by Infineon Technologies
A Visa-sticker or ink stamp is an indicator to the right of access for a short term visitor to a country issued at a border control point. Today around 40 states worldwide use e-Gates to speed up the border control process. Many such systems are based on the ICAO Standard and/or using Registered Traveler Programs. Synergies between Visa and e-Gates/RTP are possible to address frequent travelers who also be issued a Visa. Using the ICAO 9303 Standard reduces cost, risk and development time for e-Gates/RTP as well as replacing of Visa-sticker and/or –stamps. The following article reviews the background and benefits.
1. Registered Traveler Program
Registered Traveler Programs (RTP) has been set up to speed up the border control process. The main target is to replace manual processing, with border police, control box and inspection systems with either an MRZ-scanner to automatic processing based on electronic ID document inspection and document holder verification and/or verification of the travelers data, including biometrics held on a server.
As named, a pre-travel registration of the participant of these programs is needed. These programs can run at so-called “green border” on land, “blue border” at sea and at airports, as both online and offline verification is possible. By the end of 2011 more than 40 States worldwide will have a RTP in use. The main pressure on such program is at international airports, especial airport hubs, like Narita-Tokyo, Abu Dhabi International Airport, Changi-Singapore, Fraport-Frankfurt and Heathrow-London.
1.1. Scope of e-Gates
The objectives of an Automatic Border Control (ABC) system are to:
a) Improve passenger clearance without increasing staff costs (efficiency),
b) Make the process easier for passengers (convenience)
c) Enhance precautions against fraud (security).
1.2. Scope of user group
Frequent travelers are the main target on ABC-programs. This frequent traveler could be a commercial citizen of any country in some cases, a service provider such as caterers or baggage handlers, or members of airline crews.
1.3. Scope of ID-documents for RTP and e-Gates
An ABC-system enables automated or semi-automated border control that can be operated with an eMRTD, RTP-Card, National eID-Card or without a token. References are available on all four approaches:
• e-Passport, complying with ICAO 9303, e.g. in Australia, Serbia, UK, Germany etc.
• e-Registered Traveler Program with token, e.g. in Netherlands, France, Japan, Oman, UAE, Bahrain, the US
• National eID-card, e.g. in Hong Kong, Spain
• e- Registered Traveler Program without token, e.g. Germany (ABG), UK (IRIS)
With the selection of ICAO 9303 the biometric data set, the electrical security and technologies for the token are well defined.
The lifetime of specific RTP-token are limited typically with 1 year, the life time for eMRTD and national eID cards are typically 10 times longer. In some cases, the specific RTP-token gives the budget to realize a commercial business case on e-Gate infrastructure as airports. Participants of an RTP-program may pay fee to accredited 3rd party identity checking enterprise for a RTP-token.
1.3.1. e-Gates based on eMRTD
The face recognition based on eMRTD was first trialed in 1999 at Kuala Lumpur International Airport (KLIA) in Malaysia. A document validation check and a passenger identity check, monitored by border police, are the cornerstones of this implementation. The Ministry of Interior selected face recognition as the biometric. There were no standards for the biometric data set (e.g. ISO 24727) or the biometric photo in travel documents (e.g. ICAO 9303) at this time. When the new standards for travel documents were introduced in 2004, some countries started using eGates based on these new standards plus biometrics, such as Thailand (2005), Portugal (2007 – RAPID), Australia (2008 – SmartGate), Germany (2009 – easyPASS) and Serbia (2010). Serbia had one of the first implementations, which used fingerprint recognition technology alongside standard travel documents. France was expected to take a similar approach in 2011. The traveler’s two fingerprints are flat scanned and stored electronically in the document.
A central register of the booklet holder’s biometric data is not always needed and in some countries not implemented because of privacy requirements. There are now three generations of travel document:
• 1G, Face, protected by ICAO BAC; in use since 2006
• 2G, Fingerprints (2x), protected by BIG EAC; in use since 2009
• 3G, Face, protected by ICAO SAC; roll out expected in 2012
A full set of biometric data in the travel document and the related data access security framework typically takes about 10 to 20 seconds to read. This includes reading and verifying the full electronic data set including biometrics and credentials, terminal authentication and MRTD – authentication. If only the facial image and digital credentials are verified this can be reduced to under 5 seconds.
The facial image data set in travel documents is usually compressed using JPEG or JPEG2000 to around 12 Kbytes. Fingerprint images use a similar high resolution and are about 18 Kbytes per fingerprint.
Because of normal issuance cycle it takes up to 10 years to replace all old-style non-biometric travel documents. This means, for example, that it will be at least 2016 before all of Europe’s travelling citizen’s have electronic documents containing biometrics. This has implications for the current trade in fraudulent documents, but also highlights the need to start using eGates or at least manual electronic authentication, otherwise illegal travel documents will continue to be used.
