Electronic Signature Trusted Identity Card
One Person - One Identity
ELSIG

Identification systems based on paper documents have been subject to widespread fraud and identity theft.

An ID card and ID card system must be secure - i.e. resistant to fraud, ID theft, and counterfeiting. A secure personal ID card must be suffficiently diffficult to produce, be protected by security design features so that it is extremely difficult to counterfeit and be able to invalidate itself when tampered with.

A key requirement for any identification system is the ability for the system to be upgraded without needing large investments in new infrastructure. Having a smart ID device which supports existing authentication infrastructures and which can compare the biometric at the point of interaction allows more flexible identity authentication with less impact on privacy. This is because it is not necessary to record whom passed a security point, only to verify that the individual's identity had previously been authenticated.

A biometric template is an encrypted hash of the actual biometric itself. Once created, the template is digitally signed and locked into the 2D bar code by the issuing authority. Any attempt to 'overwrite' would not be authenticated by the issuing authority.

What types of information need to be stored on the personal ID card? A typical secure personal ID card will include text information about the individual (name, address, ID number), compressed photo image, one or more biometrics and security functions (such as digital signatures and public/private keys).

Effectiveness of the (Multi)-Biometric Trusted identity Card (Off-line verification ability)

The secure ID card
1. Easy and certain authentication
2. Resistance to tampering
3. Multiple Biometrics

Methods of defeating card security....
Counterfeits /simulation
Counterfeit from cannibalized cards
Alteration of the card
Photo/signature substitution
Theft of card components
Impersonators
Imposters

Since the biometric data is encrypted and stored, a lost or stolen ID-card can never be used by someone else, even if the card is read by a PDF scanning terminal, such as a hand operated scanner or card reader. The major advantage of this system is summarised as follows:

• biometric data to confirm the card ownership
• authenticated encryption
• independence to an online data base system
• operational in a mobile stand-alone environment

ELSIG will be certificated with the number BSI-ITSEC-102 by the BSI (Bundesamt fur Sicherheit in der Informationstechnologie), a similar organisation to NSA (National Security Association) in the United States. This product is the first one being certified by European Governmental Association.