The ICAO's (International Civil Aviation Organization) document 9303 specifies the technical framework for the electronic passport (ePassport or Machine Readable Travel Document—MRTD). The technical specifications in this document were standardized by the ISO/IEC and included in ISO/IEC 7501.
The passport standards cover two generations of electronic passports: first-generation passports (BAC—Basic Access Control) and second-generation passports (EAC—Extended Access Control).
Safelayer offers a complete set of the PKI components required for deploying citizen identification and first- and second-generation ICAO BAC and EAC ePassport solutions. It also provides the technology necessary for managing the National Public Key Directory, N-PKD, and implementing the Single Point of Contact (SPOC) service, a critical component in the security infrastructure required for deploying new electronic passports in Europe and other countries that facilitates the interconnection of the National PKIs.
Safelayer has a complete software solution for the PKI of the ePassport, both for the first phase, ICAO/BAC, and the second, EAC. The KeyOne products for the ICAO/BAC ePassport include the following components:
- CSCA (Country Signing Certification Authority): manages the digital certificates of the national Document Signers (DSs) and the publication of the ICAO PKD.
- DS (Document Signer): signs the digitized data stored on the ePassport's chip.
- N-PKD (National Public Key Directory): manages the ICAO Public Key Directory.
The KeyOne products for EAC ePassport include the following components:
- CVCA (Country Verifying Certification Authority): issues the CV digital certificates to the Document Verifiers (DV).
- CVRA–SPOC (Country Verifying Registration Authority–Single Point of Contact): Web services interface for the automatic operations (DV certification) and the notifications (suspension of CVCA service, compromised DV keys, etc.).
- DV (Document Verifier): acts as a subordinate CA issuing the CV digital certificates to the national Inspection Systems (IS).