Glossary |
| All | |
| Pages: 1 | |
| Term | Definition |
| 3G | Third Generation: the broadband telecommunications systems that combine high-speed voice, data and multimedia. |
| Accuracy | A catch-all phrase for describing how well a biometric system performs. The actual statistic for performance will vary by task (verification, open-set identification (watchlist), and closed-set identification). See also d prime, detection error trade-off (DET), detect and identification rate, equal error rate, false acceptance rate (FAR), false alarm rate (FAR), false match rate, false non-match rate, false reject rate, identification rate, performance, verification rate. |
| Active Authentication | Uses a challenge/response mechanism based on public key cryptography and digital signatures. It provides proof that the document is not copied and refers to the correct IC. |
| Advanced Passenger Information System | With APIS, passenger and crew travel document data is read by the airlines, temporarily saved, and then transmitted within 15 minutes of aircraft takeoff to the customs and border authorities of the destination country. Increasing numbers of countries are demanding this data. |
| Advanced Passenger Profiling (APP) | Prior to boarding, the airline or shipping company sends the data contained in the travel documents of passengers and crew to the border control authorities. Passengers are not allowed to board if they do not have a valid visa or are not permitted to enter the country of destination for any other reason. |
| AFIS | This system is used by law enforcement agencies to compare fingerprints. Instead of performing a one-to-one match, it checks a fingerprint against a whole database of stored prints and gives a list of the most likely owners of that print. |
| Algorithm | A limited sequence of instructions or steps that tells a computer system how to solve a particular problem. A biometric system will have multiple algorithms, for example: image processing, template generation, comparisons, etc. |
| ANSI | American National Standards Institute. A private, non-profit organization that administers and coordinates the U.S. voluntary standardization and conformity assessment system. The mission of ANSI is to enhance both the global competitiveness of U.S. business and the U.S. quality of life by promoting and facilitating voluntary consensus standards and conformity assessment systems, and safeguarding their integrity. |
| API | Application Programming Interface. Formatting instructions or tools used by an application developer to link and build hardware or software applications. |
| APIS Quick Query (AQQ) | During the check-in process and up to 15 minutes before boarding, AQQ enables airlines and shipping companies to send the data from passenger travel documents to the US Customs and Border Protection before departing to receive entry approval. |
| Authentication | The process whereby an individual, a card or a terminal is checked to ensure that he/she or it is an authorised person or device. |
| Basic Access Control | Uses challenge/response mechanisms based on triple DES recommendations. It has the advantage of preventing skimming and eavesdropping via a secure communication. |
| Baud | The number of signalling elements that occur each second. Baud indicates the number of bits per second that are transmitted. |
| BioAPI | A programming interface defined by industrial associations to standardise communication between application software and biometric systems. |
| Biometric | Measurable, distinct physical characteristic or personal trait that can be used to recognise the identity or verify the claimed identity of an enrolled person. |
| Biometrics | Biometrics (from the Greek, Bios=life, Metron=measure) measure quantitative features of living beings such as face, finger and iris using mathematical methods for the purposes of identification and verification. |
| Bot (Internet bot) | A type of computer program designed to do automated tasks. |
| CAC | Common Access Card: a US Department of Defense smart card issued as standard physical and network identification for military and other personnel |
| CDMA | Code Division Multiple Access: a wireless communications technology that uses the spread spectrum communication to provide increased bandwidth. |
| Checksum | A checksum is a feature that warrants data integrity when saving data. In order to obtain a checksum, the basic components of a message are multiplied by a certain factor and then added up in sequence. The resultant value is then saved as the checksum. When reading the ?copy? of the data, a checksum of this can also be calculated and compared with the saved checksum of the original file. If the two checksums differ, this indicates that there is a saving error and saving must be repeated. If both checksums are identical, the data has been correctly transferred. |
| Chip inlay | Comprises the chip, the chip module and the antenna and is integrated into the cover or one of the pages of the passport booklet. |
| CLI | Changeable Laser Image |
| Contactless | A card that communicates by means of a radio frequency signal, eliminating the need for physical contact between the card and a reader. |
| Contactless card | A card that can be read from a distance instead of being swiped through or inserted into a card reader. |
| Counterfeit | Illegal copying of an ID document or other products. |
| Country Signing Certificate (CSC) | A certificate issued by the Country Signing Certification Authority (CSCA) and used to certify the chip in sovereign documents of this country. The CSC is part of a Public Key Infrastructure (PKI). |
| Crew Member Licence | This is issued by an airline to employees to confirm employment as a member of an airline crew. It is valid only when presented together with a personal ID document, and allows the holder to enter a country without a visa and stay in a community adjacent to the airport. |
