By Carsten Müller und Birte Bräutigam, Giesecke & Devrient
Since January 15, 2005, the eVRC (electronic vehicle registration card) has been a valid option for member countries of the EU. Requirements placed on the card body and the electronics as well as the outlook for the future are presented below.
Introduction of the eVRC
Owing to the rising number of electronic and telematic applications in vehicles, such as digital tachograph cards in road freight transport, the EU issued Directive 2003/127/EC in December 2003, allowing all member countries to introduce an electronic vehicle registration card as an alternative to the paper format. The card replaces previous documents regarding the registration and ownership of the vehicle concerned.
The introduction of the eVRC will not only simplify vehicle checks by the responsible authorities at home and abroad but also make them more reliable. Thanks to the integrated microprocessor, the vehicle data can be read more quickly and reliably, and sent to a central registrar for verification if necessary. This verification is automated, providing a real advantage to traffic ordinance officials: the vehicle registration number or the name of the vehicle owner need no longer be radioed in or entered into a computer on site but can be transferred simply by pressing a button on a handheld device. It is also easier to compare the eVRC with the vehicle class permitted on the driver’s license. What’s more, the standardization of the vehicle registration card laid down in the EU’s layout specifications makes the checking process simpler when, for example, a vehicle is registered in other EU countries.
Electronic vehicle registration cards have been in discussion for a number of years, but up to the end of 2009, none had been introduced. Since 2009, however, member countries and their transport ministries have shown increased interest in the introduction of a highly secure electronic registration document. Slovakia, Austria and the Netherlands are leading the way and are implementing the eVRC already.
Apart from a few exceptions, nothing will change in terms of the data recorded on the eVRC compared with the previous registration documents.
Requirements for the card body
The technical characteristics of the eVRC have to be compliant with ISO 7810 and smart card format ID-1. The card body must guarantee a service life of at least 10 years, which reduces the selection of materials to polycarbonate and a few composites. Most of the member countries are expected to opt for proven polycarbonate. To ensure a high security standard, the EU has specified optical (card body) as well as electronic (chip) security features.
At least three of the following security features must be included on the card body:
- Iridescent printing
- Guilloche printing
- Laser engraving
- UV ink
- Optically variable ink (OVI)
- Inks with temperature-dependent color
- Optically variable images
- Variable laser images (MLI, CLI)
The aim of these features is to achieve a security level to match that of highly secure national ID cards, driver’s licenses and tachograph cards at European level. As is the case with all national documents, ultimate responsibility for issuing them rests with the individual country’s administration. This means there will be differences in the implementation of design specifications and the use of security features, reflecting the history of the particular country, differing security sensitivities, the desire for additional features, and the willingness to accept new card developments.
Smart card manufacturers are making great efforts to stand out from the competition by way of security features. This opens up numerous opportunities for each member country to make the ID documents secure by means of further innovative features, such as:
- Personalizable holographic security threads
- Tilt images based on innovative lens structures
In addition to the various security features, two different options are also available for the layout. The countries can choose between portrait and landscape format – a decision that also depends on what additional data is to be accommodated on the card.
Requirements for the electronics
In addition to the physical security features, the EU Directive specifies the framework for the electronic components incorporated in the eVRC. To start with, the vehicle registration card must be fully compliant with the requirements of the ISO 7816 standard. The eVRC is a single-chip application for the secure storage of vehicle registration and owner data. Under the Directive, the data stored on the chip must be identical to that displayed on the card body, while it is left to member countries to store and display supplementary data, such as additional vehicle owners, at their discretion. In view of the security requirements, the vehicle registration application must be certified in accordance with Common Criteria EAL 4+.
The EU Directive allows for various interpretations as to how the listed requirements regarding data structure, file content, and file access should be implemented. In the simplest option, the data stored on the chip can always be read without restriction but can never be changed. The other extreme of implementation would be a complex role model with a wide range of different access conditions for different data and groups. The latter option would, however, require a sophisticated infrastructure and enormous investment. For this reason,. At the same time, ‘simple’ does not necessarily mean cheap or easy to implement.
Content of the eVRC
Depending on which application variant is implemented, the electronic vehicle registration card will offer greater scope than just being able to read the data on the chip. An expanded application – as on the healthcare cards used in Germany – enables the addition of further data or changes to the data initially provided by the issuing member country. Just as the various health insurance companies in Germany control write access by using specially equipped terminals, the responsible national authorities – such as the transport ministry – will supervise the eVRC.
An overwrite option can, for example, be useful where vehicle modifications or tuning require changes in registration that are not personalized on the card body. As already mentioned, however, the necessary infrastructure has to be provided for this, which will represent a major obstacle in terms of introduction and administration costs.
What is more, if basic data such as the name of the vehicle owner or the address is changed, the effort and expense involved in overwriting is generally not worthwhile, as the data on the chip and card no longer match. In this case, it is better to issue a new card to avoid discrepancies during checks, vehicle purchases, sales, etc. Often it will be considerably easier and cheaper to replace a card that no longer has the correct content with a new one – especially in view of the average period of vehicle ownership.
For all variants of the eVRC, read access is permissible without restriction for any agency that has the right equipment. As far as write access is concerned, the data can only be changed by the member country that issued the eVRC. This is ensured by the previously mentioned role model, the requisite PKI infrastructure, and the use of asymmetric cryptographic methods.
The future – leveraging synergies
The cards can be read using handheld devices, which have to be provided to the control agencies by the national authorities. Alongside the eVRC, driver’s licenses, and, in particular, tachograph cards are being issued as smart cards. Given the similar file and data structure of these cards, this could enable synergies to be exploited by using a general-purpose handheld device.