E-passport manufacturer Semlex in emerging market with new technologies and security features
The e-passport market is poised to grow by USD 12.09 billion during 2023-2026, accelerating at a CAGR of 11.7% during the forecast period. The increasing number of air passengers is notably driving the e-passport market growth.
The market is expected to be driven by the rise in the use of advanced verification methods and devices to detect identity fraud, the presence of advanced airport infrastructure and facilities, the growth in the number of people traveling to cross-border destinations, and the increasing adoption of e-passport solutions by developing nations.
Rise of the E-Passport
The APAC region is ready to contribute significantly to the growth of the e-passport market, accounting for 36% of the market’s growth during the forecast period. China, in particular, is a key player in this market. Notably, the e-passport market in APAC is expected to grow at a faster rate than in other regions, driven by the rising number of air passengers in the area.
In March 2023, Singapore Airlines (SIA) and its subsidiary, Scoot, witnessed a remarkable surge in passenger numbers. They carry a combined total of 2.7 million passengers.
This represents a month-over-month increase of 14.1% and is three times the number of passengers in March 2022. Scoot’s passenger count soared to approximately 947,600, marking an incredible 638.6% rise from March of the previous year. Meanwhile, SIA carried roughly 1,773,900 passengers in March, reflecting a year-over-year increase of 132%.
The group’s passenger capacity in March was 10.9% higher than in February 2023, reaching 79% of pre-Covid-19 levels in January 2020. Therefore, governments across the Asia Pacific are actively working on enhancing their passport technology and services due to the increased demand for international travel and the mounting concerns over border security.
This demand for air travel has prompted governments across APAC to prioritize improving their passport services to have better travel experiences and border security.
Hamad International Airport (HIA) announced in February 2023 that it had served over 58 million international passengers in 2022. London Stansted Airport has invested £260 million in its airport, including its security area, for the use of smarter scanning technology to minimize passengers waiting time.
The most dominant vendors for e-passports are Semlex Group, De La Rue Plc, IDEMIA France SAS, Thales Group, and Infineon Technologies AG.
The International Civil Aviation Organization, a specialized UN agency prioritizes efficiency, safety, security, environmental responsibility, and economic stability within the civil aviation sector. In addition, its policies have significantly influenced the e-passport market. These standards have shaped how Semlex has developed its products.
As of now, 193 member countries follow ICAO standards in their domestic civil aviation operations and regulations, and both governments and Semlex are collaborating to ensure that they meet these standards to align with global aviation practices.
Despite the positive outlook for the e-passport market, a significant challenge to its growth is the threat of brute force attacks. While communication between the e-passport and a session key can encrypt the reading device, a hacker can still use different combinations of parameters.
They can still use the passport number, expiry date, and birth date to guess the session key. Furthermore, a hacker can obtain passport-related information by hacking into other platforms. These include international databases of hotels, airlines, and other platforms requiring passport details.
As e-passports become more widely adopted, governments around the world will continue to face major concerns over the threat of brute force attacks. It is crucial to implement effective security measures to safeguard personal information and prevent unauthorized access to sensitive data.
This is one of several reasons why Semlex uses EAC (extended access control). It is a security mechanism they use to protect biometric data such as fingerprints and iris scans. EAC restricts access to this data to the issuing country and countries that have authorization from the issuing country.
EAC uses a chip-dedicated asymmetric key pair and uses elliptic curve cryptography. The issuing country digitally signs the public key. The microprocessor contains the corresponding private section, which has an unreadable design.
The chip authentication process allows the terminal to verify that the chip contains the private section of the key. This makes it difficult to clone the ePassport.
According to Semlex Group, to clone an ePassport, an attacker would need to compute the microprocessor’s private key. It is a computationally intensive task. This is the Discrete Logarithm Problem and requires huge computational resources even for practical key sizes.
For example, a brute-force attack on a 1024-bit DH public key would require 2^73 operations, while a 256-bit ECDH public key would require 2^128 operations. These calculations would need to be performed over several decades. This is possible by using a large-scale computer network, which far exceeds what’s practically possible.
Semlex uses EAC advanced cryptography and key authentication mechanisms that make it extremely difficult to clone an ePassport. The huge computational resources required to break the system make cloning practically infeasible.