An imperceptible defence against identity fraud
Every day, thousands of people cross the Swiss border with their identity documents in hand. In addition to holograms and raised print, an invisible but essential form of protection reinforces the authenticity of these identity documents: the electronic signature of the data stored on RFID chip. This is the key that enables the authorities to identify illegal entrants.
At Zurich airport, a passenger slides his biometric passport into a machine, while at the Bardonnex border post, a customs officer inspects a suspicious car and quickly scans a foreign biometric identity card. In these fleeting moments, a crucial question arises: is this document authentic?
We often imagine that checks are based on visible elements, such as optically variable ink or tactile relief patterns. However, there is a key element that is much more discreet in detecting forgery: the electronic signature of the data contained in the document’s RFID chip. Even the slightest alteration enables the fraud to be detected. This security mechanism is an essential safeguard against forged documents.
eDoc PKI: a behind-the-scenes look at document verification
How does this electronic signature work? In Switzerland, it is generated by fedpol using the eDoc PKI (electronic Document Public Key Infrastructure), particularly for electronic documents. This electronic signature ensures authentication. For example, the staff of the Federal Office for Customs and Border Security (FOCBS) can see that the document is genuine, has been issued by an official authority and that the data on the chip have not been altered.
Fingerprints, which provide a unique means of identifying someone, are specially protected by an access method using eDoc PKI. Not all countries are able to read them. In order to read these fingerprints contained in the passport chip, the requesting country and Switzerland must have exchanged specific digital certificates. These fingerprints are not systematically verified but, when in doubt, they enable the authorities to carry out a follow-up check, thus affording greater certainty in confirming the person’s identity.
Digital security: upgrading of the eDoc PKI infrastructure in 2024
Switzerland’s eDoc PKI system has been around for nearly 15 years and has proven its worth. Moreover, the number of documents requiring access to PKI services is constantly increasing. To adapt to current needs, fedpol has acquired new high security modules that meet current standards and are based on the latest technology. fedpol has also developed new software to meet growing demands. The transition to this new system should be finalised in 2025, and the system is expected to remain in use for the next 12 to 15 years.
Quantum mathematics and computers: a challenge for cryptography
With advances in quantum mathematics, ever more powerful computing machines are needed to guarantee a high level of encryption and prevent any falsification of electronic signatures. Current cryptography must continually adapt to remain inviolable. The emergence of quantum computers, however, represents a major challenge. These machines, which are much more powerful than conventional computers, could theoretically crack the keys used for electronic signatures. To anticipate this threat, it is essential to adapt to the new, more robust algorithms. The relevant international and Swiss authorities are closely monitoring these developments. The International Civil Aviation Organisation (ICAO) is updating its guidelines to optimise cryptography and make digital keys more secure. Like other technologies managed by fedpol, eDoc PKI must constantly evolve to ensure maximum protection of identity documents.
‘The electronic signature of data via eDoc PKI considerably enhances the security of Swiss travel documents. Since it was integrated into biometric passports, there have been no cases of forgery or tampering, thereby making PKI a pillar of the identification system.’
Michael, member of the eDocPKI team