Eliminating the Weakest Link in the Identity Chain

Christian Wagner

Identity documents like e-passports or identity cards have achieved a very high level of security. Their embedded electronic chips link holder and document closely together through biometrics. Yet these documents have an Achilles heel, as they are often based on insecure breeder documents like birth certificates. Christian Wagner, SMARTRAC’s Head of Segment Development Government, explains how cloud-based services can safeguard these unsecured documents.


What exactly is the problem with these “breeder documents”?

Documents like birth certificates are often required and used as the basis for issuing a real identity document. Once an identity is established on the basis of an insecure breeder document, the fraud is unlikely to be detected. As a consequence, these documents are counterfeited quite often today, as forgers and criminals aim at this weakest link in the identity chain. That ultimately raises one question: what is the point of a highly secure e-passport if it’s based on breeder documents that have no common format, content, or security features?

What can be done to close this safety gap? And how can cloud-based services enabled by RFID labels contribute to a solution?

This risk has been recognized, and several projects have been started to improve the security of breeder documents. One global initiative worth mentioning here is the Traveller Identification Program (TRIP) initiated by the International Civil Aviation Organization (ICAO). TRIP represents a holistic, coherent and coordinated approach to traveler identification management. The starting point of the TRIP strategy is establishing a credible Evidence of Identity (EoI) for an individual. This includes the tracing, linkage and verification of an identity against breeder documents to ensure authenticity.

Combined with a comprehensive security concept, RFID can significantly enhance the security level of such documents. Based on our cloud-based platform SMART COSMOS, SMARTRAC has enabled a safe eBreeder solution to secure unspecified breeder documents like birth certificates. Hence, SMART COSMOS represents a fundamental Platform as a Service (PaaS) by providing self-service transparency into the supply chain and manufacturing metadata associated with the RFID tag.

What makes SMART COSMOS particularly suited to securing breeder documents?

One important point is the basic architecture of our solution. SMART COSMOS contains three fundamental elements: Firstly, our RFID tags contain Profile data, which is each tag’s unique DNA, provided by our production data management services. That forms the root of the security architecture.

This is supported by Object data collected from sensors, smart devices and automated workflows in association with the specific use case. The provision, maintenance and uploading of such data into the cloud database are in the hands of the governmental customer. Object data can be retrieved from the enrolment, personalization and issuance process of breeder documents.

Finally, Flows data enable the implementation of fully automated system workflows, such as reports or messaging services, during the lifecycle of the application routines. However, the data and functionality provided are strictly controlled by the access rights of the individual role and use case. So, security and convenience go hand in hand.

Wouldn’t it be easier to work on the quality of the breeder documents?

In general, birth certificates are characterized by a vast variety of formats and personalization data documented by the issuing authorities – be it municipalities or states within a country. So, it is much more practical to use RFID labels as secure identifiers and enablers of cloud-based services, instead of trying to unify all the different types of breeder document. Our RFID labels come equipped with physical security features and an RFID microcontroller, making them the ideal source for document authentication and the provision of enhanced-value services.

In practice, the user would simply tap his smartphone close to the RFID label and connect directly to the authentication application in order to check the authenticity of the document. Furthermore, the solution architecture allows multi-level access rights, so that authorized users like civil servants may also access more detailed underlying data – up to a complete population registry dataset.

I am convinced that the functionality and services offered by our truly powerful platform SMART COSMOS will trigger new governmental applications and uses cases we can’t even think of today.


To hear more about the future of eID, watch the video below by Dr. Bernhard Deufel, Segment Development Government at SMARTRAC.