EP4315115A1 - Procede de controle d'individus a authentification simplifiee - Google Patents

Procede de controle d'individus a authentification simplifiee

Info

Publication number
EP4315115A1
EP4315115A1 EP22715144.6A EP22715144A EP4315115A1 EP 4315115 A1 EP4315115 A1 EP 4315115A1 EP 22715144 A EP22715144 A EP 22715144A EP 4315115 A1 EP4315115 A1 EP 4315115A1
Authority
EP
European Patent Office
Prior art keywords
individual
data
biometric
identity document
electronic chip
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP22715144.6A
Other languages
German (de)
English (en)
French (fr)
Inventor
Laurent Mercier
Pascal DUVILLE
Joost VAN PROOIJEN
Joel VIELLEPEAU
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Idemia Identity and Security France SAS
Original Assignee
Idemia Identity and Security France SAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Idemia Identity and Security France SAS filed Critical Idemia Identity and Security France SAS
Publication of EP4315115A1 publication Critical patent/EP4315115A1/fr
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/32User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • G06F21/35User authentication involving the use of external additional devices, e.g. dongles or smart cards communicating wirelessly
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Definitions

  • the invention relates to a method for checking an individual having an identity document on a medium comprising an electronic chip in which is stored biometric reference data of the individual and able to display an automatic reading zone representing optical reading data of the identity document.
  • the invention applies in particular to the control of individuals for access to a protected area or service such as access to boarding an aircraft.
  • An identity check is sometimes required when an individual accesses a protected area or service, such as when crossing a border or when boarding a plane.
  • Electronic identity documents such as passports or electronic identity cards make it possible to implement an identity check by biometric authentication, that is to say by comparing a biometric datum acquired with a biometric trait of the individual to biometric data prerecorded in a chip contained in the identity document.
  • Such documents allow increased security because the biometric data which is contained in the document can be protected and signed by an official entity that issued the document, which can be verified during the check.
  • MRZ machine-readable Zone
  • Such a machine-readable zone is a part of the surface of the document (or, where applicable, of one of its pages) containing text printed in a standardized format, so capable of being read by a computer and deciphered by optical recognition of printed characters.
  • the individual in order to perform authentication, the individual must present the document to the particular page on which the machine-readable zone is located, in a specific direction allowing a reader of the controlling device to read it. Once the number has been acquired, it can be used to access the contents of the chip.
  • This physical manipulation step is time-consuming and tends to clog up queues, for example at airports. It is also the cause of a substantial proportion of failures to authenticate individuals.
  • an individual manipulates his passport to position it correctly on a reader of a control device, which reads the automatic reading zone of the passport, and accesses the biometric data, in this case an image of the individual's face, contained in the passport.
  • a number is associated with this biometric data, and a ticket bearing this number is issued to the individual.
  • the data as well as the number are saved in a database.
  • the individual presents the ticket to a second control device.
  • This device reads the number written on the ticket and accesses the database to retrieve the corresponding biometric data.
  • the aim of the invention is to remedy the problem described above.
  • one of the aims of the invention is to propose an automatic control method minimizing the manipulation of documents by the individual.
  • Another object of the invention is to reduce the time necessary for the implementation of the authentication step.
  • Another object of the invention is to propose a control method which is simple and practical to implement for individuals.
  • the subject of the invention is a method for checking an individual who has an identity document on a medium comprising an electronic chip in which is stored biometric reference data of the individual and capable of displaying a machine read area representing read data of the identity document, the method comprising the implementation by a control device of steps of:
  • Step (c) does not include either the retrieval of the individual's reference biometric data from said electronic chip via said secure communication channel or the reading of said machine-readable zone of the identity document medium.
  • Step (c) comprises the implementation of an authentication of said electronic chip via said secure communication channel.
  • Said electronic chip stores a pair of a private key and a public key, said authentication of said electronic chip being chosen from active authentication and hardware authentication.
  • Said authentication of said electronic chip is an active authentication comprising the verification using said public key of an electronic signature received from the electronic chip in response to the sending of a nonce.
  • No data other than the data necessary for said authentication of the electronic chip is transmitted via said secure communication channel.
  • Said secure channel is opened in accordance with a protocol selected from Basic Access Control, BAC, and Password Authenticated Connection Establishment, PACE, using a key derived from said retrieved optical reading data.
