National Public Key Directory

The PrimeKey NPKD is a National Public Key Directory solution, designed to manage certificates for ePassports in compliance with International Civil Aviation Organization (ICAO) standards.

Contact us Download Product Sheet

A complete system for handling national certificates for ePassports

Fully compliant

All NPKD operations are compliant with ICAO and NPKD has been successfully tested against ICAO Public Key Directory (PKD) Test Bench v3.0.

Rich graphical user interface

PrimeKey's NPKD is operated through a rich graphical user interface that makes it easy to manage the imported top-level certificates. Users can search through ICAO PKD, download, inspect, store, publish, and more.

 

Open and interoperable

NPKD is designed to perform well with the PrimeKey products EJBCA Enterprise and SignServer Enterprise as well as with other PKIs.

NPKD-Anton-Maikel

Anton and Maikel
- PrimeKey

What is a National Public Key Directory?

Many countries have implemented Biometric Passports (or ePassports), allowing their citizens to travel more securely and efficiently.

All efforts to standardize travel documents are done under the umbrella of the International Civil Aviation Organization (ICAO). This makes travelers’ documents easy to recognize, read and validate by the foreign countries people visit. To facilitate the exchange of required information to authenticate ePassports, ICAO has created the centralized Public Key Directory (PKD) for sharing information between countries.

Each sovereign nation handles a  PKD list on its own, as it finds appropriate and secure. The PrimeKey National Public Key Directory (NPKD) addresses the needs of a country to have an efficient, secure and robust system of importing other nations’ certificates from the PKD, as well as exporting its own certificates to the PKD.

Features of PrimeKey NPKD

PrimeKey NPKD makes it easy to manage the imported top-level certificates from other countries – to decide if and how much they trust these certificates – to be able to swiftly revoke a certificate if needed. NPKD exchanges digital certificates and other security data with the ICAO PKD, and makes them available for inspection systems. The ICAO PKD works as a hub for exchanging information required to authenticate ePassports. 

compliant-720×720

Compliant and secure

PrimeKey NPKD is developed by engineers with extensive experience of ePassport solutions. All NPKD operations are compliant with ICAO and the solution has solid security application features such as user access control, secure audit logging and database rows authenticity protection. All security data is checked for ICAO conformity and the test results are visible to the user. Auditors can easily search and filter through all audit logs. 

PrimeKey NPKD includes configurable schedulers. This makes the application server automatically run all the necessary tasks to keep valid PKD object published and available for inspection systems. 

integration-720×720

Integration in existing infrastructures

PrimeKey NPKD, which is used by numerous nations to issue their citizen passports, can be integrated with your existing PKI and works seamlessly with EJBCA Enterprise or SignServer Enterprise.

complete-720×720

Included use cases

  • Download security data (Master List, Deviation Lists, DS certificates and CRL) of a specific country or all countries 
  • Extract Master Lists and inspecting their certificates 
  • Run ICAO checks on security data and store them in a database for later use 
  • Construct a Master List or Deviation List 
  • Publish CSCA certificates and other security data to a local NPKD LDAP server and make them available for inspection systems 
  • Upload security data to ICAO PKD
  • Automate all routine tasks such as download from and upload to ICAO, publish to a local NPKD LDAP, revocation check of all certificates and create database backups
  • Find the CSCA that has signed a DS certificate or Master Lists that contain a CSCA certificate
  • Audit all access control and integrity-change logs
  • Keep and update a record of all registry contact information

Read more in the NPKD documentation

 

Solutions based on product

Enabling ePassports

Produce and verify ePassports with our dedicated PKI solution

Explore ePassport solution

More information

See the links for more information on NPKD.

NPKD documentation

More news, blogs, etc on ePassports 

All PKI and digital signing solutions

Contact us

Fill in your contact information below and we will get in touch with you.

This website uses cookies

Cookies consist of small text files. They contain data that is stored on your device. To enable us to place certain types of cookies we need to obtain your consent. At PrimeKey AB, corp. ID no. 556628-3064, we use the following kinds of cookies. To read more about which cookies we use and storage times, click here to access our cookies policy.

Manage your cookie-settings

Necessary cookies

Necessary cookies are cookies that must be placed for basic functions to work on the website. Basic functions are, for example, cookies which are needed so that you can use menus on the website and navigate on the site.

Functional cookies

Functional cookies need to be placed on the website in order for it to perform as you would expect. For example, so that it recognizes which language you prefer, whether or not you are logged in, to keep the website secure, remember login details or to be able to sort products on the website according to your preferences.

Cookies for statistics

For us to measure your interactions with the website, we place cookies in order to keep statistics. These cookies anonymize personal data.

Cookies for ad-tracking

To enable us to offer better service and experience, we place cookies so that we can provide relevant advertising. Another aim of this processing is to enable us to promote products or services, provide customized offers or provide recommendations based on what you have purchased in the past.
Confirm choices Accept all