ID documents provide reliable citizen identification, including both physical identification of person by an authorised person and an online authentication of citizens when using public administration portals.
ID documents are a basic means of citizen identification. All of us use them on a daily basis and thus guarantee that we are the person who we identify as. There are multiple types of ID documents, such as ID cards, passports and health insurance cards. All of them contain data whose precision and reliability are of key importance. Some types of ID documents contain a completely standardized data format, like passports do, while the format of other types of documents, as well as the data they contain, is determined on a national level in accordance with the local legislature.
The Identity Document Management System (IDMS) platform is a unified solution which performs the entire action of ID application processing, document manufacturing and its issuance. The platform consists of multiple modules which manage the biometric acquisition process, verification of the enrolled data, biometric person deduplication, blank document logistics and the delivery of the document itself. Apart from the above mentioned processes which are directly included in the processing of an ID document application, the platform supports all of its necessary administrative actions such as creating reports and managing operator access rights.
The first step in the ID document issuance process is always application enrolment. Enrolling an application refers to collecting the applicant’s textual demographic data, scanning paper documents and often during this process, biometric data is also collected (fingerprints, facial photos, iris scan…). After collecting all the data successfully and creating an application for an ID document, further processing of this request entails an entire set of predefined steps.
Firstly, the data collected is verified, as well as the applicant that submitted it, which is followed by the application approval process conducted by an operator. The operator in charge of application approval firstly consults the verification results and then decides on each individual request. Approved ones are sent to personalization in order for the ID documents to be created.
Document personalization is a process where data from the approved application is pressed onto a blank document. Personalised documents are then placed in packages that contain the parcel’s barcode, after which they are transported to appropriate issuance locations.
The issuance processes begins with determining the identity or qualification of the person to receive the document, followed by the actual reception of the document. If the document contains biometric data of the applicant, before the document reception, a biometric verification of the person receiving the document is conducted against the biometric data in the document (e.g: fingerprint comparison to the fingerprint stored in a passport chip).
Collecting textual demographic data, scanning paper documents, as well as enrolling biometric data
Verifying if the data collected is complete as well as automatic execution of system checks of the application content.
Final application approval by the operator. Approved applications are sent to personalization.
Prepared citizen data is pressed onto a blank ID document thereby ascribing it to its owner.
Personalized documents are handed to the citizens in appropriate system branch offices, all with an appropriate citizen identity verification.
The key system concepts which are controlled by the platform are: the ID issuance request, the document, the individual, the inventory, personalization machine operator and the parcel.
To support the manufacturing and use of various ID documents, NetSeT has created an entire palette of applets stored on the chip of the ID document. Each of the applets comes with a middleware software which enables the communication with the applet.
The platform also includes a complete set of ICAO PKI components for chip data protection and chip data access control, including Country Signing Certificate Authority (CSCA), Document Signer (DS) and full support for Extended Access Control (EAC).
Apart from ICAO PKI, the platform supports the management of X509 digital certificates for electronic signature which can be placed on the document chip during manufacture and which can later be accessed by using the corresponding middleware components which are also a part of the platform.
In the PKI section, you can find more information about NetSeT’s applets, supported ICAO PKI components and X509 certificates.