1.3.2. e-Gates based on RTP-token
One of the examples of RTP based on special RTP-token was a scheme at Schipol Airport in the Netherlands in 2002, called Previum. Similar projects have been set up in Israel at Ben Gurion International Airport (2004), in the US at JFK International Airport (2005), in Japan at Narita Airport (2006), in the UK, at Heathrow Airport (2006), in France at Charles de Gaulle Airport (2006), in Oman at Muscat International Airport (2007), in Canada at Ottawa International Airport (2008) and in the UAE at Dubai International Airport (2009). Most of these are stand alone commercial schemes installed with the support of the local authorities but are not interoperable.
Passenger data including biometric data is held centrally to allow three-factor authentication.
Various local biometric data formats are in use, varying from image to template and ISO standard or non-ISO standard.
Registered ttravellers pay additional fees to participate in such schemes. This ABC technology typically takes around 5 to 10 seconds to process each traveler’s document.
1.3.3. e-Gates based without RTP-token
A key example of a RTP-program without token is the ABG system at Frankfurt Airport (Fraport), in Germany, which was piloted in 2006. This eGate system is based on a central registration database of iris template data sets. The passenger’s iris image needs to be captured pre-flight. Participation in this scheme is free of charge and voluntary for the passenger. It takes no more than 15 seconds to process each passenger.
A similar system has been installed in airports across the UK since 2004. More than 100,000 users have been registered, mostly from the UK but from elsewhere worldwide as well. It is free to use, and has a typical cycle time of around 20 seconds. But with only a few eGates per terminal, the queue to use the system can be quite long at times, and several IT issues have affected system availability. The databases are kept by the national authorities and the schemes are not interoperable.
1.3.4. e-Gates based on National eID-Cards
A RTP based on national eID was first used in Malaysia in 1998, called MyKad at KLIA. The first instance in Europe was tested in Spain in 2010. The Spanish ID card, DNI, was used at Madrid Barajas Airport. Germany tested a system with ID card, nPA initially at Fraport, Frankfurt.
Three biometric technologies are in use: facial images in Malaysia, rolled fingerprint images in Spain and flat finger in Germany.
The biometric data needs to be held centrally.
It takes no more than 5 seconds to process each passenger. As these schemes are national-ID card-based, they are for local citizens only.
2.1. Scope of Visa and Processing
Visa processing is a kind of registered traveler program, with focus on a different class of short term visitors. There are various visa-waiver programs for example that of the USA, and the EU. Visitors to the EU who are non-EU citizens and from a non-VWP-country need a valid visa to country. These maybe “tourist Visas” for short term visitors who have no right to work or stay longer than an agreed period, or another classification which permits a longer stay and the right to study, or work. To get a visa, the citizen must start an application process at an embassy of the target country of the visit. To get a EU Schengen area visa the citizen bring a photo and display 10 fingerprints on biometric scanner, pay fee, fill in an application form and get some days later an ID2 sticker based on the ICAO recommendation 9303_2, with printed MRZ, photo, name, given name, validity of the document. In case of the Schengen visa the print document have some optical security features, like Guilloche print, rainbow-print and a hologram.
The validity of visa is very limited by some days. In the case of EU Schengen area visa the limit is defined as 90 days. This could be must shorter, e.g. between China and Hong Kong, with 16 days.
Electronic visa means online registration and online fee payment before traveling into a country. Such kind of an e-visa processing is in use for example in Australia (ETA), Armenia, Bahrain, Cambodia, Nigeria, US (ESTA), and Oman.
2.2. Range of Visa type ID-documents for Travelers
Visa could be a stamped ink image – one stamp on the day of entry and one stamp on the day of exit – in the MRP-booklet as well as a sticker. The sticker could have an individual size like a stamp (for example in Egypt) or an ID2-format (for example in Europe). The ID2 format can carry a MRZ-line (for example in China), ID2-sticker without MRZ-line is also in use (for example in India). In some cases the visa is also a landing permits and has a 2D barcode (for example in Japan).
2.2.1 Electronic Visa document
Four different approaches are the pipeline:
a) ID2-sticker with microchip
b) ID1 (Smart Card), as family concept with the electronic residence permit
d) ID1 (Smart Card), combined with a RTP
2.2.2. ID2-Sticker with microchip
This idea was tested and evaluated in the CY 2004 and 2005 based on the current ISO 14443 Standard for the RF-interface. These tests have shown a physical limitation of maximum 10 Visas, placed in an ID3-booklet. With such knowledge ICAO NTWG does not promote this approach anymore.