  • Step (b) comprises: a comparison of the reference biometric data stored in the memory with the candidate biometric data, and the selection of at least one identity document optical reading datum corresponding to at least one reference biometric datum having a rate of similarity with the candidate biometric datum greater than a predetermined threshold.
  • step (c) is attempted for each selected optical reading data until the secure communication channel is opened.
  • the control device comprises contactless communication means, step (c) being implemented by approaching said support to the control device in any orientation.
  • the method comprises a prior step (aO) implemented by an enrollment device, for retrieving the reference biometric data of the individual from said electronic chip; acquisition of the optical reading data of the identity document by reading the machine-readable zone; and recording, in said remote memory (20), the optical reading data of the identity document in connection with the reference biometric data of the individual.
  • the identity document is a passport, and: during step (aO), the passport is presented open to the page of the machine-readable zone at the enrollment device for the implementation of the acquisition of the optical reading data of the identity document, and during step (c), the passport is presented closed to the control device.
  • the invention relates to a device for checking an individual having an identity document on a medium comprising an electronic chip in which is stored biometric reference data of the individual and capable of displaying a automatic reading zone representing an optical reading data of the identity document, configured for the implementation of steps of:
  • the invention relates to a system for checking individuals, comprising: a memory, a checking device according to the second aspect, and an enrollment device, configured for the implementation of steps for retrieving the reference biometric data of the individual from said electronic chip; acquisition of the optical reading data of the identity document by reading the machine-readable zone; and recording, in said remote memory, the optical reading data of the identity document in connection with the reference biometric data of the individual.
  • the invention relates to a computer program product comprising code instructions for the execution of a method according to the first aspect of controlling an individual; and a computer-readable storage medium on which a computer program product includes code instructions for performing a method according to the first aspect of control of an individual.
  • FIG. 1 schematically represents a control system for implementing the method according to the invention
  • FIG. 2 schematically represents the main steps of a preferred embodiment of the control method according to the invention. DETAILED DESCRIPTION OF AT LEAST ONE EMBODIMENT OF THE INVENTION
  • an individual control system 1 is shown. This system makes it possible to carry out the biometric authentication of individuals to authorize or prohibit the access of individuals to a zone or to a secure service.
  • the individual To be able to carry out the control, the individual must have a physical or dematerialized identity document. In both cases, he has a physical medium for the identity document
  • the identity document is a physical document (i.e. the medium is the document), such as a passport or an identity card, or even a chip card (“smartcard”), comprising a electronic chip, for example an RFID chip, in which is stored at least one biometric datum, acquired from a biometric trait of the individual.
  • a physical document i.e. the medium is the document
  • a chip card comprising a electronic chip, for example an RFID chip, in which is stored at least one biometric datum, acquired from a biometric trait of the individual.
  • biometric data contained in the identity document is subsequently qualified as reference biometric data (as opposed to candidate biometric data, acquired on the fly on the individual).
  • the electronic chip generally also stores various alphanumeric data of the individual, which are in practice printed on the support of the identity document if it is "physical”, called “visual data”, chosen in particular from: o Full number of the identity document; o Expiry date; o Date of issue; o Name; o First name(s); o Nationality; o Date of birth; o Place of birth; o Gender; o Size; o Address; o Etc.
  • Each identity document also has an automatic reading zone representing optical reading data (that is to say intended to be easily transmitted visually to computers), for example of the MRZ type, QR code or PDF417, also printed on the media for a physical document.
  • the machine-readable zone of a document is reserved for the reading, identification and validation of this document.
  • optical reading data which is digital data (which is generally also stored in the electronic chip) coding for a set of information and in particular some of said visual data (at least the number of the identity document, the date of birth of the individual, and/or the date of expiry of the identity document, in practice their concatenation), referenced “DG1" in the ICAO specifications (the reference biometric data is referenced “DG2” , and a certain amount of optional information is referenced DG3 to DG16); its representation for optical reading, which is the automatic reading zone, in a format readable by a computer or any equivalent processing unit capable of implementing optical acquisition and extraction of the optical reading data and its decoding.
  • the optical read data is the contents of the optical read area.
  • the representation of the optical reading data is a character string (and its reading involves optical character recognition) and in the case of QR code it is a 2D barcode.
