By Stephan D. Hofstetter, Editor CEN prTS 17489-5, Delegated Expert SNV, Managing Partner SECOIA Executive Consultants AG
This topic will be introduced in three parts:
Part 1: Setting the scene. What are breeder documents, why are birth certificates especially sensitive and important breeder documents, and why it is necessary to improve the situation after having introduced highly sophisticated travel documents and border management systems.
Part 2: the standardization effort. What research led to the standardization effort and who is conducting this work. What has been defined to date with respect to technologies.
Part 3: Trustframework and Policy. The standard in development expands on a trust and policy framework. What are the elements and outlook.
Part 2: The standardization effort
Who is the standardization body
The European Committee for Standardization (CEN) is recognized by the EU as being responsible for developing voluntary standards at European level. The members of CEN are national standardisation bodies (NSB) of 34 European countries. Besides these, CEN Partners are non-European NSBs and (European) Organizations.
Within CEN, the technical committee TC224 covers “Personal identification, electronic signature and cards and their related systems and operations”.
CEN/TC224/WG19 is the working group leading standardization activities, specifically for Europe, in the field of Breeder Documents.
The creation of this group has been informally requested by the European Union after funding of two projects on Breeder Documents and Passport confidence/security (e.g., ORIGINS[1] and FIDELITY). It was created by CEN/TC224 Decision 2016/2030. In that decision, CEN/TC 224 approved the creation of a working group dedicated to the standardization of Breeder Documents and invited AFNOR to start the process of the creation of the group, considering the importance of the topic for European standardization, by the end of January 2017. WG19 first meetings took place in March 2017 in Oslo, Norway.
The mandate
The terms of reference of Working Group are, that WG19 leads the standardization activities, specifically for Europe, in the field of Breeder Documents. It includes, but is not restricted to, data collection, application, issuance and renewal processes. The working group meets quarterly in physical meetings and optional remote attendance. It is part of the beforementioned CEN/TC224 and per march 2024 has 43 registered members from Austria, Belgium, Finland, France, Georgia, Germany, Iceland, Luxembourg, the Netherlands, Norway, Spain, Switzerland, United Kingdom, ANEC and ETSI.
CEN/TC 224/WG19 prepares the CEN/Technical Specification (TS) 17489 series “Secure and interoperable European Breeder Documents”. The document TS 17489 follows a normative process, but with informative criteria. Its aim is not to limit the form-factor of breeder documents, but rather the building of capacity of the issuance process and its review.
Connections with other organizations
WG19 entertains a formal liaison relationship with CEN TC224/WG18 (Biometrics), arranging both their working group meetings consecutively, whenever possible, to make use of potential synergies between both groups (such as on topics of breeder document biometrics for infants and children).
Otherwise, WG19 has no formal liaisons; however, group members ensure that their national authorities responsible for breeder documents, the European Commission and the ICAO New Technology Working Group are informed on the progress of the WG projects.
TS 17489 supports the International Civil Aviation Organization (ICAO) in the void of no ICAO standard on breeder docs to this date. Specifically, this standardisation effort supports the ICAO TRIP Guide on Evidence of Identity (EOI) objectives and the group is informally liaising with a newly formed task force in the ICAO ICBWG on reviewing and enhancing this guide, potentially endorsing the outcomes of TS17489.
The standards family TS17489
The standard TS17489 “Personal identification – Secure and Interoperable European Breeder Documents“ provides guidance to generate, manage and use secure and interoperable breeder documents across European countries. It presents a framework in which citizens retain the control of breeder document data and use them to support identity proofing and verification, and provides methodologies to assess and increase the level of trust in breeder documents. This document specifies methods for defining physical and logical/digital representations of a secure breeder document (hardware based, paper-based, server-based), securing breeder document processes, linking the document to its legitimate holder. The following types of breeder documents are in the scope of the specification: birth certificates, marriage certificates and death certificates. The following breeder documents management processes including first-time application, later-in-life registration of an identity, and content update (e.g., name-changing) are in the scope of this technical specification: registration, issuance, renewal, inspection/verification, and revocation. The specification of policies is out of scope.
The standard consists of five individual parts:
CEN/TS 17489-2:2023 - Part 2: Data Model
CEN/TS 17489-3:XXXX - Part 3: Basic technologies
CEN/TS 17489-4:XXXX - Part 4: Profiles for birth, marriage/partnership and death certificates
CEN/TS 17489-5:2024 - Part 5: Trust establishment and management processes
Part 1: Framework
This part provides...
General terms and definitions, references, symbols and abbreviations used throughout the Technical Specification (TS) series;
Specific terms and definitions, references, symbols and abbreviations that are relevant for a dedicated TS part only, may/should be listed in the dedicated TS part;
A general introduction on breeder documents; and
An informative overview of the framework to be specified in TS part 2.
Part 2: Data Model
This document specifies the abstract data model for breeder document data and the specific encodings of this abstract data model used in the CEN breeder document framework. The abstract data model is a semantic description of the birth, marriage/partnership and death certificate data, independently from their specific encoding. This abstract data model is extensible for further standardized and proprietary data of birth, marriage/partnership, and death certificates as well as for other types of breeder documents. This abstract data model is technology agnostic, e.g., it is applicable for paper-based, server-based and hardware-based breeder documents, as well as further breeder document designs and technologies. The specific encodings of this abstract data model comprise the encodings to be used for the machine-readable technologies specified in part 3 of the framework as well as the encoding of human readable breeder document data. These encodings are used in the birth, marriage/partnership and death certificate profiles specified in part 4 of the framework.
Part 3: Basic technologies
Part 3 specifies basic technologies to be used for paper-based, server-based and hardware-based breeder documents. This includes:
A visual electronic seal using a two-dimensional bar code which preserves the authenticity of the breeder document data;
A contactless chip to store breeder document data. The specification will comprise the following topics: contactless interface of the chip and the associated reader command set, file structure including the breeder document application and security protocols and the corresponding inspection procedures;
Verification mechanisms for breeder document data authenticity: offline verification, online/server-based verification;
The physical document including: material features, security printing techniques, copy protection and detection methods, personalization techniques, format, durability and verification mechanisms for physical security features.
Part 4: Profiles for birth, marriage/partnership and death certificates
Part 4 references to TS part 2 and 3 where applicable to specify; and
Profiles for birth, marriage/partnership and death certificates, which enable interoperability;
Technical inspection procedures for these profiles.
Part 5: Trust establishment and management processes
Part 5 is intended to be used by the authorities, both political and technical, to establish a minimum common basis across Member States. The guidance provided is informative, not normative.
The objectives are
To provide a common set of issues for the development of nationally implemented and internationally applicable procedures.
To place particular emphasis on the prevention of identity fraud, especially in relation to the use of breeder documents to obtain national and international identity documents.
Facilitate inter-agency confidence in the breeder documents issued through transparent reporting on the status of implementation.
ContributionIf your agency or organization has expert capacities and you want to contribute, you have several options: The first option is to formally contribute by registering with your National Standardization Body and requesting to be mandated to participate. This will allow you to actively contribute and have these aspects formally treated. If you want to share your insights without formal registration, you can reach out to one of the delegates known to you and ask them to consider bringing these with the group. You may also write to the editor of this article. However, we will likely not be able to engage in a dialogue beyond an automatic confirmation of receipt. |