Document Management

MB APPLET SUITE enables smart cards and epassports based on the JavaCard standard to perform all the functions required for an ICAO Doc. 9303 compliant electronic machine-readable travel document (eMRTD).

Key advantages of the MB APPLET SUITE are:

  • High security and data protection
  • ICAO Doc 9303 compliant data content & formats
  • Passive Authentication (PA) to prove data integrity
  • Active Authentication (AA) to prevent cloning
  • Basic or Supplemental Access control (BAC or SAC) for data privacy
  • Extended Access Control (EAC) for enhanced security features

 

The degree of automation is completely configurable. In case of any problems, such as lost network connection or machine malfunction, operators are guided in their proceedings to solve the problems.

 

Typically a biometric facial image and the printed information of the document are to be stored on a contactless high-security microchip inside an identity document. Security mechanisms of the electronic chip inside an ICAO Doc 9303 compliant eDocument include Passive Authentication (PA) to prove data integrity, Basic Access Control (BAC) or Supplemental Access Control (SAC) for data privacy. 

The SAC protocol offers advanced protection against skimming and eavesdropping using strong cryptography. SAC is recommended for ICAO members and mandatory for EU members issuing ePassports. 

To prevent cloning the MB APPLET SUITE makes use of the Active Authentication protocol. 

Usage of EAC further increases the security by preventing clones with Chip Authentication (CA) and protection of fingerprint images with Terminal Authentication (TA). 

The chip operating system also supports random UID to protect document holders from unallowed tracking. 

The solution requires a special Public Key Infrastructure (PKI) to provide the signature of the chip data of the LDS (SOD). EAC functionality needs an additional PKI to provide certificates and keys for Terminal Authentication of inspection systems.