "secure messaging.”
  • Secure messaging is based on the use of so-called “session keys”, which are negotiated at the beginning of a data transfer between the partners involved, here: between a passport and a reader.
  • SSC sense sequence counter
  • MACs Message Authentication Code
  • a MAC is formed by a pass over a veiled response and transmitted together with the response to the reader.
  • the reader also forms a MAC * upon receiving the response on the obtained obfuscated data and compares it with the MAC transmitted in the reply of the passport.
  • the object of the invention is to provide a method for checking an electronic passport, which provides for the involvement of a test person and still can be performed sufficiently quickly.
  • the method according to the invention has the advantage that in a passport control, with justifiable expenditure of time, both a check of electronic data and a visual check by a person can take place. This is accomplished by first reading out electronic data to be checked from the passport to be checked, but the actual checking of the correctness and authenticity of the data takes place only downstream, while at the same time the visual inspection is carried out by one person.
  • the audit may consist of an audit for compliance with specific syntactical requirements or an audit of specific data volumes.
  • Fig. 2 is a test arrangement for testing an electronic passport
  • Fig. 3 is a flowchart of the process of checking an electronic passport.
  • Fig. 1 shows an electronic passport in the form of a passbook 10, which consists of a book cover with the two cover halves 11 and 12. Between the book cover halves 11 and 12 are executed in the manner of a plastic card page 13 made of plastic and several pages 14 made of paper.
  • a chip coil assembly 15, 16 is incorporated, wherein in the chip 15 personal data of a Pcorrobüchbesitzers P are stored and the coil 16 serves as an interface to a reader 20.
  • the personal data contain passbook-typical information such as in particular name, place of residence, date of birth, etc. of a Poubuchbesitzers P.
  • a photo 17 of the passport owner and personal data 18 are applied in plain text. Furthermore, on page 13 is a field 19 with special machine-readable data, which are used to check the authenticity of the passbook.
  • the field 19 is typically in the form of a known, so-called MRZ (Machine Readable Zone).
  • the chip coil assembly 14, 15 may be mounted on another side 12, 13, 14 or may be provided instead of a coil 16 another interface, such as a contact-working.
  • the plastic side 13 further fields can be provided, such as fields with the reproduction of biometric features. len, such as a fingerprint or other fields with personal details.
  • the page 13 also does not have plastic but can be made of any other material, especially paper.
  • the side containing the chip coil assembly 14, 15, ie, depending on the embodiment, the plastic side 13, the cover side 11 or another side 12, 15, is suitably made in the manner of a smart card or at least using the manufacturing methods for the production of smart card.
  • the passbook 10 can also be reduced to a single page, which is then preferably designed in the form of a chip card. This embodiment variant is used in particular for identity cards.
  • Fig. 2 illustrates a test arrangement for checking an electronic passport and the interaction of the components involved.
  • the assembly comprises a passport 10, hereafter simply referred to as a passport, a reader 20, and associated apparatus 30 for accepting a biometric feature from a person to be controlled, i. of a passport owner P.
  • the reading device 20 comprises a device 21 for reading the machine-readable data in the field 19 of a passport 10, an interface 22 for communication with the coil 16 in the passport 10 and a central processing unit 23 connected to the device 21, the interface 22 and the removal device 30 is connected.
  • the central processing unit 23 carries out data processing in order to check the authenticity of a pass presented 10 and the legitimacy of a person P.
  • the reader 20 is useful for a person P whose passport 10 is to be controlled, not accessible and separated from this by a barrier 40.
  • the Components 21, 22, 23 of the reading device 20 may be distributed spatially. Typically, central processing unit 23 is spatially separated from interfaces 21, 22.
  • the interface 22 is useful only for data recording. The entire test takes place in the central processing unit 23.
  • the removal device 30 is used to accept a biometric feature of a person to be checked P and accordingly has suitable means for obtaining a biometric feature.
  • the take-off device 30 may be e.g. have a Fingerabaufate 31; alternatively or additionally, e.g. a photo camera be provided.
  • the removal device 30 is in the access of the person to be checked. 1
  • test arrangement Another component of the test arrangement is a present test person Z, such as a border official or a customs officer, which checks the identity of a person to be checked P by a visual inspection.
  • a present test person Z such as a border official or a customs officer, which checks the identity of a person to be checked P by a visual inspection.
  • a person to be checked P thereby moves in a direction E past the removal device 30, the test person Z and the reader 20, of which it is separated by the barrier 40.
  • the person to be checked when passing the test arrangement first passes to the test person Z their passport 10, which is then presented by the test person Z, arrow 2, at the interfaces 21 and 22 of the reader 20.
  • the person P to be examined presents a specific biometric feature, such as their fingerprint, on the removal device 30, which converts the presented biometric feature into reference data implements and this to the Reader 20 transmitted.
  • the examiner Z removes the passport 10 from the reader 20 and performs a visual inspection of the person P to be inspected. Typically, this visual inspection was performed by comparing the person P with the photo 17 in the passport 10.
  • the central processing device 23 evaluates the data read out of the passport 10 via the interfaces 21 and 22 and the reference data transmitted by the acceptance device 30.
