Driving licences will be more comparable to EU ID cards and residence permits under the same requirements to store identity data, including the facial image of the passport holder, in a secure microchip. The level of security across driving licences is therefore expected to be similar to that of EU ID cards and residence permits. However, Stephane Mouy, President of SGM Consulting has expressed curiosity about the treatment of biometric data communication across different mobile documents when the issuing authority and biometric data is the same.
He uncovers the disparity between “allowed and standard” proximity (NFC) communications (chip retrievals) for the driving licence versus restrictions for passports.
He writes that chip retrieval and communication of the facial image in European driving licences has no “specific restrictions” in the upcoming regulation, compared with ID cards and residence documents.
Whilst chip reading is “the most secure way” which information from the identity document can be acquired, Stephane Mouy cites that access to the chip information is “legally restricted” in some EU Union countries.
The benefits and convenience of such documents, as addressed in the recent Remote Identity-Proofing ANSSI-BSI Joint Release, is balanced with the risks of more sophisticated presentation and injection attacks using AI modified data. It stresses the need to carve out robust ID proofing processes to combat forgery or counterfeiting with less regularity for the issuance of these document.
