The predecessor to Pakistan's new passport will not be remembered for its security. Apart from being easy to forge, the document was issued manually, giving rise to considerable security risks.
All the more reason, therefore, for the Pakistani authorities to develop a secure passport, issued with a minimum of human intervention. To make sure that the passport would be accepted by the world community, the authorities opted for a state-of-the-art, ICAO-compliant and biometrically-enabled document, protected by the latest security features. The result did not disappoint - the new passport is a highly secure, tamper-proof document that reflects the true spirit of the latest ICAO standards.
The Pakistani passport programme is closely related to the country's ID card programme, which was started in June 2001. A little over four years later, the identities of more than 74 million citizens had been registered in the National Data Warehouse. Moreover, 35,000 new identities are added each day. As the database has proven its worth - it has been successfully used to tackle identity theft and related fraud, for example - all citizens applying for a passport must be in possession of a National ID card.
The applicant's authenticity is verified when he/she applies for a passport, on the basis of information obtained during the ID card enrolment process. Verification takes place via the centralised, online National Data Warehouse, based in Pakistan's capital Islamabad.
AUTOMATIC FINGERPRINT IDENTIFICATION SYSTEM (AFIS):
The applicant's thumbprints and index finger prints are captured during enrolment. These prints are subsequently converted to templates, which are cross referenced (1:n) using an Automated Fingerprint Identification System (AFIS) to eliminate duplicates.
AFIS also checks (1:1) the newly acquired prints against the ID card holder's previously-stored fingerprints, thus ensuring that the name, date of birth and father's name are the same, as those stored in the National Data Warehouse.
Facial recognition system
Once the fingerprints have been verified, the high quality photograph captured for inclusion in the passport is compared to the photograph stored in the National Data Warehouse. Here, the aim is to ensure that the passport is issued to the right person. To compensate for the poorer quality of the photographs stored in the warehouse, the 1:1 threshold has been lowered (conversely, new applications for ID cards can be cross referenced against higher quality passport photographs).
The photograph is subsequently checked against a blacklist (1:n) and, in order to ensure that a given applicant is only issued a single passport, the passport database. The above checks augment and confirm the AFIS results. Wherever the passport holder uses his/her passport at an exit/entry point, the immigration authorities check the electronic photograph against a live sample.
DATA PERSONALIZATION:
The passport photograph contains Invisible Personalization Information (IPI), a state-of-the-art security feature that allows the passport number and name of the holder to be printed on the basis of a different focal length. This information can only be read using a bespoke and inexpensive lens. The biographical data page (figure 1) is further protected by a 2-D bar code, which contains (1) encrypted data from the MRZ and (ii) the best fingerprint template.
The latter can be used to verify - on a 1:1 basis - the fingerprint stored in the Radio Frequency Identification Device (RFID), thus effectively creating an additional security feature. Having a fingerprint embedded in a 2-D bar code is also very useful if no RFID reader is available. To improve security further, the laminate on the biographical data page contains holographic, AUV, overt, covert and forensic features. The page additionally features a machine readable zone with holder-related data, which has been encrypted using PKI.
STORING DATA IN RFID CHIP:
The RFID chip is sealed to prevent data being added to, or deleted from the chip.
THE LATTER CONTAINS A COMPATIBILITY WITH ICAO RECOMMENDATIONS.
=================================================================
Recommendations NADRA passport RFID
-----------------------------------------------------------------
Facial Recognition System Yes
Finger Print Identification (AFIS) Yes
Iris Recognition No
Operating Frequency of 13-56 MHz Yes
14443 A or B Yes
Write-once memory Yes
Data protected by PK based signature Yes
Durability of 10 years Unknown
Data storage in excess of 32K No, on 8K chip is used
Interoperable operating system Not yet - the new version is
being installed; it includes
the ICAO applet that provides
Basic Access Control.
=================================================================
=======================================================
Document type Type Rank 1 Rank 10
ID Card (low quality) 1:n 55.1% 64.5%
Passport (high quality) 1:n 89% 93%
=======================================================
Photograph (in ipeg format), the best fingerprint template, MRZ data (88 characters), a digital signature and the tracking number of the passport holder (fig.2)
COMPARING RESULTS TO ESTABLISH ACCURACY:
The National Data Warehouse contains more than 40 million photographs. As a consequence, the Pakistani authorities were able to test the accuracy with which ID card images are compared to passport images. To this end, a comparison system was loaded with 250,000 facial images.