  • the preferred example of the MRZ will be described, and by misuse of language, the corresponding optical reading data will be designated MRZ.
  • the MRZ in French ZLA is standardized by the ICAO (ICAO/ICAO 9303), included in the ISO/CEI 7501-1:2008 standard (and the ICAO supplement).
  • this document is in the form of a booklet comprising covers and a set of pages, the machine-readable zone (in MRZ format) appearing on one of the pages of the booklet, involving the opening to the correct page and the correct positioning of the passport for the reading of this zone.
  • the identity document is dematerialized on a user terminal such as a smartphone or a watch connected, ie the document medium is said terminal, but in practice there is also an electronic chip (a terminal processor and storage means - for example a flash memory) and the same data.
  • a terminal preferably comprises contactless communication means (typically NFC, but also BLE, or even UWB, and in general any proximity radio communication) making it possible to reproduce exactly the operation of an RFID chip such as that of a passport. .
  • the machine-readable zone (its MRZ, QR code or PDF417 representation) is not printed on the support and only displayable on demand. More precisely, this data is also stored in the storage means of the terminal, for display on an interface of the terminal. This display advantageously reproduces the original appearance of a physical identity document, for example by displaying the entire page of the equivalent passport.
  • the support of the identity document of the individual always comprises an electronic chip in which is stored a biometric reference data of the individual, and always allows the visual provision of optical reading data of the identity document, whether it is simply displayed or physically printed on the medium.
  • the people screening system can for example make it possible to check individuals before boarding an aircraft or before crossing the border of a country.
  • the individual control system 1 comprises a control device 30, a memory 20, and potentially an enrollment device 10.
  • the control device 30 is advantageously placed at the entrance to a secure access zone. It can take the form of a gate which the individual can only pass through if the control is successful.
  • the enrollment device 10 is advantageously a fixed control structure such as a kiosk, possibly located in the same infrastructure (for example the same building) as the control device 30 and at a distance from the latter (in the case of check in an airport before boarding an aircraft, the enrollment device can be located in the same departure terminal as the control device. However, it is not located in the queue of the control device to be able to split the flow of individuals using the two devices), but alternatively in an official building such as a town hall or any other trusted entity. Indeed, as will be seen, there is only need for a single initial use of the enrollment device, which must be secure, and then the present method of checking an individual can be implemented a a large number of times. To reformulate, there is no need for enrollment before each control, unlike the known methods of the state of the art
  • the enrollment device 10 comprises a computer 11, such as for example a processor, a microprocessor, a controller, etc.
  • the module 12 also comprises a module 12 for reading the content of the optical reading data of a document.
  • the module 12 can for example comprise an image sensor 13, such as for example a digital still camera or a digital camera, adapted to acquire an image of the machine-readable zone, and a module 14 for character recognition.
  • the module 14 can be a software application executable by the computer 11 or alternatively a hardware module. This may be the case when, for example, the control device is the individual's mobile phone or tablet or personal computer, and this device is configured to perform character recognition. Alternatively, the image processing of the machine-readable zone can be performed remotely if the individual's device does not have this functionality.
  • the module 14 can be a software application executable by a computer of another processing unit remote from the winding device (not shown), and the enrollment device 10 then comprises a communication interface with the remote processing unit making it possible to send it the image of the machine-readable zone on which the character recognition must be carried out.
  • the enrollment device 10 further comprises a chip reader 16 of an identity document.
  • the chip contained in the support of the identity document is a radiofrequency chip (for example an RFID radio-identification tag or a UHF chip), or the support comprises contactless communication means (of the NFC type, etc. .), and the reader 16 is adapted to read the contents of the chip remotely, by radiofrequency communication with the chip.
  • the enrollment device 10 comprises a remote communication interface 15 with a memory 20 of the control system 1. This interface allows the computer 11 to exchange information with the memory 20.
  • the memory 20 is advantageously remote from the device. enrollment 10.
  • the communication interface 15 is preferably the combination of a wired communication interface, for example Ethernet, or wireless, for example of the Wifi or Bluetooth type or mobile telephone network (GPRS, 3G, 4G or other) and any other downstream communication network linking to memory 20.
  • a wired communication interface for example Ethernet, or wireless, for example of the Wifi or Bluetooth type or mobile telephone network (GPRS, 3G, 4G or other) and any other downstream communication network linking to memory 20.
  • the enrollment device 10 can finally comprise an information input interface 17 such as a keyboard, a touch screen, etc.
  • the control device 30 comprises a computer 31, which can also be a processor, microprocessor, controller, etc.
  • control device 30 comprises a module 32 for acquiring biometric data on a biometric trait of an individual.
  • the biometric trait can for example be the shape of the face, one or more fingerprints of the individual, or even one or more irises of the individual. It can also be the structure of the venous network of one or more fingers or of one or both hands, or the respective sizes of phalanges or fingers.
  • the biometric data acquisition module 32 comprises an image sensor 33, and an image processing module 34 suitable for extracting biometric data from an image of a biometric line.
  • the extraction of the biometric data is implemented by processing the image of the biometric trait which depends on the nature of the biometric trait.
  • Various image processing operations to extract biometric data are known to those skilled in the art.
  • the extraction of the biometric data can comprise an extraction of the minutiae of the fingerprints from a fingerprint image. Alternatively, it may comprise an extraction of particular points or of a shape of the face in the case where the image is an image of the face of the individual, etc.
  • a convolutional neural network can be used.
  • the memory 20 of the control system can be a memory integrated into the control device 30.
  • it can be a memory remote from the control device 30, advantageously a base of data.
  • the latter also comprises a remote communication interface 35 with the memory 20.
  • control device 30 includes a chip reader 36 of an identity document.
  • the chip contained in the identity document medium is a radio frequency chip (for example an RFID radio-identification tag or a UHF chip), or the medium includes contactless communication means (of the NFC type, etc. ), and the reader 36 is adapted to read the content of the chip remotely, by radiofrequency communication with the chip.
  • the control device 30 can also include an information input interface 37 such as a keyboard, a touch screen, etc.
  • System 1 is suitable for implementing the control method described below.
  • the method advantageously has a prior step (a0) of enrollment implemented by the winding device 10. As explained, this step only needs to be done once, and then the method can be implemented. work without understanding it. It should be noted that, preferably, provision will be made to re-implement it at regular intervals, for example once a year, for safety.
  • Step (a0) aims to create an entry in the memory 20 corresponding to the identity document of the individual, and typically consists of the generation of a DTC of the individual.
  • DTC Digital Travel Credentials, in French Certificat de Voyage Numérique, we mean a container of the virtual version of an identity document, in a form recognized by the ICAO, see in particular the presentation https://www.icao .int/Meetings/TRIP-Symposium- 2019/Publishinglmages/Pages/Presentations/Digital%20Travel%20Credentials.pdf.
  • the DTC contains all or part of the aforementioned data of an identity document, in particular the optical reading data (DG1) and the reference biometric data (DG2).
  • step (aO) can be seen as a dematerialization of the identity document of the individual. It will be noted that the fact of using a terminal as a medium for the identity document already implies that the DTC exists and is loaded into the memory of the terminal, so that step (aO) is theoretically only to be implemented in the case of a physical identity document.
  • step (aO) first includes the recovery of the individual's reference biometric data from said electronic chip and the acquisition of the optical reading data of the identity document by reading the reading zone 6.
  • This action is classic and can be implemented in a conventional way (this is what is often done today at airport control devices and generates queues). It requires the individual to manipulate the identity document to present his document to the sensor 13, on the page of the automatic reading zone, and with the automatic reading zone in view of the acquisition zone of the sensor 13, c ie presented in a position and in a direction allowing the sensor to acquire an image of the zone.
  • the reading module 12 of the enrollment device 10 acquires an image of the automatic reading zone and extracts from this zone the optical reading data of the document.
  • the retrieval of the reference biometric datum can be substantially simultaneous because the optical reading datum can be used to access the content of the chip and to retrieve the reference biometric datum.
  • biometric data of the individual corresponding to different biometric traits may be available and retrieved. For example, a first biometric data from the individual's iris, and a second from the face, or fingerprint, etc.
  • the enrollment device 10 records, in said memory 20, the optical reading data of the identity document in connection with the reference biometric data of the individual.
  • a datum can be generated by the computer 11, comprising the optical reading datum and the reference biometric datum, for example in the form of a doublet, and stored in the memory. The two data are thus associated in the memory 20.
  • the fact of recording several biometric data in connection with the optical reading data of the identity document can allow the method to be compatible with different technologies implemented at different checkpoints, or to increase the security of the method by using in the continuation of the method several biometric data to find the optical reading data.
  • step (aO) of the method can also comprise the acquisition (or the recovery from the electronic chip, as for the reference biometric data) of additional data comprising:
  • Identity data relating to the individual this data being able for example to be confronted with data appearing on the identity document and allowing an increased security of the control (for example, surname, first name(s), date and place of birth),
  • the data may include the flight number, the name of the airline, the airport of landing and/or take-off, etc.
  • the data may be a visa number, a country of origin, etc. and/or A public key, for example referenced DG14 or DG15, see below.
  • This acquisition of additional data is advantageously implemented before the recording in the memory, and in this case the data making it possible to discriminate the individual are also recorded at the same time in connection with the optical reading data of the identity document and the individual's reference biometric data.
  • control method itself is implemented by the control device 30. This step can be implemented completely uncorrelated from enrollment (aO).
  • the individual presents himself to the control device 30 and presents to the biometric data acquisition module 32 the same biometric trait as that to be from which the reference biometric data was obtained.
  • Candidate biometric data is acquired on this trait during a step (a).
  • the control device 30 retrieves from the memory 20, from this candidate biometric data, the optical reading data of the document previously recorded for the same individual. To do this, the device searches in the memory 20 for reference biometric data corresponding to the candidate biometric data, that is to say which has been acquired on the same line, by comparing the candidate biometric data with the biometric data references stored in memory. A match is established if a rate of similarity between two biometric data exceeds a predetermined threshold, which depends on the way in which the comparison is established and on the nature of the biometric trait.
  • a non-limiting example of implementation of comparison between two data is by calculating the distance (Euclidean distance, Hamming distance, etc.) between the data.
  • the control device 30 then recovers the optical document reading data corresponding to each of the reference biometric data having a level of correspondence with the candidate biometric data above said threshold.
  • the control device 30 can therefore recover one or more optical document reading data.
  • step (aO) If several reference biometric data corresponding to different biometric traits were retrieved during enrollment (aO), then either several candidate biometric data are acquired on the same traits in step (a) and are used for step (b) searching for the optical reading data of the identity document, which increases security, or a single candidate biometric data is acquired and used for step (b).
  • the diversity of data acquired in step (a) makes it possible in this case to increase the compatibility of the process with different control devices 30.
  • step (a) may further comprise the acquisition of additional data, during which the individual again enters the same data(s) as during enrollment (aO).
  • additional data are intrinsically and therefore known beforehand by the control device 30, for example because of its location if these data designate the airport in which the control device 30 is located.
  • step (b) Any additional data is advantageously used in step (b) to restrict the set of reference biometric data of the memory to be compared with the candidate biometric data, by selecting only the biometric data recorded in the memory in connection with the same additional data (e.g. same country of origin, etc.).
  • step (b) This speeds up the implementation of step (b) and reduces the number of document optical reading data obtained at the end of this step.
  • the method comprises a main step (c) during which the individual presents his document to the reader 36 of the control device 30.
  • the control device 30 opens, or at least attempts to open , a secure communication channel with the electronic chip of the support of the identity document of the individual by using said retrieved optical reading data.
  • step (c) does not include either the retrieval of the individual's reference biometric data from said electronic chip via said secure communication channel, nor the reading of said automatic reading zone of the document medium of identity.
  • the reader 36 since the reader 36 only interacts with the electronic chip, and not the machine-readable zone, it is not necessary to present the document open or in a particular direction. In particular, the passport may be presented closed, in any orientation. This implies a considerable saving of time for the individual, who does not need any particular handling of the identity document, or any other document for which a reading zone or a barcode should be read and deletes the risks of failure linked to this manipulation.
  • control device 30 would have had to read the content of the document chip to recover the biometric authentication data from the optical reading data or data that it holds, which takes time. long enough.
  • the biometric authentication has in fact already taken place, since we have been able to identify at least one reference biometric datum corresponding to the candidate biometric datum, and we just want to verify this authentication (and identify the individual uniquely if there was still ambiguity) and ensure that the individual has the corresponding identity document.
  • Reader 36 opens the channel using said retrieved optical read data as a password. In the event that it has recovered at the end of step (b) several numbers, the reader tries to open the channel by trying the optical reading data recovered one after the other until trying those which correspond to the identity document of the individual and which authorizes access to the content of the chip.
  • said secure channel is opened in accordance with a protocol selected from Basic Access Control, BAC, and Password Authenticated Connection Establishment, PACE, using a key derived from said retrieved optical reading data.