| Cryptography | The process of turning readable text into cipher text and back again. |
| Data encryption | This uses a symmetric or asymmetric encryption method and is able to protect sensitive data. |
| DDA | Dynamic Data Authentication: a highly secure authentication technology that allows banks to approve transactions more securely at the terminal. |
| DES | Data Encryption Standard |
| Document Adviser | A border control officer of a country who in the pre-frontier area of, for example, an airport, advises on the authenticity of the ID documents presented by flight passengers, by instructing airline check-in staff on what documents will be accepted on arrival at the destination airport. Background: If an airline flies a passenger with forged papers into a country, the airline is obliged to return this passenger to the airport of departure at its own expense. |
| Document Database | An electronic collection of images showing travel documents from different countries, including the security features for manual or automated authentication of a document at the border. |
| Document Reader | An electronic device which reads the personal data on a Machine Readable Travel Document and displays it on a computer screen for further analysis. We distinguish MRZ and full-page readers. Devices for reading the RFID chip in electronic documents will become increasingly important in future. |
| DTX | Also known as decitex, dezitex or dtex. This is the measuring unit for thread and is the weight in grams of a 10,000m fibre. For example, with a value of 50 dtx, 10,000m of thread weighs 50g. |
| Electronic Passport (ePassport) | ICAO-compliant Machine Readable Travel Document (MRTD) into which a passive RFID chip is integrated. The chip stores the same data as the data page of the passport, along with a digital photo of the passport holder. Starting 2007, images of the holders tow index fingers must be stored on the chip. |
| Electronic Signature | The Electronic Signature (also called Digital Signature) refers to electronic data attached or linked to a message which guarantees the authenticity and integrity of the message. Its purpose is to ensure that the sender is who he/she claims to be and that the message was not changed during transmission from the sender to the recipient. |
| Encryption | Is the process of obscuring information to make it unreadable without special knowledge (key). Encryption can be used to ensure secrecy, but other techniques are still needed to make communications secure, particularly to verify the integrity and authenticity of a message. (e.g. electronic signature) |
| Endpaper | The front and back inside cover of passport. |
| Enrolment | One-off capture of a biometric feature as a reference for the future verification of an individual. |
| Entry/Exit system | A database system used by a country to monitor the residency status of foreigners in the country. |
| ePassport | An electronic passport with a contactless chip and an antenna embedded in it. |
| Eurodac | Database on asylum applicants and individuals who have illegally crossed an outer border of the EU. By comparing fingerprints, a member state can check whether an asylum applicant or foreigner who resides illegally in the member state has applied for asylum in another member state. Eurodac comprises a database for fingerprints managed by the European Commission and electronic systems for data transmission between the member states and the central database. In addition to fingerprints, the data transmitted by the member states also includes the member state of origin, the place and time of application, the gender of the applicant and their ID number. |
| Extended Access Control (EAC) | The EAC protocol has been developed by the European Union to protect the more sensitive data on biometric travel documents, in particular the holder?s fingerprint images. EAC comprises two distinct phases: chip authentication and terminal authentication. During chip authentication, secure communication between the chip and the reader is established. At this point an implicit authenticity check of the stored information is also carried out. This process enables authentication of components that were allocated during personalisation to take place. Because only a ?genuine? chip is capable of establishing communication with the reader unit which is protected by both keys, chip authentication also ensures automatic ?copy-proofing? of the stored chip contents at the same time. During terminal authentication, only authorised reader units with precisely defined access rights can gain access to the information stored in the chip. Whenever communication is established between the chip and the reader unit, the reader unit?s authorisation certificate is automatically checked. |
| Facial Recognition | A biometric method in which the face of the person being checked is compared with one or several photos stored. Using the ICAO-compliant photo of the passport holder stored in the electronic passport, the holder of the passport can be verified using this method. Currently, efforts have been made to develop more sophisticated facial recognition technologies. 3D face recognition adds a third dimension to facial recognition, which increases performance and security significantly. |
| False And Authentic Documents (FADO) | European image archiving system (Council resolution of 27 March 2000) to combat illegal immigration and organised crime. FADO is designed to enable the fast and simple exchange of information about authentic and false documents between member states. The FADO database contains the following information: * Images of forged or manipulated documents * Images of authentic documents * Information about forgery methods * Information on security methods |