2.2.3. ID1 (Smart Card) as family concept
This approach is in discussion at UK Border Agency (UKBA) for over two years. The idea is, to issue an ID document, a so-called “biometric residents permit” , to long term visitors (e.g. students) or asylum seekers a document which defines their right to stay for a prescribed time. With this approach all foreigners (Non-EU citizens) data including the person information, biometric data (face, 10 fingerprints) and status information could be stored in the same data base. One data base support quick digital reviews on “overstayer”, no fly lists, wanted lists and persons previously refused access into the country. Similar schemes are now being put in place across the EU as BRP are required by EU Directive.
2.2.4. ID1 (Smart Card) combined with RTP
Another option is a combination of the registration of visitors to get a visa with the issuing of a RTP-token in a format of a smart card. This approach is of interest in case of frequent traveler. First example of this is the frequent pass for citizen from Hong Kong traveling frequently to mainland China. To use proofing technology the government has selected the ICAO frame, means ICAO data group (LDS 1.7), ICAO biometric (face photo) and ICAO security (BAC).
3. Synergies between Registered Traveler and Visa for frequent traveler
Many benefits are achievable with the synergy of RTP and visa processing in case of frequent travelers. Some examples are
a) Databases can be simplified; this allow more precise and faster cross-checks
b) Documents can have common design and security features; this reduces cost for data
capturing, document production and document issuing.
c) Border control equipment can be simplified; this reduces capital costs and complexity of
d) Border staff training and effort reduction; reducing of fatigue effects and costs and
improving time to focus on anomalies and fraud.
e) Traveler clearing rate can be increase dramatically.
f) Waiting time at border control station can be dramatically reduced.
3.1 Steps required aligning eRTP and eVisa programmes
The conformity of the data sets is a key step, the data gathered by the RTP scheme may, especially if managed by a 3rd party not be aligned with that of the Visa issuance process. When aligning these two data sets it may be an option to consider the latest data file format supported by ICAO, this will provide a basis for long term interoperability not only on a nationally but regionally as well. The latest specification is the ICAO LDS2.0
3.1.1 ICAO LDS2.0 Options
LDS2.0 is since 2010 in the standardization process. Today all MRTDs use the Logical Data Structure (LDS) V1.7. In the ICAO NTWG an extended data set combined with an extended security set for extended application is in definition, named LDS2.0. One possibility could be a travel record data set stored in the microcontroller of the MRTD-booklet. With this approach, the border police can get the standard data set of the MRTD with name, given name, MRZ No, validity of the document, country of issuing of the travel document and photo of the holder as well as the information of all previous travels
3.1.2 Commonality of Verifications
Trust in the unseen electronic interchange between a scanner, the server and the border control point is crucial, not only for border control authorities but for the citizens they are trying to protect. If the data gathered by the various schemes is valid, then electronic certificates are issued and stored in the servers and in some cases the token the travelers hold. These certificates must be verifiable at all points of entry and within a country. The cross-certification process between RTP and Visa schemes requires further levels of trust to be built up, not only at the electronic level but at the operational levels between the schemes
If Visas and Register Traveler Programs are aligned the synergies that result bring benefits to all the stakeholders in the travel industry. It would seem logical that in the future Visa schemes and RTP schemes should have interoperable tokens as well as back office controls. This might increase the consumables cost i.e. when comparing an inked stamp to that of eVisa but the reduction in fraud, ease of use for the traveler and reduction in time taken at manual border controls would be immense. It would increase trust in users and reduce the growing plethora of non-interoperable schemes which when operated independently offer the highest security to the travelers or offer efficient use of resources.
ABG Automatische Biometrische Grenzkontrolle (automatic biometric border control)
ABC Automatic Border Control
API Advanced Passenger Information
BAC Basic Access Control
BIG Brussels Interoperability Group
BRP British Residence Permit
CY Calendar Year
DNI Documento Nacional de Identidad (national ID card; Spain)
EAC Extended Access Control
eMRTD electronic Machine Readable Travel Document
eRTP electronic Registered Traveller Program
ETA Electronic Travel Authority
ESTA Electronic System Travel Authorization
EU European Union
1G/2G/3G 1st generation, 2nd generation, 3rd generation
ICAO International Civil Aviation Organization
ID1 Identity document format, according ICAO standard
JPEG Joint Photographic Expert Group
KLIA Kuala Lumpur International Airport
LDS Logical Data Structure
MRTD Machine Readable Travel Document
MRZ Machine Readable Zone
NTWG New Technical Working Group
nPA neuer Personalausweis (new ID-card; Germany)
PNR Passenger Named Record
RTP Registered Traveller Program
SAC Supplemental Access Control
UKBA United Kingdom Border Agency
VWP Visa Waiver Program
2D Two Dimensions