The International Civil Aviation Organization (ICAO), a United Nations agency, has taken steps to strengthen modern border security through the online issuance of a new “Master List” of e-passport authentication certificates.
“Improved access to the authentication certificates will enhance global e-passport validation effectiveness, in particular for authorities which have faced difficulties in obtaining them in the past,” stressed ICAO Secretary General Dr. Fang Liu. “And importantly, all the certificates in the Master List have been personally delivered to ICAO by its Member States, thereby enhancing the mutual trust upon which secure and efficient e-passport verification must depend.”
The new ICAO Master List contains the Country Signing Certificate Authority (CSCA) or ‘root’ certificates used in the e-passport digital signing process. Its publication complements existing sources of certificates, including those disseminated through the ICAO Public Key Directory and by national authorities.
“We are also making these certificates available for non-state non-commercial use,” Dr. Liu clarified, “in recognition of the inherent public good in assuring as wide a capability to authenticate e-passports as is feasible. Assuring these capabilities is critical to assuring the evolution of new digital identity innovations, and in particular our ongoing work on a new Digital Travel Credential (DTC). “
More than two-thirds of States issue e-passports today, making use of their chip-based features to store traveler identity information and to leverage the benefits which chip-based documents provide in terms of strengthened security features and shorter processing times for cross-border travellers.
The chips are digitally secured or ‘signed’ by the issuing authority, using enciphered data in the form of linked private and public ‘keys’ which are generated by cryptographic algorithms. The security of the verification process is further strengthened by the need for a digital authentication certificate issued by a reliable authority which binds the public key with the traveler’s identity.
The validation of e-passports and DTCs by non-state entities, including the private sector and the traveling public, is envisioned with the new announcement. But just as with nationally-issued e-passports, all digital identity initiatives must fundamentally rely on the availability of the CSCA and other certificates required to assure their secure verification.
The new development on behalf of ICAO serves to bolster the traveler identification management processes which are so important to modern aviation security and passenger facilitation approaches. These and other priorities are currently being pursued by ICAO Member States in the context of the UN agency’s Traveller Identification Programme or ‘TRIP’ Strategy, which ICAO launched in 2013.