  • said key is preferably, in accordance with ICAO specifications, for MRZ optical reading data, a hash of the concatenation of the number of the identity document, the date of birth of the individual, and the expiry date of the identity document.
  • step (c) may in fact comprise the opening of two interleaved channels: a first "protocol” channel between the contactless communication module of the terminal and the reader 16 (for example a BLE channel), and in this channel the secure “application” communication channel is opened using said retrieved optical reading data.
  • a first "protocol” channel between the contactless communication module of the terminal and the reader 16 (for example a BLE channel)
  • the secure “application” communication channel is opened using said retrieved optical reading data.
  • step (c) comprises the implementation of authentication of said electronic chip via said secure communication channel, in particular active authentication (“active authentication”) or hardware authentication (“chip authentication”). “), and we will also mention PACE with chip authentication mapping (PACE-CAM), see for these three mechanisms part 11 of the ICAO/ICAO 9303 specification (chapter 6).
  • active authentication active authentication
  • chip authentication hardware authentication
  • PACE-CAM PACE with chip authentication mapping
  • the original/authorized chips store a pair of a private key and a public key, the private key being inaccessible in reading and the public key being accessible (for example referenced DG14 for chip authentication and referenced DG15 for active authentication).
  • this public key can be retrieved using the secure channel (it is much lighter than biometric data for example), or even directly retrieved during the creation of the DTC (enrollment step (a0)), this which is preferred to avoid any need to read data from the electronic chip.
  • Chip authentication is well known to those skilled in the art, and is based on a Diffie-Hellman key agreement protocol and consists of an exchange of public keys with the electronic chip (the electronic chip provides its so-called static public key, and the control device 30 provides a so-called ephemeral public key), then the generation of a common secret (the electronic chip uses its private key corresponding to the static public key and the control device 30 uses its private key corresponding to the key ephemeral public), and finally changing the encryption key of the secure channel from this common secret (the new session key is derived from the common secret). If the control device 30 “understands” the identity document after this change of key (i.e. each party has indeed obtained the same session key), then the electronic chip of the identity document is correctly authenticated.
  • this authentication is called active because it involves a challenge/response mechanism: said active authentication of said electronic chip comprises verification (by the control device 30) using said key public of an electronic signature received from the electronic chip in response to the sending of a nonce (the challenge).
  • the control device 30 generates a nonce, sends it via the channel to the secure chip. This calculates its signature using its private key: the chip hashes the nonce (with a cryptographic hash function), then encrypts (among other things) the hash using the private key, with a cryptographic function such as RSA, and returns the signature in response to the control device 30 which decrypts it with the public key and verifies that the hash of the nonce is indeed found.
  • the public key of one or other of the mechanisms can itself be signed with a private key of a government body or issuer of the identity document to ensure that we have not put a false private key/public key pair on the electronic chip.
  • step (c) Depending on the result of step (c) (and in particular the active or hardware authentication), access to the zone is authorized or denied for the individual.
  • step (c) may include additional biometric authentication of the individual.
  • This step comprises the comparison of the reference biometric data corresponding to the chip of the formally authenticated document with a new candidate biometric data acquired on the same trait.
  • This other datum may be a second biometric datum acquired by the control device 30 (or another control device) exclusively for the purposes of authentication. This is particularly the case if the biometric trait corresponds to another reference biometric datum than the reference biometric datum corresponding to the first candidate datum, or if there are several control devices, for example in an airport a first device when crossing the border and a second when boarding.
  • the proposed method completely eliminates any reading of the automatic reading zone in the recurring control process (the user can go from entering the departure airport to exiting the arrival airport without ever having to present the machine-readable area) and further simplifies handling the support of the identity document since the contactless communication can be much shorter, while ensuring the presence of the identity document during said control and allowing the control of the individual using the data of said identity documents.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Collating Specific Patterns (AREA)
  • Credit Cards Or The Like (AREA)
EP22715144.6A 2021-03-24 2022-03-22 Procede de controle d'individus a authentification simplifiee Pending EP4315115A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR2102940A FR3121241B1 (fr) 2021-03-24 2021-03-24 Procede de controle d’individus a authentification simplifiee
PCT/FR2022/050527 WO2022200730A1 (fr) 2021-03-24 2022-03-22 Procede de controle d'individus a authentification simplifiee

