DOT NFC is a mobile library (both for Android and iOS) that enables the reading of data from the RFID chip contained in the eMRTD with NFC-enabled smartphone.
Electronic Machine Readable Travel Document - eMRTD
The MRTD is a specification of an official travel document. It contains in standardized format the various identification details of the holder, including a photo (or digital image) with mandatory and optional identity elements. The mandatory elements, apart from the photo, are reflected in a two- or three-line machine readable zone (MRZ).
The eMRTD contains a NFC-readable RFID chip. This chip stores data from the travel document data page and the mandatory biometric data of the holder: the photograph. The data is organized in data groups (DG1, DG2, SOD, etc.).
As the chip contains digitally signed data, a country issuing an eMRTD has to maintain a dedicated public key infrastructure (PKI). The “Root” of this PKI is the Country Signing Certification Authority (CSCA). The document signer (DS) certificate, signed by the CSCA, proves the authenticity and integrity of the data on the chip and the link to the issuer.
Specifications and standards of eMRTD can be found in ICAO document series Doc 9303 Machine Readable Travel Documents.
DOT NFC Library
The process contains the following steps:
- Access control
- Authentication of chip
- Reading and parsing data into structures
- Authentication of data
In order to read the content of the eMRTD chip, Access Control has to be established. The Access Control mechanism ensures that data from the eMRTD chip is not read without the attention of the travel document holder.
ICAO defines two protocols for Access Control:
- BAC - Basic Access Control (this protocol is used if supported by the chip)
- PACE - Password Authenticated Connection Establishment (this protocol is used if BAC protocol fails or BAC is not supported by the chip)
Both Access Control protocols use an access key generated from Machine Readable Zone - NFC Key. The NFC Key is created from the document number, date of birth and date of expiry, which are present in the MRZ, see image below.
After Access Control has been established, the chip will provide access to less sensitive data groups.
Authentication of Data and Chip
Authentication of Data
Authentication of data proves that the contents are authentic and not changed. It does not prevent copying of the chip content or chip substitution. Passive Authentication protocol is used for this purpose. Library consumer must supply a list of Country Signing Certificate Authority certificates in order to authenticate the data. The list has to be in PEM file format.
Country Signing Certificate Authority certificates
Innovatrics does not provide its customers with certificates for data authentication. It is the responsibility of the integrator to acquire the certificates needed, either from the ICAO organization or from the country’s governmental organizations. The benefit is that the integrator then gets notified about new certificate updates.
Many countries provide their certificates in the ICAO Public Key Directory. It is currently possible to retrieve a suitable certificates list from there (after accepting the Terms & Conditions). Search for “The latest collection of CSCA Master Lists”. However, this master list is in LDIF file format (and 5 MB), so the certificates need to be converted to PEM file format. If support for only some countries is needed, the required certificates can be filtered from this file to keep the app size smaller.
These resources can help converting LDIF file to PEM file:
Authentication of Chip
Authentication of chip prevents copying the data and proves that it has been read from the authentic chip and the chip has not been substituted. First supported protocol of these three protocols is used:
- PACE access control protocol with Chip Authentication Mapping
- Chip Authentication
- Active Authentication
If none of these protocols is supported, the chip is not authenticated.
Reading and parsing data
DOT NFC Library supports reading these Data Groups. Part of them are also parsed into structures.
|Header and Data Group Presence Information (Mandatory)
|Document Security Object (Mandatory)
|Machine Readable Zone Information (Mandatory)
|Encoded Identification Features - Face (Mandatory)
|Additional Identification Feature - Finger(s) (Optional)
|Additional Identification Feature - Iris(es) (Optional)
|Displayed Portrait (Optional)
|Displayed Signature or Usual Mark (Optional)
|Data Feature(s) (Optional)
|Structure Feature(s) (Optional)
|Substance Feature(s) (Optional)
|Additional Personal Detail(s) (Optional)
|Additional Document Detail(s) (Optional)
|Optional Details(s) (Optional)
|Security Options (Conditional)
|Active Authentication Public Key Info (Conditional)
|Person(s) to Notify (Optional)
The list of all possible data groups is below. Note that data groups DG3 and DG4 cannot be read without an additional certificate.