Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
237  ICAO Digital Travel Credential ICAO DTC Guiding Principles ICAO recently published guiding principles for the use of digital travel credentials. These principles state that: ⢠The DTC must be at least as secure as an eMRTD. ⢠The information contained in the DTC must be derived from the travel document issuing authorityâs data from the eMRTD. ⢠Life-cycle management of the DTC may not be dependent on the life-cycle management of the eMRTD. ⢠Changes must not be needed in current eMRTD standards or issuing process for authorities not intending to issue DTCs. ⢠Revocation of a DTC must not result in the automatic withdrawal of the eMRTD associated with the DTC. ⢠Revocation of the eMRTD must automatically revoke all underlying DTCs. ⢠A DTC must always be issued by a travel document issuing authority (ICAO 2020). Implementation of DTC There are three types of DTC: ⢠Type 1 â eMRTD bound: consisting of a virtual credential only, with the eMRTD as a physi- cal authenticator. ⢠Type 2 â eMRTD + physical credential bound: consists of a virtual credential and a physical credential in addition to the eMRTD. ⢠Type 3 â physical credential bound: consists of a virtual credential and a physical credential but no eMRTD. Life Cycle of a DTC The Guiding Core Principles for the Development of Digital Travel Credential (ICAO 2020) includes an overview of the creation of DTC as well as a discussion of the three types of DTC and of DTC validity, unique identifiers, use by a traveler, invalidation, and revocation. Best Practices in the Use of DTC As DTC and eMRTD are similar except for their form factor, verification of a DTC by a receiving entity requires the same procedures and same levels of scrutiny as for the eMRTD. The potential risks resulting from the use of the DTC are similar or identical to those of the A P P E N D I X N
238 Airport Biometrics: A Primer eMRTD. Suggested best practices include preventing unauthorized access to the virtual compo- nent of the DTC during transmission or when stored, use of passive authentication and verifying the issuing authority is a trusted entity (state), and checking that the virtual component is not an unauthorized copy by verifying the physical component. Risk Analysis Many of the risks associated with DTCs are shared with eMRTDs. Some core risks are unique to the DTC. Guiding Core Principles for the Development of Digital Travel Credential differ- entiates between risks that are shared with the eMRTD and those that are unique to DTCs and suggests some mitigation strategies (ICAO 2020). Other considerations, such as the use of diplomatic, official, and other passports, involve recognizing the potential impacts or lack of standardization. Because the DTCâs Logical Data Structure 1 (identity and document information only) does not hold additional data such as visas and travel history, the use of DTCs could have an effect on traditional risk management activities performed by border control and other authorities when deciding whether to board or admit a traveler. Logical Data Structure 2 can support the additional information, but first- generation DTCs will not support this functionality. The storing of multiple DTCs on a single device needs to be carefully considered to ensure that all the potential exploitations of vulner- able groups are addressed.