Cryptographically Secure Digital Identity with e-Passports at Scale 

Following the September 2001 attacks, the international community developed and adopted a new specification for the production of electronic passports (e-passport) to increase the security of these travel documents and reduce the risk of counterfeits and forgery.  

An e-passport is embedded with a contactless chip which stores the traveler’s biographic information as printed on the data page, one or more biometric identifiers such as photo, fingerprints, or iris, and other optional information. The issuing country digitally signs the chip to provide authenticity and prevent the modification of its data. Border inspection systems can 1) verify the identity of the passport holder using the chip’s biometric data and 2) verify the authenticity of the document and the integrity of its data using the chip’s digital signature and the issuing country’s root certificate. The introduction and utilization of the e-passport has significantly strengthened US border security.  

Today more than 150 countries are issuing e-passports and an estimated one billion e-passports are in circulation.  

In 2010, the US Government Accountability Office (GOA) recommended that the built-in security mechanisms of e-passports be leveraged to promote national security by verifying the authenticity of e-passports used for entry to the US (https://www.gao.gov/products/gao-10-96 ). These built-in security mechanisms involve:  

1. Connecting to the e-passport chip and retrieving the traveler’s data electronically.  
2. Verifying the traveler data by cryptographically validating the digital signature on the passport against the issuing certificate authority.
   

In 2021, Dev Technology assisted the US Government in developing a web-based RESTful travel document security authentication service currently in production today. This service puts the security verification process capability within the government’s existing secure infrastructure. It is configurable and customizable to tailor to specific use cases across the government and can be independently scaled to meet current and future demands.  

Dev Technology is proud to contribute to an enhanced portfolio of products and services by developing document authentication services allowing wider utilization of traveler identity verification across the government. Security and digital identity systems are core competencies for Dev Technology. Government employees and program managers who would like more information can request full briefs by emailing info@devtechnology.com.