Finland Protects the Integrity of Electronic IDs and EAC e-passports with Thales
Thales Hardware Security Modules Ensure The Authenticity Of Finland’s E-Passports With Fingerprints Secured By Digital Certificates
With one of the world’s most electronically enabled populations, Finland has long been a leader in delivering online government services that take advantage of effective identity and access management. The country’s Population Register Centre (PRC) provides a clear example. It operates national public key infrastructures (PKIs) and Certification Authorities (CAs) secured with Thales hardware security modules (HSMs) to issue unique and verifiable digital identities, called Citizen Certificates, to all residents. Residents can use their Citizen Certificates to access secure online government services efficiently and cost effectively. So when Finland needed the PRC to use similar technology to issue new e-passports to comply with the latest European Union (EU) directives on electronic ID issuance, the PRC knew from experience where to turn to ensure the integrity of the process—Thales.
According to Jan Partanen, development manager for the Population Register Centre of Finland, “The EU’s new e-passports are the most secure in the world because they are protected by tamper-proof digital certificates. However, the system will only work if countries secure—without fail— the signing keys that guarantee the authenticity of the digital certificates. With Thales HSMs protecting the signing keys for Finland’s CAs, PKI, and electronic ID issuance, we are confident in our ability to ensure the integrity of Finland’s e-passports and online government services.”
Benefits With Thales
- Enabling the electronic verification of identity
- Protecting the integrity of e-passports and the privacy of citizens
- Preventing passport fraud, counterfeiting, and misuse
- Securing the delivery of online government services
Ensuring Security And Privacy
Every person’s fingerprint is uniquely their own. The EU is taking advantage of this simple fact to ensure that only the correct person can use a passport to travel. How? Based on the Extended Access Control (EAC) standard, the EU’s second generation of e-passports allows governments to leverage a stronger biometric (typically a fingerprint or iris scan) that is more difficult to impersonate. EAC e-passports will protect the passport holder’s privacy while ensuring the validity of passports. Once the new e-passport process is fully implemented it will become virtually impossible for anyone to travel under an assumed identity with a fake EU passport. The EAC scheme requires European Union Member States to add fingerprint data to machinereadable travel documents (MRTDs).
Whether they are used to protect e-passports, PKIs, or electronic IDs, digital certificates are secure because they are issued by a trusted CA using its unique signing key. However, if a signing key were ever compromised or stolen, someone could issue a seemingly valid digital certificate. Because HSMs provide a tamper-resistant environment that is significantly more secure than software, the EU mandates their use to generate, store, and protect the CA signing keys for e-passports.
A History Of Success
Historically, the Finnish government has relied on Thales HSMs to protect its national CAs and PKIs, so from the beginning the PRC knew that it would prefer to use Thales HSMs to protect the integrity of its e-passports. Thales HSMs have proved to be secure and trouble free, integrating seamlessly with the country’s CAs for issuing certificates. Thales HSMs are certified to Federal Information Processing Standard (FIPS) 140-2 level 3, which is the most widely adopted security benchmark for cryptographic solutions in government and commercial enterprises, and is mandated by the EU EAC e-passport standard. Just as crucially, the Thales Professional Services team offered expertise in both e-passports and key management to help the PRC establish an efficient—and cost-effective—e-passport issuance process.
“The PRC is very experienced in delivering online government services through PKI deployment and the issuing and use of digital certificates,” notes Mr. Partanen. “In our opinion, Thales HSMs are an excellent solution to protect signing keys. Of course, key management is also important. Thales Advanced Solutions Group has excellent key management expertise, together with a record of delivering trusted solutions. We did not hesitate in choosing Thales Advanced Solutions Group and Thales HSMs to secure our e-passports.”
The E-Passport Process
Working with Thales e-Security’s Advanced Solutions Group, the PRC has developed and implemented a new e-passport issuance process that complies with EU standards and protects the privacy of its citizens. The new e-passports contain a chip embedded with a digital certificate and the passport holder’s fingerprint. The country’s root CA issues each certificate using signing keys securely generated and protected within a Thales HSM. As the signing keys never leave the security of the HSM, they are never exposed to misuse. At border crossings, a passport reader will be able to verify the identity of the passport holder. Only devices authorized by digital certificates will be able to read the passports, protecting the passport holder’s privacy as well as ensuring the validity of the passport.
Founded in 1969, the Population Register Centre of Finland maintains population and identification information relating to the people and buildings in Finland. It is dedicated to serving the people of Finland by delivering high-quality identification solutions for online and other services.
Cost-Effective And Highly Available
The PRC opted to use the network-attached Thales nShield HSM in its e-passport process rather than an HSM that works with a single server. By networking its HSMs, PRC saw two important advantages; firstly, because the nShield serves multiple servers, the PRC did not need to purchase one HSM for every server in its e-passport PKI, reducing hardware costs. The second advantage was that the HSM efficiently supported high availability and scalability, with automated failover allowing seamless switching between HSMs.
“The Thales nShield offered a definite cost and availability advantage because one device can support several servers and applications at the same time,” explains Mr. Partanen. “It also delivers all the security features we would expect from an HSM, including separation of duties in administration to protect devices from internal manipulation.”
Protecting Processes And Citizens
As Finland issues e-passports that include fingerprints protected by digital certificates, Mr. Partanen points to the potential consequences of errors as the driving force behind the value of HSMs. He says, “In the case of e-passports, compromised signing keys would mean that criminals or terrorists could issue counterfeit passports. Or if keys were used to unlock the e-passport itself, citizens’ privacy could be irrevocably damaged. By deploying Thales HSMs, our signing keys never leave the security of the hardware module, so they are never exposed to misuse. HSMs and digital certificates can seem complex, but the result of using them is simple for us. They ensure the integrity of Finland’s e-passports, CAs, PKIs, and online government services.”