Hong Kong Electronic Passport (e-Passport)

My first contactless chip project is Hong Kong Electronic Passport. HKSAR e-Passprot was introduced on 2 Feburary 2007. Press release http://www.immd.gov.hk/ehtml/20070101.htm
Some of security features and characteristics can be found here: http://www.gov.hk/en/residents/immigration/traveldoc/hksarpassport/characteristics.htm

The chip platform is MULTOS. The on-chip application is ICAO compliant and had been undergone interoperability tests with other e-Passport readers during the interoperability test in Berlin.

The on-chip application can also support Extended Access Control (EAC) defined by BSI which was endorsed by EU. ICAO supports the further development of EAC based on the EU EAC.

Develop on-chip application - Electronic Passport

Talking about the hottest on-chip applications, Electronic Passport (e-Passport) must be on the list and should be in top 3. Electronic Passport is considered as a "killer app" on smart card. Electronic Passport is standardized by an international organization called "ICAO". Its functions include:

- Basic Access Control (BAC)
- Active Authentication (AA)
- Passive Authentication (PA)

Previously you can download the draft technical document from ICAO website. But now you have to purchase Doc 9303 in order to implement e-Passport.

http://mrtd.icao.int/

Besides, EU had endorsed Extended Access Control (EAC) defined by BSI. BSI EAC defined following mechanisms:

- Chip Authentication
- Terminal Authentication

This standard can be downloaded free from:

http://www.bsi.bund.de/fachthem/epass/EACTR03110_v110.pdf

I have implemented on-chip e-Passport application for several countries. The implementation is in compliance with the ICAO and EU standard and support all the functions described above. Plan to share my experience in this blog. Welcome any question or suggestion on specific topic about ePassport.

在MULTOS晶片上寫程式 - 電子護照

數近期最熱門的晶片程式, 電子護照必定上榜, 也必定入三甲. 電子護照可算是智力晶片的"killer app"之一. 電子護照是由國際組織ICAO 所制定的,它的功能包括有:

- 基本访问控制 Basic Access Control (BAC)
- 動態驗證控制 Active Authentication (AA)
- 被動式認證 Passive Authentication (PA)

前一陣子你可以在ICAO 網頁下載有關電子護照標準的草案, 現在楆準已制定, 你需要購買Doc 9303去實現電子護照.

http://mrtd.icao.int/

另外, 歐盟(EU) 認可由 BSI 制定的延伸動態驗證控制 Extended Access Control (EAC). 建議會員國可選擇實現BSI EAC 於電子護照. 此標準包含兩個主要的協議:

- 芯片認証 Chip Authentication
- 終端認証 Terminal Authentication

此標準可免費下載:

http://www.bsi.bund.de/fachthem/epass/EACTR03110_v110.pdf

我在幾個國家的電子護照項目中擔任編寫其電子護照在晶片上的程式, 實現了以上由 ICAO 及 EU 所認定的標準. 希望可以藉此部落分享經驗.

Develop on-chip application on MULTOS

MULTOS is an open platform smart card operating system. Everyone can exercise one's creativity on this little chip.
You can download development kit from:

http://www.multos.com/developer/smartdeck/

It is, of course, FREE!
You can also find lot of information for development from the above site. Tones of document, look difficult but actually they are not. It take about two weeks to study the document and you will have a pretty good picture about MULTOS.

I have 8 years of experience in writing on-chip application on MULTOS. I would like to share my experience with you in this blog.

If you have any comment or question, feel free to drop me comment.

在MULTOS晶片上寫程式

MULTOS 是個公開平台的晶片操作系統, 所有人也可以在這小小的晶片上發揮創意.
你可以在:

http://www.multos.com/developer/smartdeck/

下載development kit. 當然是免費的.

你也可以在以上網站找到developer 所需要的資料, 網頁有很多文件, 看似很艱深, 其實不是. 只是需要些耐性, 用心細讀, 約兩個星期你便可以有相當的認識.

我會在這個blog 上和大家分享我寫 MULTOS on-chip application 的經驗.
如果你有什麼心得或問題, 歡迎留言.