Secure SmartMX IC enables storage of biometric data in second-generation ePassports

NXP, the independent semiconductor company founded by Philips, today announced that it will supply Germany, the first country in the world to introduce second-generation ePassports with enhanced security, with its latest smart chip technology. In the second phase of the ePassport specification European Union member states are expected to include digital biometric information in the form of two fingerprints on all ePassports. Building on the success of the German ePassport scheme originally introduced in November 2005, the new SmartMX chip enables biometric data to be securely stored on the passport, creating an even stronger link between the document and its owner.

NXP has so far shipped around 4.5 million ePassport chip solutions consisting of chip, chip operating system and inlay to the German passport producing company, Bundesdruckerei GmbH. Worldwide, NXP is involved in more than 80 percent of all ePassport schemes, having shipped over 100 million ICs to date. 43 out of 51 countries are using NXP smart chip technology including US, France and Singapore.

“The German ePassport program has proven very successful over the last two years. NXP Semiconductors, with its SmartMX chip solution, has been a substantial part of its success,” said Ulrich Hamann, CEO of Bundesdruckerei GmbH. “By enabling the storage of biometric data, NXP is helping us address tighter security requirements, well ahead of the EU deadline.”

“Since the introduction of ePassports, NXP has been at the forefront of developing solutions to enhance border security, to safeguard privacy and to improve interoperability,” said Günter Schlatte, general manager, eGovernment, NXP Semiconductors. “With its advanced security features, our next-generation SmartMX chips are the first ICs in the industry to enable migration to the new European ePassport specification.”

The deadline for compliance and migration to next-generation ePassports is set by the European Union for June 28, 2009. Germany is the first country in Europe to move over to the new system, starting in November this year. The addition of two fingerprint images in the ePassports requires an enhanced security procedure called Extended Access Control (EAC) set by the European Commission. EAC provides the necessary stronger cryptography to protect privacy sensitive data and to safeguard against cloning.

NXP’s leading SmartMX chip solutions fully support the security requirements of the EAC specification and furthermore provide a number of enhanced features for eGovernment applications. The chip hardware has been certified according to the highest Common Criteria (CC) certification level by the German Federal Office of Information Security (Bundesamt für Sicherheit in der Informationstechnik). By using asymmetric cryptography based on elliptic curves, the information stored on the IC is kept secure. Each chip has a storage capacity of 80kb EEPROM, enabling the document to contain biometric information, such as the holder’s photo and fingerprints along with name, date and country of birth, permanently locking the passport to the user.

The new SmartMX chips comprise a number of unique security features to guard against attack scenarios with light and lasers as well as a dedicated hardware firewall to protect specific sections on the chip. In addition, the ICs also provide faster read and write capabilities due to optimized hardware and software, enabling about 3 times faster personalization of passports compared to the first ePassport generation. NXP’s SmartMX chips can be delivered in the industry’s thinnest 250µm chip-package, making it suitable for a wide variety of contactless eGovernment applications.

.

.

.

.

.