  • the result communicates the reader 20 via suitable display means, such as a display or colored lights, the test person Z with. If the result is positive, the reader 20 generates a Gutsignal.
  • the test person Z then returns to the person to be checked P the passport 10, whereupon it leaves the test arrangement in the direction E. If the evaluation shows that the data read out of the passport 10 via the interfaces 21 and 22 and the reference data transmitted by the acceptance device 30 do not match, the reading device 20 generates an error message.
  • Fig. 3 illustrates the steps to be performed in the course of testing a person P to be checked in the form of a flow chart.
  • the control process begins with the appearance of the person P to be checked on the test arrangement, step 100.
  • the person P to be checked first hands over his passport 10 to the test person Z, step 101.
  • the person P to be checked presents a specific biometric feature to be presented the Ab Spotifyvorrichrung 30, step 102, which generates reference data and sends it to the reader 20.
  • the transferred passport 10 is initially presented by the test person Z at the interface 21, which reads the machine-readable data from the field 19, step 103.
  • the test person Z then presents the passport 10 at the Interface 22, where the personal data stored in the chip 14 are read, step 104.
  • the personal data is read out via a secure data connection.
  • the backup is preferably achieved by "secure messaging" in conjunction with the use of send sequence counters SSC (sense sequence counter)
  • SSC sense sequence counter
  • the accuracy of performing the obfuscation of responses provided by a passport 10 is verified in the reader 20.
  • the verification is preferably carried out by a MAC (Message Authentication Code) check.
  • a MAC is formed by the passport 10 via a veiled response and transmitted to the reader 20 with the answer.
  • the reader 20 also forms a MAC * upon receiving the response on the obtained obfuscated data and compares it with the MAC transmitted in the reply of the passport 10.
  • the transmission of the data to be read from the passport 10 takes place regularly, as described above, in several data packets.
  • the reading out of the data from the passport 10 and the verification of the correctness of the obfuscation in the reading device 20 are no longer carried out in a data packet manner, but rather in a time-separated manner, wherein first all the data required for a test are completely transmitted before the data is read Verification of the correctness of the obfuscation takes place. Accordingly, in step 104, only the complete read-out of all data from the passport 10 takes place. The checking of the correctness of the obfuscation and the restoration of the personal data, however, do not take place immediately. After receipt of a data packet in the reader 20, the next data packet is requested directly from the passport 10.
  • a plausibility check of the data arriving in the reader device 20 takes place directly during the read-out, step 105.
  • a check is made whether the structure of the incoming data corresponds to a specific syntax.
  • it is checked whether the amount of transmitted data corresponds to an expected length. It can also be checked whether all expected data objects have been transferred. If the test in step 105 reveals that the data read out are plausible, this is signaled by the reader 20 to the test person Z.
  • the visual inspection preferably consists in a known manner in a comparison of the photo 17 in the passport with the person P.
  • further activities can be carried out by the test person. For example, the correctness of a visa can be checked.
  • information can be entered in the passport 10 at this point in time, for example stamps can be inserted in the pages 14, step 108.
  • the central processing unit 23 of the reading device 20 carries out the verification of the correctness and the removal of the obfuscation of the data read out of the passport 10, step 109. For this purpose, it forms first of all the readout data. data sliced a MAC * and checks whether this agrees with the transmitted in the answer of the passport 10 MAC. If this is the case, it removes the obfuscation from the read-out data by decryption and thereby restores the personal data contained in the read-out data.
  • the reading device 20 thus has the personal data of the person P to be checked stored in the passport 10, which in particular comprise biometrically verifiable data such as the data of a fingerprint or a passport image, step 110.
  • the biometrically verifiable data then checks the central processing device 23 for authenticity. To this end, it compares the biometrically verifiable data with the reference data that has in the meantime been sent to it by the pickup device 30 after execution of step 102, step 111. If the comparison in step 111 shows that the compared data from steps 110 and 102 match, the reading device 30 determines authenticity and signals the test person Z by means of a good signal that the person P to be checked is authorized.
  • step 112 the test person Z finally returns the pass 10 to the person P to be checked, step 113.
  • the reading device 20 If, when performing steps 109 or 111, a mismatch of the compared data results, the reading device 20 generates a fault avoidance.
  • the invention described above allows a number of not described in detail embodiments.
  • the removal of the biometric feature on the removal device 30 already takes place before the passport 10 is transferred to the test person Z for reading the electronic data; This variant is useful if snakes of controlled persons P form regularly.
  • the return of the passport 10 can take place before the check of the biometrically verifiable data is completed with step 111.
  • the test arrangement can easily also comprise further components, for example a plurality of acceptance devices for acceptance of different biometric features or selection means, by means of which the test person Z selects one of various offered biometric features, which is then tested in the central processing device 23.
  • a technique of secure messaging instead of the technique of secure messaging, another technique for concealing the data transmission between the passport 10 and the reader 20 can be used.
  • a technique other than the use of MACs may be used to demonstrate proper performance of the obfuscation.

