Trinidad and Tobago e-passports: Step towards speed, security

A TT passport.  - Photo by Ayanna Kinsale
A TT passport. - Photo by Ayanna Kinsale

It was heartening to hear the Minister of Finance, Colm Imbert, announce in his 2024/2025 budget statement on September 30 that cabinet had authorised the Immigration Division to embark on the transition from machine-readable passports to e-passports.

On numerous occasions, this column has strongly advocated the transition to e-passports owing to their enhanced security features and universal use.

The International Civil Aviation Organization (ICAO) continuously upgrades and enhances the security standards for machine-readable travel documents (MRTD) and has introduced the biometric passport, also known as the e-passport. The e-passport is the principal identity document now being used in international travel.

The security and facilitation advantages of e-passports reside in a microprocessor chip embedded in the passport which contains biometric and biographical data that can be used to authenticate the identity of the passport-holder. The embedded chip in the passport booklet stores the biographical information visible on page two, as well as a digital security feature.

This digital security feature is a unique, country-specific "digital signature" that can be verified using the country’s e-passport security certificates.

>

Each country issuing an e-passport establishes a single country signing certificate authority (CSCA) as its national trust point for the control of e-passports.

Security certificates are generated by the CSCA. The country also issues a document-signer certificate (DSC) that contains the information required to verify the digital signature on the e-passport.

Together, the signature and certificates form a trust chain, where one end is securely anchored in the authority of the issuing country, and the other end is securely stored in the chip of the e-passport as the document security object. As the anchor in the trust chain, CSCA certificates are often exchanged bilaterally to ensure maximum security and trust in the rest of the chain.

To validate an e-passport at an international border, the border control system in a receiving country retrieves the document security object from the chip.

The authenticity of the e-passport can be proven if the digital signature checks against the DSC and the DSC checks against the CSCA certificate.

By authenticating the data on the chip of an e-passport, border control authorities can confirm the e-passport held by the traveller was issued by a bonafide authority and the biographical and biometric information encoded in the e-passport when it was issued was not subsequently altered. The border control authority can confidently rely on the information on the chip to compare and cross-reference against the printed information and facial image found on the biographical data page both in the visual inspection zone and the machine-readable zone of the e-passport.

According to the Minister of Finance, e-passports will keep TT in sync with the rest of the world and facilitate faster processing at airports via automated border control gates.

The benefits of TT's using e-passports, however, can only be realised when other countries’ border control agencies have the capability to validate the biometric and biographical data on the chip. If the data cannot be validated at border control, the e-passport has very little advantage over a traditional, non-electronic passport.

-

>

While the ministry has not given any timelines for this transition, a top priority is the validation of TT e-passports using the ICAO Public Key Directory (PKD) repository system.

The ICAO PKD is a centralised directory that offers an independent, organised, secure and cost-effective online source for up-to-date e-passport biometric information. It provides an efficient means for countries to upload their own e-passport information and download that of other countries.

The ICAO PKD plays the role of central broker for this information and ensures information adheres to the technical standards required to achieve and maintain interoperability and security, making it very difficult to forge an e-passport. In addition, it ensures that information can be reliably exchanged in "real-time" on an indefinite basis.

In 2012, the cabinet agreed TT should participate in the ICAO PKD. To kickstart the process, the TTCAA made an offer to National Security Minister Jack Warner to pay TT’s annual PKD membership fees for five years.

The Immigration Division informed Warner, and rightfully so, that a new passport facility with the appropriate technology and training was required to issue biometric passports and participate in the ICAO PKD programme. Warner subsequently declined the TTCAA’s offer.

Recent border control security-enhancement measures by other countries and regional groups such as the European Union (EU) require TT to fast-track the transition to e-passports and their validation.

Effective November 10, a new digital system called the entry/exit system kicks in for non-EU travellers seeking to enter and exit the Schengen Area.

When travellers from outside the EU arrive at a Schengen border, they will scan their passports at self-service kiosks. These machines will retrieve important information such as names, travel document details, fingerprints and facial images from the passport.

The next major change takes effect in May 2025, when visitors from over 60 visa-exempt countries will be required to have the European Travel Information and Authorisation System (ETIAS) travel authorisation to enter 30 European countries for short stays.

>

ETIAS will do background checks using criminal records and security databases from criminal-justice institutions such as Europol and Interpol to identify potential security risks among applicants seeking to enter Europe’s external borders.

Similarly, effective January 8, 2025, TT citizens travelling to the United Kingdom (UK) for up to six months for tourism, visiting family and friends, business or short-term study will require an electronic travel authorisation (ETA).

The present TT passport, though machine-readable, is not an e-passport. Therefore, it may not contain all the biometric data required to process a UK ETA.

The implications of this are unclear as to whether an e-passport is mandatory to obtain a UK ETA. Hopefully, the UK High Commission in TT will provide some clarity.

Several Caricom countries are using e-passports and some are participants in the ICAO PKD programme.

The validation of e-passports is necessary to fully leverage the investments made by countries in implementing enhanced-security biometric passports. It contributes to improved border security and safer global air travel. The benefits of e-passport validation are collective, cumulative and universal.

The matter of e-passport transition and validation should be treated with urgency.

Comments

"Trinidad and Tobago e-passports: Step towards speed, security"

More in this section