The new security standard SAC/PACEv2 (or PACE[1]) has been mandatory in European electronic passports since January 2015. Security protocols, such as PACE protect the personal data stored in the chip of electronic ID documents from skimming and eavesdropping attacks by assuring a secure communication during the verification of the data (e.g. at border control). With the rising number of e-passports carrying the PACE protocol and the establishment of additional security features, such as PACE-CAM[2], conformity and interoperability challenges are still present. The PACE-CAM security mechanism combines the PACE protocol with chip authentication (between chip and reader) in one protocol which allows a faster verification process.The standards for security mechanisms used in electronic passports are developed by ICAO in collaboration with international organizations, such as ISO, and national authorities, such as the Federal Office for Information Security (BSI).The focus of this year's InterOp Test is to test the secure communication between electronic passports and inspection systems using> SAC/PACE according the ICAO's Test Specification "RF Protocol and Application Test Standard for eMRTD – Part 3> PACE-CAM according to ICAO Doc 9303 part 11 "Security Mechanisms for MRTDs"The InterOp Test at the SDW 2016 conference in London will be the third SAC Interoperability Test within the last 4 years. HJP's partner TÜV Informationstechnik GmbH (TÜV NORD GROUP) will be one of international test laboratories to perform the SAC/PACE tests using HJP's GlobalTester conformity test tool for e-passports and readers. The GlobalTester test tool was the first to offer PACE-CAM tests in July 2015.In Europe, the security protocol Supplemental Access Control (SAC) or PACE represents the 3rd generation of e-passports and replaces Basic Access Control (BAC), which was introduced with the first generation of e-passports.GlobalTester is the world's only open source-based test platform to test the conformance of electronic ID documents and readers, such as e-passports and inspection systems. HJP will launch GlobalTester 3.1 at SDW with new features for enhanced usability, detailed failure analysis as well as fast implementation and automation of tests. With the new GlobalTester platform HJP is expanding the conformance testing portfolio from smart-card based applications to testing any security protocol, such as the EnOcean protocol for smart home applications as well as MQTT protocol in the context of IoT.[1] Password Authenticated Connection Establishment[2] Password Authenticated Connection Establishment with Chip Authentication Mapping" (PACE-CAM)
Recent Articles
- Bumble data leaked to dark web site
- Vietnam grasps cybersecurity directive, Philippines drops ID verification plans
- UIDAI launches Aadhaar app, enables digital ID storage in Google Wallet
- De La Rue’s strategic Canadian deal to finally win British passports tender
- Meet with Goldman Sachs, Huawei, the European Commission, The World Bank and more!
Recent Video
- New non-profit trade association of HAND will standardise global talent ID
- No cards, no phones: J.P. Morgan’s biometric revolution in payments
- Anthony Vidiano on building the future of access management
- Charisma Check wins 2025 Start-Up Pitching Competition, advancing identity verification and background checks for dating app users
- How to protect one billion Amazon customers: Lessons from continuous risk assessments