Landscapes

  • Engineering & Computer Science (AREA)
  • Human Computer Interaction (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Credit Cards Or The Like (AREA)
  • Collating Specific Patterns (AREA)

Abstract

L'invention concerne un procédé pour contrôler au moyen d'une machine des données relatives à une personne mémorisées de manière électronique dans un passeport (10). Selon l'invention, après la présentation du passeport (10) devant un lecteur (20), les données sont transmises de façon masquée à ce dernier, dans lequel l'exactitude du masquage est d'abord vérifiée, puis le masquage est ôté. Si le contrôle est concluant, un signal de validation est généré. Ensuite, l'authenticité des données reconstituées relatives à la personne est vérifiée. Le contrôle et l'élimination du masquage (109) ainsi que la vérification de l'authenticité (111) sont d'abord décalés dans le temps, après que le passeport (10) ait été enlevé du lecteur (20) pour être soumis à d'autres vérifications par une personne de contrôle (Z).
EP06776718A 2005-08-11 2006-08-09 Procede et dispositif pour controler un passeport electronique Withdrawn EP1915742A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102005038092A DE102005038092A1 (de) 2005-08-11 2005-08-11 Verfahren und Einrichtung zur Prüfung eines elektronischen Passes
PCT/EP2006/007896 WO2007017275A1 (fr) 2005-08-11 2006-08-09 Procede et dispositif pour controler un passeport electronique

Publications (1)

Publication Number Publication Date
EP1915742A1 true EP1915742A1 (fr) 2008-04-30

Family

ID=37308882

Family Applications (1)

Application Number Title Priority Date Filing Date
EP06776718A Withdrawn EP1915742A1 (fr) 2005-08-11 2006-08-09 Procede et dispositif pour controler un passeport electronique

Country Status (4)

Country Link
US (1) US8857717B2 (fr)
EP (1) EP1915742A1 (fr)
DE (1) DE102005038092A1 (fr)
WO (1) WO2007017275A1 (fr)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB0818271D0 (en) * 2008-10-06 2008-11-12 Rue De Int Ltd Document security feature
US8381973B2 (en) * 2010-11-22 2013-02-26 International Business Machines Corporation System and method for providing and verifying a passport
EP2474931A1 (fr) * 2010-12-31 2012-07-11 Gemalto SA Système fournissant une résistance améliorée contre le vol de données pour un document d'identité électronique
DE102011117467A1 (de) * 2011-11-02 2013-05-02 Giesecke & Devrient Gmbh Dokumentenprüfung
DE102011121567A1 (de) 2011-12-20 2013-06-20 Giesecke & Devrient Gmbh Verfahren zum kontaktlosen Auslesen eines Identifikationsdokuments
GB2500823B (en) * 2013-03-28 2014-02-26 Paycasso Verify Ltd Method, system and computer program for comparing images
CN110073418B (zh) * 2016-12-16 2021-08-06 松下知识产权经营株式会社 门禁系统控制装置以及门禁系统的控制方法
JP7006804B2 (ja) * 2018-10-12 2022-01-24 日本電気株式会社 情報処理装置、情報処理方法及びプログラム

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4993068A (en) * 1989-11-27 1991-02-12 Motorola, Inc. Unforgeable personal identification system
JPH0535935A (ja) 1991-07-26 1993-02-12 Yokogawa Electric Corp パスポートとそのパスポートを利用した出入国管理システム
NL1010443C2 (nl) * 1998-11-02 2000-05-03 Robert Arnout Van Der Ing Loop Fraudebestendig identificatie- en legitimatiesysteem waarbij de identificatie- en legitimatiegegevens op een gegevensdrager worden vastgelegd in optisch leesbaar en in digitaal formaat, waarbij de digitaal opgeslagen gegevens middels cryptografie (digitale handtekening) zijn beveiligd.
CA2392264C (fr) * 1999-11-19 2010-08-10 Accenture Gmbh Systeme et procede de controle automatique du passage d'une frontiere
DE19961403C2 (de) * 1999-11-19 2002-09-19 Accenture Gmbh System und Verfahren zur automatisierten Kontrolle des Passierens einer Grenze
JP2002008070A (ja) 2000-06-26 2002-01-11 Toshiba Corp 通行審査システム
FR2824018B1 (fr) * 2001-04-26 2003-07-04 Arjo Wiggins Sa Couverture incorporant un dispositif d'identification radiofrequence
US7509499B2 (en) * 2002-02-12 2009-03-24 Semtek Innovative Solutions Corporation Secure token access distributed database system
NL1020903C2 (nl) 2002-06-19 2003-12-22 Enschede Sdu Bv Systeem en werkwijze voor het automatisch verifieren van de houder van een autorisatiedocument en het automatisch vaststellen van de authenticiteit en geldigheid van het autorisatiedocument.
US7083090B2 (en) * 2002-08-09 2006-08-01 Patrick Zuili Remote portable and universal smartcard authentication and authorization device
US7333001B2 (en) * 2002-11-23 2008-02-19 Kathleen Lane Secure personal RFID documents and method of use
US8112278B2 (en) * 2004-12-13 2012-02-07 Securicom (Nsw) Pty Ltd Enhancing the response of biometric access systems

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See references of WO2007017275A1 *

Also Published As

Publication number Publication date
US8857717B2 (en) 2014-10-14
US20090090777A1 (en) 2009-04-09
WO2007017275A1 (fr) 2007-02-15
DE102005038092A1 (de) 2007-02-15

Similar Documents

Publication Publication Date Title
WO2007017275A1 (fr) Procede et dispositif pour controler un passeport electronique
EP1099197B1 (fr) Dispositif pour fournir des donnees de sortie en reaction a des donnees d'entree, procede de verification d'authenticite, et procede de transfert code d'informations
WO2000074001A1 (fr) Dispositifs et procede pour l'authentification biometrique
DE10204870A1 (de) Verfahren zur Fälschungssicherung eines Wertträgers, Wertträger und Verfahren zur Überprüfung seiner Echtheit
EP0006498A1 (fr) Procédé et dispositif pour l'authentification de documents
EP0750086B1 (fr) Système d'authentification
WO1999027500A1 (fr) Procede et dispositif de traitement de donnees biometriques
DE102005003647A1 (de) Identifizierungssystem
DE10203926A1 (de) Datenträger mit mindestens einem Speicherelement
DE102008041990A1 (de) Dokument, Verfahren zur Herstellung und zur Überprüfung eines Dokuments, Computerprogrammprodukt, Datenverarbeitungssystem und Prüfsystem
DE102010052985A1 (de) Echtheitsprüfvorrichtung mit Dehnungsmessstreifen
AT507372A1 (de) Identifikationsmerkmal
DE19756736A1 (de) System zur Aktivierung von Kartenfunktionen bei geldbetätigten Automaten
WO1997033252A1 (fr) Procede et dispositif pour verifier l'authenticite de documents sous la forme de cartes a puce
DE102020123755B4 (de) Verfahren zum Authentifizieren mit einem optoelektronisch lesbaren Code sowie Funktionsfreigabeeinrichtung und Computerprogramm hierzu
WO1999041708A1 (fr) Moyen d'autorisation d'acces ou d'identification et procede permettant de le realiser
DE19921387C2 (de) Anordnung und Verfahren zum Vergleich von Biometrik-Daten
EP2053569A2 (fr) Procédé destiné à la sécurité à base de PIN d'un support de données portable contre l'utilisation non autorisée
DE102004053562B4 (de) Verfahren und Vorrichtung zur Bereitstellung von Kartenrohlingen
WO2003071492A2 (fr) Procede pour constater le droit d'une personne a utiliser un support de donnees portatif
DE10107527A1 (de) Verfahren zur eindeutigen Zuordnung eines digitalen, extern erzeugten kartenindividuellen Datums zu einer Chipkarte
EP3369586A1 (fr) Dispositif et procédé de contrôle de la qualité
EP3548300A1 (fr) Procédé de fabrication et de vérification d'un document de sécurité et document de sécurité
AT502848A1 (de) Markierungsvorrichtung und verfahren zur elektronischen signatur
DE29722490U1 (de) System zur Aktivierung von Kartenfunktionen bei geldbetätigten Automaten

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20080311

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LI LT LU LV MC NL PL PT RO SE SI SK TR

17Q First examination report despatched

Effective date: 20090504

DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20160301