secunet wins BSI deal

secunet has been commissioned by the German Federal Office for Information Security (BSI) to extend border control infrastructure for eID documents.

According to the company, border control applications such as the ePass-Client or EasyPass eGate solution at Frankfurt airport read and check electronic data from ePassports. An infrastructure for cryptographic keys has to be set up and the applications have to be adapted so that border officials can read all the data stored digitally on the country’s new ID card.

The digitally stored data in the latest ePassports and in the new ID card is protected against unauthorised access by Extended Access Control (EAC). One of EAC’s requirements is that ID scanners prove they have the authorisation to read out the electronic travel document. For this so-called Terminal Authentication protocol (TA), the scanner must have certificates and the corresponding cryptographic keys. To manage the keys and certificates an EAC Public Key Infrastructure (EAC PKI) will be set up.

The order from the BSI covers the implementation of a decisive component of the EAC PKI - the Terminal Control Center (TCC). This is used to centrally perform cryptographical functions and key management for the connected ID scanners.

Within the framework of the order, TA will be added to the border control applications ePass-Client and EasyPASS, which are already successfully in use and will also be connected to the TCC. The first installations are expected to go live this summer in a pilot project by the German Federal Police. secunet has already developed the ePass-Client application in cooperation with the BSI, which is used throughout Germany. The company also delivered the central components for the semi-automated EasyPASS border control at Frankfurt airport and was responsible for project implementation as general contractor of the BSI.

The company says once the extension has been implemented, travellers will be able to pass through the eGate solution with the ePassport as well as with the new ID card in the future.