Enabling ePassports
Electronic passports are standardized modern security documents with many security features. Typical PKI and digital signature functions such as Government Root Certification Authority and Country Signing Certificate Authority play an important role in the solution.
ePassport solution
PrimeKey's ePassport solution contains all the PKI and digital signature components needed to produce and handle ePassports securely. The important security features are standardized by ICAO and the EU.
Country Signing and Country Verifying CAs
EJBCA Enterprise implements Country Signing Certificate Authority (CSCA), Country Verifying CA (CVCA) and Document Verifier (DV). Compliant with the ICAO 9303 and EAC specifications.
Document Signing
SignServer supports signing biometric ePassport (MRTD) data compliant with the ICAO specification.
ICAO PKD objects local storage
The National Public Key Directory (NPKD) from PrimeKey enables management of ICAO PKD objects in a provided local repository.
For more information, see our documentation on Issuing eID Certificates and Signing ePassports.
ePassport security features
From a PKI perspective, the ePassport security features can be divided into two categories:
Benefits of PrimeKey's ePassport solution
An ePassport PKI solution can contain several PKI services such as CSCA, CVCA, DVCA and DS. Demands on what PKI services are needed can differ depending on the targeted region.
Complete offering
Our ePassport Solution contains all the PKI and digital signature components needed to produce and handle ePassports securely.
Compliance
All included technology meets the requirements of ICAO and the EU.
Flexibility and integration
All software within our ePassport offering is reliable during operations and integrates well with other necessary ePassport technologies from major players such as Thales and Mühlbauer. The solution can be deployed as a flexible software appliance or as a fit-for-purpose hardware appliance that also includes a FIPS-certified HSM.
Experienced partner
PrimeKey has extensive experience in many strategic, mission-critical, large-scale PKI projects and has already delivered ePassport solutions to more than 20 customers.
Products for ePassports
To produce ePassports, you need PKI (EJBCA Enterprise) and a digital signing solution (SignServer Enterprise).
To verify ePassports from different countries, you need PKI (EJBCA Enterprise) and a Directory for different countries (NPKD).
EJBCA® Enterprise
Complete public key infrastructure (PKI) and certificate management
SignServer Enterprise
Server-side, PKI-based, multipurpose digital signature solution
NPKD
National Public Key Directory from PrimeKey, a system for national certificates in e-passports
Contact us
Fill in your contact information below and we will get in touch with you.