In the twelve or so years since ePassports have been in widespread
circulation, the technology used to protect citizen information has evolved,
expanded and improved. One thing that’s stayed the same, though, is
how data is programmed and saved in the chip. Every ePassport that’s
been issued to date uses the same format, known as the Local Data Structure
(LDS), to store and “seal” data to protect it from tampering.
The data that’s embedded in the chip when the ePassport is issued
remains read only for the life of the document, and can’t be modified.
But that’s about to change.
The International Civil Aviation Organization (ICAO), the United Nations
agency that oversees international air travel and defines standards for
international travel documents, including ePassports, is working on a new
version of the LDS, known as LDS2. LDS2 will retain backward compatibility
with LDS while adding a read-write function. It will extend the use of
ePassports by adding applications that make it possible to store travel data
(such as visas and travel stamps), along with other information, such as more
advanced biometrics or special programs for frequent travelers.
More Flexibility, More Security
LDS2, which is about a year away from being made final, promises to make the
act of crossing a border easier, faster and more convenient. Added security
features will also strengthen the ePassport’s ability to deter
counterfeiting, copying and unauthorized reading or writing. With LDS2, the
ePassport chip will be able to run several applications that will increase
efficiency, lower costs and add security. Here are some examples:
-
Electronic Travel Stamps – The stamps that show were a
traveler has been, and when, will become digital, creating greater
consistency, enhanced security, easier access to the information and faster
viewing of key details.
-
Electronic Visas – The authorizations that let people enter
and stay in a country will become digital, too. An embassy will be able to
generate an electronic visa and add it to the chip, making it easier for
people to get their authorizations in order.
-
Added Biometrics – It will be possible to add a new
biometric (such as a fingerprint or an iris scan) after the passport is
issued. Countries will have more choice in national policy, and people can
choose to submit biometrics if they want to participate in a
trusted-traveler program.
What Does This Mean for the Future?
The roadmap for LDS2 introduces new concepts, in terms of how we collect and
use information about people. How we treat these new concepts has far-reaching
implications. Several international groups are looking at these implications,
and we at NXP welcome this discussion.
As a way to promote that discussion, we thought we would present some of the
more philosophical questions prompted by ePassport roadmaps. We don’t
offer the answers, or recommend a particular approach, but instead aim to
create conversations that take technology in a direction that makes sense for
everyone.
-
Are Government-Issued Credentials the Only Option? Up to now,
government agencies have typically been the ones to issue credentials. But
what about the other credentials that people use in their day-to-day lives?
Is there a way to consolidate the credentials for government programs,
banking applications – and even social media – so there are
fewer credentials to issue and maintain?
-
What’s the Best Way to Update Credentials? The LDS2 format
can accept new data, and is designed to keep documents up to date, but where
should those updates come from? People use social media to update personal
information, especially photos, on a regular basis. Should data from social
media be a contributor to citizen information, and used as the basis of a
credential?
-
How Much Information is Enough? Future versions of ePassports will
be equipped with larger memories, capable of storing much more than they do
now. What data might we gather, who might use it, and for what purpose? How
can we ensure that any information we collect is used only in a beneficial
way?
-
Should There Be a System for Unique Personal Numbers (UPNs?) The
United Nations is already working with governments to create consistency for
national registries. What about creating an international registry, with a
UPN assigned to every person on the planet? Is it even possible to get
widespread support for such an idea?
These kinds of questions help us define what, exactly, we mean by privacy,
security and even identity itself. We think it’s important to keep
reviewing these questions, as the digital era evolves, to ensure we meet
everyone’s goal of using technology in a way that delivers the greatest
benefit to all.
If you’d like to learn more about NXP’s view on the future of
ePassports,
download our white paper, which discusses these points in more detail.
Join the conversation
What do you think about having a passport that includes electronic travel
stamps, visas and biometrics? What are some of the applications you might
want to have connected to your passport? Do these new technologies influence
your view of privacy, security or identity? What are some of the questions
you think developers need to address as they move ahead with ePassport
technology?
