Document Chip Authentication
Verifying the authenticity of the eMRTD chip and its data is the only reliable way to prove ID document authenticity with a mobile phone. Digital Identity Service provides the authentication with a client-server solution securing the transfer of data.
Process description
Verification of the document authenticity using the chip has following steps:
- Creating a document chip (active authentication) challenge and optionally initiating a session in DIS
- Autocapture of the document page with MRZ parsing enabled
- Reconstructing an unlock password from the MRZ zone and using it and for document NFC chip reading together with the generated challenge
- Uploading the NFC data object to the DIS
- Performing the authentication of data and chip and getting the verified data
The complete process of verifying the document authenticity using the chip is in the diagram below.
Authentication of Data and Chip
Authentication of Data
Authentication of data proves that the contents are authentic and not changed. It does not prevent copying of the chip content or chip substitution.
The chip in addition to the document data contains also Document Security Object (SOD). This is signed by the issuing state and contains a hash of the document data. Document signer public key of the issuing state is used to verify the SOD, and through its contents are authenticated the remaining data of the document.
A list of Country Signing Certificate Authority certificates has to be provided for authentication. The list has to be in PEM file format.
Country Signing Certificate Authority certificates
Innovatrics cannot provide its customers with certificates for data authentication. It is upon the integrator to acquire the certificates needed, either from the ICAO organization or from the country’s governmental organizations.
Many countries provide their certificates in the ICAO Public Key Directory. However, this cannot be used without signing an agreement with the ICAO organization. Search for “The latest collection of CSCA Master Lists”. However, this master list is in LDIF file format (and 5 MB), so the certificates need to be converted to PEM file format. If support for only some countries is needed, the required certificates can be filtered from this file to keep the app size smaller.
Authentication of Chip
Authentication of chip prevents using copied data by proving that it has been read from an authentic chip that has not been substituted. There are three protocols for authentication. They are prioritized in the following sequence, the first supported protocol is used for authentication.
- PACE access control protocol with Chip Authentication Mapping (PACE-CAM)
- Chip Authentication protocol
- Active Authentication protocol
Chip Authentication Protocol
The Chip Authentication Protocol is an ephemeral-static Diffie-Hellman key agreement protocol that provides secure communication and unilateral authentication of the chip. There is no challenge in this method, as the transcripts produced by this protocol are non-transferable. The authenticity of the chip is in this protocol proved by the authentication of data (SOD object).
Active Authentication protocol
Active Authentication authenticates the chip by signing a challenge (8 byte of data) sent via the NFC library with a private key stored in the chip’s secure memory. For this purpose the chip contains its own active authentication key pair. A hash of it is in the SOD therefore it’s authenticated by the issuer’s digital signature. The document authenticity is verified by authenticating the challenge response using the chip’s active authentication key pair.
If the Active Authentication challenge is explicitly set, the Active Authentication protocol is used first. If none of these protocols is supported, the chip is not authenticated. The flow of the chip authentication process in the mobile library is illustrated in the flowchart below:
