The United Nations aviation agency ICAO has announced new steps to strengthen modern border security through the online issuance of a new “Master List” of e-passport authentication certificates
Using its position as “the nexus for international passports and associated standards development” the organisation is uniquely placed to introduce its ICAO Master List, which contains the Country Signing Certificate Authority (CSCA) or ‘root’ certificates used in the e-passport digital signing process. The list can be used with existing sources of certification, such as those disseminated through the ICAO Public Key Directory (PKD) and by national authorities.
More than two-thirds of States issue e-passports today, making use of their chip-based features to store traveller identity information and to leverage the win-win benefits which chip-based documents provide in terms of strengthened security features and shorter processing times for cross-border travellers.
The chips are digitally secured or ‘signed’ by the issuing authority, using enciphered data in the form of linked private and public ‘keys’ which are generated by cryptographic algorithms. The security of the verification process is further strengthened by the need for a digital authentication certificate issued by a reliable authority which binds the public key with the traveller’s identity.
“Assuring the evolution of new digital identity innovations”
Discussing the news, ICAO Secretary General Dr. Fang Liu, said: “Improved access to the authentication certificates will enhance global e-passport validation effectiveness, in particular for authorities which have faced difficulties in obtaining them in the past. And, importantly, all the certificates in the Master List have been personally delivered to ICAO by its Member States, thereby enhancing the mutual trust upon which secure and efficient e-passport verification must depend.”
“We are also making these certificates available for non-state non-commercial use,” Dr. Liu clarified, “in recognition of the inherent public good in assuring as wide a capability to authenticate e-passports as is feasible. Assuring these capabilities is critical to assuring the evolution of new digital identity innovations, and in particular our ongoing work on a new Digital Travel Credential (DTC). “
The validation of e-passports and DTCs by non-state entities, including the private sector and the travelling public, is envisioned today in the context of several seamless travel initiatives. But just as with nationally-issued e-passports, all digital identity initiatives must fundamentally rely on the availability of the CSCA and other certificates required to assure their secure verification.
The new development on behalf of ICAO serves to bolster the traveller identification management processes which are so important to modern aviation security and passenger facilitation approaches. These and other priorities are currently being pursued by ICAO Member States in the context of the UN agency’s Traveller Identification Programme or ‘TRIP’ Strategy, which ICAO launched in 2013.