ICAO 9303 PART 11
Machine Readable Travel Documents - Part 11: Security Mechanisms for MRTDs
|Publication Date:||1 January 2015|
The Seventh Edition of Doc 9303 represents a restructuring of the ICAO specifications for Machine Readable Travel Documents. Without incorporating substantial modifications to the specifications, in this new edition Doc 9303 has been reformatted into a set of specifications for Size 1 Machine Readable Official Travel Documents (TD1), Size 2 Machine Readable Official Travel Documents (TD2), and Size 3 Machine Readable Travel Documents (TD3), as well as visas. This set of specifications consists of various separate documents in which general (applicable to all MRTDs) as well as MRTD form factor specific specifications are grouped.
This Part 11 of Doc 9303 is based on the Sixth Edition of Doc 9303, Part 1, Machine Readable Passports, Volume 2, Specifications for Electronically Enabled Passports with Biometric Identification Capability (2006) and the Third Edition of Doc 9303, Part 3, Machine Readable Official Travel Documents, Volume 2, Specifications for Electronically Enabled MRtds with Biometric Identification Capability (2008).
This Part 11 provides specifications to enable States and suppliers to implement cryptographic security features for electronic machine readable travel documents ("eMRTDs") offering contactless integrated circuit (IC) read-only access. Cryptographic protocols are specified to:
• prevent skimming of data from the contactless IC;
• prevent eavesdropping on the communication between contactless IC and reader;
• provide authentication of the data stored on the contactless IC based on the Public Key Infrastructure (PKI) described in Part 12; and
• provide authentication of the contactless IC itself.
Additional access control to sensitive data (i.e. secondary biometrics) is not specified in this edition of Doc 9303, but national schemes to protect these data are allowed. An interoperable specification is foreseen for future editions of Doc 9303.
The authentication of the data stored on the contactless IC is the basic security feature to enable the use of the IC for manual and/or automated inspection. This feature is therefore REQUIRED.
Implementation of a protocol to prevent skimming of the data stored on the contactless IC and to prevent eavesdropping on the communication between IC and terminal is RECOMMENDED.
Implementation of the other protocols is OPTIONAL, allowing the issuing State or organization to decide on the necessary set of security features according to national regulations/demands.
This Part should be read in conjunction with the following Parts of Doc 9303:
• Part 1 - Introduction;
• Part 10 - Logical Data Structure (LDS) for Storage of Biometrics and Other Data in the Contactless Integrated Circuit (IC); and
• Part 12 - Public Key Infrastructure for MRTDs.