| FAR / False Acceptance Rate | The acceptance of an impostor into a system being protected by a biometric device. False Acceptance Rate refers to the probability ? expressed as a percentage ? that a device will fail to reject an impostor. |
| Fingerprint recognition | An individual?s fingerprint comprises papillary lines (ridges) and minutiae (branches) and is unique to each person. In fingerprint recognition, a fingerprint scanner first takes an image of the fingerprint. Either the image or a template of the fingerprint is then saved. Storing the fingerprint of the 2 index fingers in the electronic passport will make the verification of the passport holder even more reliable than only storing the facial image. |
| Forensic examination | Laboratory examination by highly qualified experts of documents for authenticity features which cannot be identified by citizens and control officers in Primary Inspection. |
| FRR / False Rejection Rate | The rejection of a legitimate user from the system being protected by a biometric device. False Rejection Rate refers to the probability ? expressed as a percentage ? that a device will fail to accept a legitimate user. |
| Full-Page Reader | An ePassport reading device which scans the complete data page of the document and displays data on the screen. |
| ICAO | International Civil Aviation Organization |
| ICAO Doc 9303 | The ICAO document that was first published in 1980 containing specifications for machine readable passports. |
| Identification | Finding a set of data, e.g. an individual?s biometric identifier, from a large parent population (1:n) |
| Identification Document | A document issued by an authority containing permanently applied information which permits an authenticity check. It proves the identity of the document holder. |
| Intaglio printing | Form of printing that produces a ridged profile detectable by fingertips. |
| International Maritime Organisation | A sub-organisation of the United Nations (UN) which aims to harmonise rules for international maritime traffic. |
| Iris Recognition | A biometric identification method. The iris is the diaphragm of the eye which is coloured by pigments and regulates the amount of light that enters the eye. Its pattern is unique to each individual. Using this method, a live photo of the iris of the person to be verified is captured and then compared with a previously stored reference. A laser beam is not used. |
| LDS | Logical Data Structure |
| Lenticular | When looking at a lenticular image, it is possible to see one image followed by another as the angle or view changes. |
| MRP / Machine Readable Passport | Key components of the MRP are the holder?s identification details, including a photograph or digital image and a two-line Machine Readable Zone (MRZ). |
| MRTD | Machine Readable Travel Document |
| MRZ | Machine Readable Zone |
| OCR / Optical Character Recognition | The two-line Machine Readable Zone in a passport is made up from OCR-B characters. |
| Passenger Name Record (PNR) | Since 5 March 2003, airline companies whose aircraft arrive in and depart from the US, or fly over the US, have been obliged to provide US customs and border authorities with online access to the booking data record, the Passenger Name Record (PNR), which is saved for each passenger in the reservation systems used by the airline companies. The European Court of Justice has critizised the exchange of this data. Meanwhile, a new contract has been signed to overcome the critics. |
| Passive Authentication | The cryptographic mechanism applied to this process is the digital signature. This provides proof that the Logical Data Structure (LDS) and Document Certificate are authenticated and not modified but does not prevent 1:1 copying or chip exchange. |
| PIN | Personal Identification Number |
| PKI / Public Key Infrastructure | A method for authenticating a message sender or encrypting a message. |
| Primary Inspection | A regular part of border control through which all individuals must pass. This inspection may involve: * Authentication of the passport and the visa; * Verification of the document holder; * Identification of the document and the holder; * Questioning on entry, including checking the details of the place of departure/destination and whether an individual has a sufficient means of support while in a country; * Under certain circumstances, carrying out vehicle checks and examining items carried by passengers. |
| Public Key Infrastructure (PKI) | This refers to an IT system which issues, distributes and checks digital certificates. The certificates issued within a PKI guarantee that the holder of the certificate has the authorisation by a trusted authority and that the data contained in the message was not altered during transmission. |
| Registered Traveller Programme | An RTP could be implemented for a number of reasons. Solutions mainly used at airports are implemented to speed up the entry to the secure part of the airport. Registered travellers (RTs) are considered to be ?security cleared? and will also not be randomly selected for in-depth checking. Alternatively, the RTP could be a pure border control solution that gives RTs the possibility to use automatic gates. Both solutions are based on pre enrolment. |
| RFID / Radio Frequency Identification | A method of identification using radio frequency technology, which does not require any direct contact. |
| RFID Chip | A microprocessor chip which can be used to store or process information. The chips are divided into active and passive RFID. Active chips have their own source of energy (battery) whereas passive chips get their electricity from the reading device by way of induction. Simple chips are only used for logistics purposes while sophisticated chips include a crypto-controller to process information. |
| RSA | A computing algorithm for encrypting data, named after its inventors Ronald L Rivest, Adi Shamir and Leonard Adleman to provide extremely high security. |
