One major advantage of the electronic passport is that it provides significantly greater protection against falsification. This level of security is achieved by using public key cryptography, which guarantees data integrity, authenticity and confidentiality.

To control reader access to the microchip, two methods have been defined based on the criticality of the data concerned. These methods, or protocols, are: Basic Access Control (BAC) and Extended Access Control (EAC).

Access to the chip’s sensitive data by the reader (Inspection System, IS) is secured thanks to a mutual authentication mechanism, based on a PKI using a ISO7816 compact certificate format.

The EAC PKI model can be used to issue and manage IS certificates :

The Sequoia^® suite CVCA and DVCA modules, which complement the CSCA/DS products, enable full implementation of the e-Passport PKI.