Next, 3,500 image pairs were created (photographs of the same person, taken at different times), of which half were added to the comparison system. The other half was used to query the system. The results of the test are given in table 1.
A second test was conducted to determine the usefulness of using facial recognition software at immigration control points. As part of the test, 2517 image pairs (consisting of a passport image and a live photograph) were compared.
The live images were acquired at four airports and subjected to a 1:1 check. The results of the second test were much better going up to 95% at a threshold of the equal error rate (see figure 3). The above tests have highlighted that facial recognition solutions are not yet accurate enough to be deployed at unmanned immigration points. However, the quality of the jpeg image stored in the RFID was high enough to allow immigration officers to compare it to the photograph on the MRTD. The results of a 1:n check against a blacklist were less favourable.
For blacklist checks to become effective, they will have to be performed against several connected data sources (or even on the basis of additional biometrics, such as fingerprints). The use of larger (64Kb or 72Kb) chips, which must be justified on economic grounds, may also improve results.
PASSPORT MANUFACTURE AND ISSUANCE:
The application process can only be initiated if the applicant presents his or her national ID card (NIC). The card is read and all data, including the photograph, are transferred to the passport office system. Next, the passport office acquires two thumbprints, two index fingerprints and a high resolution digital image.
As part of the back-end process, the application data is verified using AFIS as well as a facial recognition system. Next, a government official accepts or rejects the application (to this end, he or she uses acceptance rules, which are embedded in the software).
The official is shown the results of the various verification procedures on a monitor. Should he or she decide to ignore the computer-derived recommendation, his/her reasons for doing so are recorded. The passport is manufactured at a central location in Islamabad, from where it is distributed to passport offices in Pakistan and aboard. Before the document is issued to the applicant, the latter's best fingerprint is matched against the data stored in the 2d bar code on the biographical data page. Assuming this check is successful, the applicant is handed his/her new passport.
AUTOMATED BORDER CONTROL:
The Pakistani authorities use the RFID data to authenticate the document holder, if need be on the basis of data stored on a central server. When inspecting new e-passports at Pakistan's airports, border officials adhere to the following procedures: The holder places his/her passport on the immigration counter. The RFID is read, the digital signature is encrypted, and the MRZ data is displayed on a monitor.
A photograph is taken of the holder and his/her live fingerprint is checked against the data stored in the contact less chip. Should the check be positive, a green tick will appear on the monitor; if a second level check is necessary, a red cross appears. As an aside, the immigration official and the passport holder see the results on identical monitors.
The immigration official enters the flight details, visa-related information and the name of the holder's father.
To speed up the above process, the immigration official could decide to verify the RFID photograph against an image database (on a 1:1 basis), thus avoiding the need to acquire a new image.
NADRA TEAMS UP WITH FIRST-CLASS SUPPLIERS TO DEVELOP QUALITY SOLUTION:
The success of Pakistan's new passport also reflects on Pakistan's National Database & Registration Authority (NADRA), which designed, integrated and rolled out the system within a mere eight months. In addition to being the first multi-biometric passport in the world, the solution developed by NADRA boasts the following features: NADRA's Data Warehouse includes what is probably the largest facial recognition system in the world, supplied by Visage.
NADRA uses one of the largest and fastest automated fingerprint identifications system in the world. The system, which was supplied by Sagem, is capable of checking 7 million fingerprints per second.
The data acquisition system used at all 410 registration centres and passport offices (both domestically and abroad) was supplied by Cogent, while the 8Kb RFID inside the passport booklet was sourced from inside Contactless.
NADRA's design envisaged a fully automated, end-to-end integrated system, requiring minimal human intervention. The present system is highly reliable and fully scalable; more than one million passports have already been issued while daily production volumes of 9,000 units are common.
AND TO CONCLUDE:
Pakistan's new electronic passport has been developed to reflect and support the country's concerted campaign against terrorism and frontier-running. The Pakistani authorities are not of the opinion that terrorists or criminals have an allegiance to a given country or state. In practice, they will probably favour a country whose passport is easy to modify of counterfeit. Until, of course, that country decides to issue a more secure passport.
Comments
Comments are closed.