Publications (1)

Publication Number Publication Date
EP4315115A1 true EP4315115A1 (fr) 2024-02-07

Family

ID=77021404

Family Applications (1)

Application Number Title Priority Date Filing Date
EP22715144.6A Pending EP4315115A1 (fr) 2021-03-24 2022-03-22 Procede de controle d'individus a authentification simplifiee

Country Status (9)

Country Link
US (1) US20240070247A1 (ko)
EP (1) EP4315115A1 (ko)
JP (1) JP2024510783A (ko)
KR (1) KR20230158466A (ko)
AU (1) AU2022244306A1 (ko)
CA (1) CA3205344A1 (ko)
FR (1) FR3121241B1 (ko)
WO (1) WO2022200730A1 (ko)
ZA (1) ZA202308124B (ko)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2474931A1 (en) * 2010-12-31 2012-07-11 Gemalto SA System providing an improved skimming resistance for an electronic identity document.
EP2825993A1 (en) * 2012-03-16 2015-01-21 L-1 Secure Credentialing, Inc. Ipassport method and apparatus
FR3051939B1 (fr) 2016-05-24 2019-04-12 Morpho Procede de controle d'individus a authentification simplifiee
GB2563925B (en) * 2017-06-30 2022-02-09 Cryptomathic Ltd System and method

Also Published As

Publication number Publication date
AU2022244306A9 (en) 2024-05-16
WO2022200730A1 (fr) 2022-09-29
AU2022244306A1 (en) 2023-07-27
US20240070247A1 (en) 2024-02-29
ZA202308124B (en) 2024-04-24
FR3121241A1 (fr) 2022-09-30
CA3205344A1 (fr) 2022-09-29
KR20230158466A (ko) 2023-11-20
JP2024510783A (ja) 2024-03-11
FR3121241B1 (fr) 2023-09-01

Similar Documents

Publication Publication Date Title
EP2502211B1 (fr) Procede et systeme de controle automatique de l'authenticite d'un document d'identite.
EP3690686B1 (fr) Procédé d'authentification, serveur et dispositif électronique d'identité
US20150100487A1 (en) Multi factor authentication rule-based intelligent bank cards
EP3249569B1 (fr) Procédé de contrôle d'individus à authentification simplifiée
US20130339749A1 (en) Distributed biometric data storage and validation
CA2957774A1 (fr) Procede de securisation et de verification d'un document
WO2014198812A1 (fr) Procede de controle de personnes et application a l'inspection des personnes
EP3008703B1 (fr) Procédé d'identification biometrique
FR3083894A1 (fr) Procede de reconnaissance biometrique
EP3742699B1 (fr) Procédé d'authentification forte d'un individu
EP3731117B1 (fr) Procedes d'enrolement de donnees d'un document d'identite d'un individu et d'authentification d'un document d'identite
EP2547036B1 (fr) Procédé de signature authentique d'un document de travail
EP4315115A1 (fr) Procede de controle d'individus a authentification simplifiee
FR3083895A1 (fr) Procede de reconnaissance biometrique
WO2018154190A1 (fr) Système biométrique de contrôle d'accès dynamique
Busch Facing the future of biometrics: Demand for safety and security in the public and private sectors is driving research in this rapidly growing field
WO2017163227A1 (en) User authentication using biometric information
EP3926499A1 (fr) Procédé d'authentification d'un utilisateur sur un équipement client avec un système d'archivage sécurisé de justificatifs d'identité
FR3060168B1 (fr) Procede et systeme d'identification biometrique
WO2022096841A1 (fr) Procede d'authentification securise par le decouplage structurel des identifiants personnels et de services
EP4075728A1 (fr) Systeme et procede de traitement de donnees personnelles
EP2151785A1 (fr) Procédé et dispositif d'authentification parcellaire et non réversible
Nanavati et al. Biometric Data Safeguarding Technologies Analysis and Best Practices
FR2958818A1 (fr) Procede d'authentification biometrique, systeme d'authentification, programme, dispositif sans contact et terminal correspondants.

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20230727

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR