DFAT calls for ePassport chips

It’s full steam ahead on Australia’s biometric-cum-facial recognition passports. The Department of Foreign Affairs and Trade (DFAT) has requested both restricted and open tenders for integrated circuit chips, inlays, hardware, software and services for the first batch of prototype, new-age travel documents.

Dubbed ePassports, the prototypes will be tested over the next 12 to 18 months to evaluate how well the new technology performs in terms of its durability, reliability and interoperability with other systems linked to passport, immigration and border control applications.

The ePassport pilot program is slated to start in October 2004; around 6,000 passport units and 10 readers and writers will be supplied. Should the trials prove satisfactory, DFAT anticipates full-scale production of ePassports would be around one million per year.

Apart from leading a front-end push to automate border control transaction processes, the new documents are the sharp end of Australia’s commitment to the U.S. to upgrade passports in order to maintain Visa Waiver Status for Australian nationals.

Ironically, the U.S. biometric passport scheme has been put back by at least another 12 months as various government departments struggle to integrate IT systems and protocols for sharing information — leading to the distinct possibility that Australian travellers will be biometrically equipped for U.S. travel before the U.S. can process such documents.

According to DFAT tender documents, the new technology will be based on an “MRTD chip storing biometric (including facial image) and other data in a contact-less electronic chip in passports.” Chips for the passports will be required to be at least 8 bits and with built in cryptographic processing to an algorithmic minimum of 16-byte DES3.

Storage has been set as either Flash or EEPROM, with a 60KB minimum over and above operating systems requirements. The chips and associated storage will also be required to last a minimum 40,000 read/write cycles “without failure or performance degradation” — plain sailing for most processors, but a much tougher ask for what DFAT sources described as a “document which is mistreated badly and frequently.”

In terms of security and authentication, the passports will use public key infrastructure (PKI) with tender applicants restricted to those approved under the Australian Government Information Management Office’s (AGIMO) tightly-vetted Gatekeeper program.

DFAT is also taking seriously the threat of potential hacks of the new passports, with security levels set at a minimum of EAL 4 — meaning the new chipsets will be required to be either on par or just below most military grade applications. Visible tamper-proofing of the chip is also required.

The tender closes on July 30.