Our identification documents protect our identities – therefore, we must protect our IDs. Today, most of our IDs are electronic (so the term e-ID is also used): the integrated circuits of RFID chips are less than a millimeter thick and built into our personal documents as a simple inlay. As described in a previous article, chips add to the overall security of our documents and take an important role in our digital ecosystem as well – from travel to governmental administration.
However, added security may also represent additional threats because of forgers and data scammers. RFID chips must be protected from alteration, copying, or unauthorized access.
This article will explain what security measures an RFID chip applies and how these work in practice. Attention! Many abbreviations ahead, but not without explanations.
Twofold Security: Access and Authentication
The protection of RFID chips is twofold:
- first, a chip must be protected from unauthorized access (these measures are called Chip Access Control), and
- second, the chip should prevent copying or alteration (these are chip authentication measures).
Both types of protection have been developed by the ICAO, involving major ID document and chip manufacturers and the BSI (Bundesamt für Sicherheit in der Informationstechnik – the German Federal Office for Information Security). These ways of protection have been evolving over the last few decades, continuously adapting to the current needs and making IDs more secure.
Authentication Protocols for Access Control
What if a wrongdoer wants to access the RFID data of a passport without having it in their hand? A strong antenna makes it possible unless the passport has a so-called access control system.
Basic Access Control
The first of its kind was called Basic Access Control (shortly BAC), introduced in 2005 for German passports. This mechanism lets the terminal open the chip only if the terminal proves that the document is physically there. If some passport data is provided to the terminal, the terminal will assume that the access is authorized: it works based on the MRZ (Machine Readable Zone). First, the reader terminal recognizes the MRZ and compares it with the digitally stored MRZ (chip data) that is publicly available. If there is a match, the terminal allows the opening of further contents of the chip.
Supplemental Access Control
BAC needed to become more secure, as most parts of the MRZ are not so unique that they could not be guessed. BAC-protected documents could still be accessed using hacker algorithms and the right pieces of information. This is why ICAO defined a new set of protocols to avoid skimming and eavesdropping. Following the logic of BAC, ICAO introduced PACE (Password-Authenticated Access Control) for a higher level of security.
If a chip has PACE protection, it requires an additional code besides MRZ. This code is a part of the ID and cannot be guessed as easily as MRZ. It can be implemented in various ways. Most commonly, ID manufacturers put a special code on the document during the personalization process. This is the Card Access Number, shortly CAN. Using MRZ and CAN, the secure data communication channel builds up in a similar way as in the case of BAC. In the last few years, ID manufacturers have been definitely moving towards PACE.
Extended Access Control (shortly EAC) was recommended by ICAO as an optional security feature (additional to Basic Access Control) for restricting access to sensitive biometric data in electronic travel documents (fingerprint in data group 3 and iris in data group 4). Instead of detailed regulation, ICAO only posited the requirements: the chip must contain individual keys and processing capabilities, and additional key management is required. However, ICAO leaves the actual solution open to the implementing countries: in the EU, for example, EAC is resolved by the combination of two special authentications called Chip Authentication and Terminal Authentication. Read further to get familiar with these types of authentication.
Chip protection & authentication
When analyzing the security of RFID technology, we must talk about the encryption of the chips, too, considering several questions such as:
- How do we know that the stored data is genuine?
- Is the reader terminal authorized to read out the data? What is needed for that?
- How is the stored data protected against copying or altering?
These questions lead us to the topic of chip authentications.
Passive Authentication was developed to ensure the data integrity of the chip. It is performed by the verification of digital signatures. There is a separate piece of data in the chip (besides the data groups) called EF.SOD. It contains an encrypted representation of the entire content of the chip. To verify the chip content, each country created a so-called CSCA (Country Signing Certification Authority) that certifies bodies responsible for issuing the passports (e.g., the state printers, embassies, etc.). These bodies are called Document Signers. Data in the passport are then signed by one of these Document Signers. To verify signatures, the CSCA certificates of the issuing country must be available, and their integrity must be guaranteed. Countries use the diplomatic exchange of the CSCA certificates.
Passive Authentication is suitable for preventing alteration of the chip content. However, it cannot be used against making an identical copy of it (cloning), so we must pursue this topic further.
To prevent cloning, e-IDs introduced Active Authentication: a combination of secure cryptographic techniques. Its main element is an asymmetric key pair stored in the chip. Whereas the public key is freely readable (stored in DG15, and its hash is digitally signed), the private key is not readable from the chip. Its presence can only be verified using a challenge-response algorithm (based on ISO 9796-2). You cannot find Active Authentication in all e-passports, as it is optional, not obligatory.
Chip Authentication (CA), was created to have stronger encryption than in the case of BAC (to eliminate the low entropy of the BAC key). CA is performed by communicating private and public keys, using the secure Diffie-Hellman key pair logic.
So Many Options: Which Is the Best?
It is easy to get lost amongst so many types of authentication – and you may ask: are all methods used in the same ID, or maybe just some of them? It depends on the type of ID and the regulations of the issuer country. For example, in the European Union, machine-readable travel documents must include PACE (BAC), Passive Authentication, and Therminal Authentication, according to the guidelines of BSI.
How To Select The Right RFID Reader Terminal
While optical security features can be authenticated both by manual inspection and digital imaging, to verify (and read) RFID chips, a digital device is needed. However, in the case of international travel documents, this device must be capable of OCR (Optical Character Recognition) as well in order to perform the access control functions explained above.
These devices, called passport readers or ID scanners, should comply with the latest RFID technology.
- Hardware-wise, the included antenna and the RFID controller should comply with the reading frequency requirements and provide stable data transmission.
- Software-wise, the automatically performed RFID checks should comply with the latest standards and should be able to store and use the required certificates.
When developing Osmond, our latest passport reader device, we focused on RFID compliance: knowing that our products are used even in the most demanding applications like border control, we aimed for uncompromised RFID reading performance. As a result, the device includes several pre-installed RFID certificates to make RFID communication easier and offers a user-friendly interface to easily upload the latest certificate files to the terminal. On top of that, Osmond – just like its predecessors – complies with the strictest RFID standard as well: BSI TR-03105.