EU biometric visa trial opts for the tinfoil sleeve

Clash and burn for single ID dream?

  • alert
  • submit to reddit

5 things you didn’t know about cloud backup

The US-inspired wet dream of a single, global identity document isn't quite dead, but with the announcement of Europe's biometric visa trial this week it doesn't look well. Smartcard specialist Gemplus has got the gig, working with prime contractor Sagem, for an initial trial in France and Belgium, and the visa format to be used is, er, a separate card.

The slight snag with the single biometric identity document - as we've noted here in the past - was identified by Brussels' techies late last year. The technology is intended to use contactless chip technology, despite the obvious gotcha that it'll be perfectly feasible for unauthorised readers to lift data from your passport. But if you've got multiple travel validations using the same technology in the same passport document, having them all chattering at the same timed screws up the readers. As the techies reported last year, the original plan to have visas using contactless technology in a passport which itself uses that technology just plain doesn't work.

Europe currently intends to implement common standards for biometric visas as part of its Visa Information System, so another way forward (not necessarily the word we'd use ourselves...) had to be found. The separate card format now being used in the Gemplus pilot looked like the most viable of the options the techies put forward on their announcement of the sad death of Plan A.

The pilot is being carried out as part of the Biodev project, which is being run by an ad hoc group of EU member states and deals with immigrant visa holders within the Schengen area. The card uses Gemborder 2 technology, contains fingerprint and facial plus sundry other data, and is "carried in a cardholder pocket placed inside the passport books", it says here. Keeping the card in a protective sleeve stops its chatter interfering where it's not wanted - the announcement doesn't specify tinfoil, but the sleeve will no doubt use something of that ilk. Gemplus describes Gemborder2 as "ICAO-compliant contactless chip technology for electronic passports and visas", which is true after a fashion, but misleading in that it tends to suggest the ICAO standard is wider-ranging than it actually is. ICAO merely requires a facial biometric for the passport, and practically everything else is optional.

The Biodev pilot shouldn't initially have much trouble with clashing chips, as contactless biometric passports will only start to roll out in the next six to nine months, but there are still likely to be problems associated with the visa being a separate document, rather than something stuck into the passport. This will be exacerbated when biometric passports do exist, and the confusion that's going to be caused by the need to have the right document out of its protective sleeve and the other documents in it should be obvious to everybody except our rulers.

As Europe's visa is intended to be standard and Europe will be one of the first on the block with biometric visas, interoperability and multiple visas shouldn't be major problems initially, but there are likely to be difficulties as and when everybody else joins in, and people with half a dozen wibbling bits of plastic start showing up at Roissy Charles de Gaulle.

Pause, friends, and think for a moment about what's happening now, and what the overall objective is. The US, Europe and various other countries are driving towards a global biometric backed ID system where networks of computers (e.g. Europe's VIS) and databases exchange information on the movements of everybody. Now, if the networks and data exchanges actually worked, then they'd know immediately if an individual identified via their passport (or even just their biometrics) had a visa. So in the long term there should be no need for spare bits of plastic, unless of course the authorities who steadfastly tell us this stuff will work don't really believe it will.

And think about the immediate point of the contactless biometric visa, the contactless biometric passport, and the nature of progress. Current passport standards are vulnerable to forgery, but the use of a facial biometric in the ICAO standard makes forgery much harder, and does a far better job of linking the holder to the document. So in principle, so long as the issuing hasn't been fraudulent, with an ICAO passport there's a considerably higher probability that the person holding the passport is actually the person border control thinks they are.

Current passports are in the main machine readable, so again in principle you can look up the individual to see if they're on any kind of watchlist. Current visas are generally stuck into the passport, so the border control operative is able to check the visa status of an individual by the simple expedient of opening the passport and looking at the visa. Effectively, with the addition of stronger forgery protection (which ICAO is) and tighter procedures on fraudulent application the current system could work pretty much in the way our lords and masters intend the systems they're building to work. In point of fact, if they'd actually finished building the current systems and they actually employed them, they could have been live ten years ago, or more.

But no - progress dictates that we must all have our documents read by machines, not people, and that the border control operatives who currently don't have time/ can't be bothered to open our passports and look at them switch jobs. Instead of guarding the borders, in the wondrous future they'll be queue-minders specialising in stopping jet-lagged travellers waving the wrong bit of plastic at the machine, and finding which pocket they put the blasted visa in. ®

Related stories:

HP to build EU's biometric ID, terror database
Security and interop issues cause EU biometric passport delays
Smile: you're under global surveillance
EU goes on biometric LSD trip

Secure remote control for conventional and virtual desktops

More from The Register

next story
6 Obvious Reasons Why Facebook Will Ban This Article (Thank God)
Clampdown on clickbait ... and El Reg is OK with this
BBC: We're going to slip CODING into kids' TV
Pureed-carrot-in-ice cream C++ surprise
Twitter: La la la, we have not heard of any NUDE JLaw, Upton SELFIES
If there are any on our site it is not our fault as we are not a PUBLISHER
Facebook, Google and Instagram 'worse than drugs' says Miley Cyrus
Italian boffins agree with popette's theory that haters are the real wrecking balls
Sit tight, fanbois. Apple's '$400' wearable release slips into early 2015
Sources: time to put in plenty of clock-watching for' iWatch
Facebook to let stalkers unearth buried posts with mobe search
Prepare to HAUNT your pal's back catalogue
Ex-IBM CEO John Akers dies at 79
An era disrupted by the advent of the PC
prev story


Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.