| Schengen Agreement | An agreement by several European countries to abstain from checking passenger traffic at their internal borders, as well as establishing a joint external border. Countries that have already implemented the Schengen Agreement: * Belgium (26 March 1995) * France (26 March 1995) * Germany (26 March 1995) * Luxembourg (26 March 1995) * Netherlands (26 March 1996) * Portugal (26 March 1995) * Spain (26 March 1995) * Italy (26 October 1997) * Austria (1 December 1997) * Greece (26 March 2000) * Denmark (25 March 2001) * Finland (25 March 2001) * Iceland (25 March 2001) * Norway (25 March 2001) * Sweden (25 March 2001) Countries who signed the Schengen Agreement on 1 May 2004 are set to implement it between 31 December 2007 and 29 March 2008: * Czech Republic * Estonia * Hungary * Latvia * Lithuania * Malta * Poland * Slovakia * Slovenia Signatories yet to implement the agreement: * Cyprus * Switzerland EU members not to join the Schengen Agreement: * Ireland * United Kingdom |
| Schengen Information System (SIS) | A database which continuously compares the contents of the national SIS-compatible databases of all Schengen Agreement states. Currently, 13 EU member states, along with Iceland and Norway, use the SIS. The respective ministries of the interior operate the national SIS. It stores data related to the outer border controls or ?upstream border controls? in the area behind the border. The information is available to all Schengen Agreement states. The following information is stored as text: * Individuals who have received a residence ban; * Stolen objects; * Stolen or lost documents. |
| Schengen Information System II (SIS II) | The successor of SIS which can also store additional information such as graphic data, and enables extended search functions. Its data is used to check individuals at the outer borders of the EU or in the respective national territories and to issue visas and residence permits, as well as for co-operation between the police and judiciary in criminal matters. There are still discussions whether to include biometric data in SIS II or not. Operation of SIS II will start with some delay. |
| Seafarer ID | A travel document for seafarers introduced by the International Maritime Organisation which, in countries that have ratified the ICAO Convention, permits holders to go on land without a visa and to enter the community adjacent to the port of call. |
| Secondary Inspection | Thorough inspection based on sample checks or concrete suspicion from the primary inspection. If there is doubt as to whether a document is authentic or if verification with ePassport failed or was positive with a watchlist, or the traveller was identified on a watchlist, the individual is searched for on different databases. |
| Swipe Reader | A document reader which can only read the Machine Readable Zone (MRZ). To do this the MRZ of the ID document must be swiped through the device?s reading slot. |
| TAG/MRTD | Technical Advisory Group on Machine Readable Travel Documents. A subcommittee of ICAO responsible for the development of Machine Readable Passport standards. |
| Template | A file which contains only the information most needed to identify a previously captured biometric feature and which consequently takes up much less memory. To cut the amount of computer processing required, biometric methods can compare a reference template created during enrolment with a template of the live data captured. The similarity between the live and the reference template is sufficient for verification, because two biometric captures can never supply identical results. |
| Triple DES | A method of increasing the security of DES by encrypting three times with different keys. |
| US Visit | A US entry/exit system which saves data from all travellers who require a visa to enter the US. Biometric data is captured in the form of a photo and two fingerprints. Also recorded are name, gender, date of birth, nationality, passport number, place of issue, home address, visa number, data of issue and place of issue, registration number (if already assigned during a previous visit) and the address during the stay in the US. Exit is documented by comparing the stored biometric data and the passport. Various US authorities have access to the data, particularly immigration, border and police authorities, as well as consular offices. The data is taken directly from travellers. |
| Verification | Identifying whether a person is who she/he claims to be. |
| Visa | A permit to cross a country?s border. Usually only required for entry, seldom for exit, although the latter is required in countries such as China. It gives permission to stay in a country or group of countries for a limited period of time and is issued by the consulate (and/or the consular department of an embassy) of the country of entry. |
| Visa Information System (VIS) | This is designed to improve the issuing of visas in the Schengen territory. The EU plans to set up a Visa Information System (VIS) similar to the SIS. Work on it was commissioned in 2004. All embassies and consulates will consult the system for visa applications and save information to it about the applicant, including ten fingerprints. Embassies and consulates, border control and security authorities will also be granted access to the VIS. |
| Visa Sticker | A sticker with a unique serial number which is attached to the travel document when entry is permitted and which is regarded by the border control officers in the destination country as confirmation of permission to enter. |
| Visa waiver program | Enables nationals of certain countries to travel to the United States for tourism or business for stays of 90 days or less without obtaining a visa. |
| Watermark | When light shines through the paper of the ePassport?s data page, a multi-tonal watermark can be detected. |
