Creating trust across borders

January 2009 Access Control & Identity Management

Personal identity security is one of the great

concerns of the modern age and must be treated with the utmost seriousness. Stephan D. Hofstetter, head of product management at Trüb AG Switzerland, explains how they keep the forgers in check.

Security demands in the modern world continue to grow ever more complex. While on the one hand borders are opening up (for example, under the EU-Schengen agreement) that allow free passage for people without showing their ID cards, on the other, security measures are being tightened – both on borders and within individual countries themselves. Measures such as the Schengen agreement pose particular challenges for those in the security industry.

It is often said in the document security business that despite the great speed at which technology advances, simple forgeries may follow within a few hours of the original development. Rather than seeing this situation as a reason to throw in the towel and accept that we cannot beat the forgers, Trüb AG view it as being a constant challenge which motivates them to apply a variety of different scientific disciplines – electronics, cryptography and biometrics – to their documents so as to put even more barriers in their way, while facilitating the growing numbers of travellers.

Procedures and processes have been established for the integration of these technologies, both within the EU and internationally under the guidance of the ICAO. How they are applied in practice is largely left to the authorities in the countries which issue and receive the documents.

Making travel documents machine-readable

Come April 2010 travel documents must have a specified machine readable zone, referred to as the MRZ, if they are to be recognised as ICAO-compliant. The MRZ is a standard format code combining information about the document and the bearer which is used by automated border controls for registration and verification. Electronic passports, and the up-coming ID cards equipped with the same infrastructure as these passports, take the MRZ a stage further, in that a hash code generated from the MRZ is used to unlock the chip and secure the communication.

ICAO recommend border-control processes and provide guidance as to how machine readable and biometric upgraded documents can be fully exploited. The most robust biometric system remains the expert comparison of the photograph on the document with the person presenting it. The signature, on the other hand, has become less important in terms of border security and is now more relevant in the commercial environment, ie, banks/post offices, where this data is then evaluated by the police identification service.

The use of electronic biometrics (ranging from the manual comparison of the electronic photograph with the person to automated verification, or indeed identification) is regulated by governments. It is not expected that these systems will be used to check everyone across the board, but rather as a security feature in spot checks.

The 2010 deadline means that many countries need to review their current document systems. For several it will mean taking a first step into digital data processing. This provides a great opportunity for national authorities to employ a new generation of documents with new physical and process security.

In fact, to meet this deadline for machine readable passports, the SA Government Printing Works (GPW) has already invested in a multimillion Rand initiative that will see all SA passports being upgraded with enhanced security, making them virtually impossible to copy.

Physical documents – secure and enduring

It is increasingly the case that ID documents are being upgraded with logical security, ie, smartcard chips. However, this does not mean a corresponding downgrading of physical security. Instead, the trend is towards supplementing physical security with logical security.

In the secure document field there are some widely supported and recognised basic principles which have become established as good practice. The choice of a high performance, pure polymer material such as polycarbonate, with a well engineered structure of layers fused without adhesives, is crucial to ensuring long-term durability. Laser engraving is the perfect process for producing clear cut images on these kinds of documents, documents which are necessary for reliable identification and verification.

There are a multitude of security features available in the field. But what is important is that a good mix which addresses the various different levels of verification is established to secure, with an emphasis on the first level, verification without any special equipment. Examples of this include the embedded OVD, Dynaprint and Photolock. A further dimension – not to be neglected in the design of the protection concept – is the threat profile, because the measures chosen need to counter the different methods of data substitution and document counterfeiting.

Personalisation, the process by which individual bio-data, document data and perhaps chip-application code are generated and written to the virgin document, is another area crucial to data integrity and remains an ongoing challenge to improving document security.

ID documents are widely seen as being a particularly important aspect of national security, and are therefore designed with great care. That is why personalisation outside a country’s borders is very much the exception rather than the rule.


This feature supplements the optically-variable laser images with coloured envelopes in a pre-defined design. With its resistance to copying and imitation, DynaPrint represents an extremely efficient security element. (See pic a.)


Personalised data are exposed elements of the document, and must therefore be specially protected. PhotoLock achieves this through a unique combination of laser engraving and specific document treatment with an On/Off effect. (See pic b.)

Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Gallagher Security launches Augmented Reality Training in Australia
Gallagher Training & Education Access Control & Identity Management
Gallagher Security has announced the latest addition to its innovative suite of training solutions, Augmented Reality Training, demonstrating its continued commitment to innovation and improving access to security training opportunities.

Fluss launches the next wave of IoT solutions
IoT & Automation Access Control & Identity Management News & Events
Fluss has announced its newest IoT product; Fluss+ continues to allow users to manage access from anywhere globally and brings with it all the advantages of Wi-Fi connectivity.

The future of digital identity in South Africa
Editor's Choice Access Control & Identity Management
When it comes to accessing essential services, such as national medical care, grants and the ability to vote in elections to shape national policy, a valid identity document is critical.

Defending against SIM swap fraud
Access Control & Identity Management
Mobile networks must not be complacent about SIM swap fraud, and they need to prioritise the protection of customers, according to Gur Geva, Founder and CEO of iiDENTIFii.

Access Selection Guide 2024
Access Control & Identity Management
The Access Selection Guide 2024 includes a range of devices geared specifically for the access control and identity management market.

Biometrics Selection Guide 2024
Access Control & Identity Management
The Biometrics Selection Guide 2024 incorporates a number of hardware and software biometric identification systems aimed at the access and identity management market of today.

Smart intercoms for Sky House Projects
Nology Access Control & Identity Management Residential Estate (Industry)
DNAKE’s easy and smart intercom solution has everything in place for modern residential buildings. Hence, the developer selected DNAKE video intercoms to round out upmarket apartment complexes, supported by the mobile app.

Authentic identity
HID Global Access Control & Identity Management
As the world has become global and digital, traditional means for confirming authentic identity, and understanding what is real and what is fake have become impractical.

Research labs secured with STid Mobile ID
Access Control & Identity Management
When NTT opened its research centre in Silicon Valley, it was looking for a high-security expert capable of protecting the company’s sensitive data. STid readers and mobile ID solutions formed part of the solution.

Is voice biometrics in banking secure enough?
Access Control & Identity Management AI & Data Analytics
As incidents of banking fraud grow exponentially and become increasingly sophisticated, it is time to question whether voice banking is a safe option for consumers.