Estonian ePassport solution


​​Gemalto is supplying the Citizenship and Migration Board of Estonian Republic with its complete ePassport solution for the Estonian electronic passport.

Under the terms of the contract, Gemalto provides the Estonian authorities with a turnkey solution, from manufacturing and binding of passport booklets to the implementation of the personalization system in the premises of the Citizenship and Migration Board, part of the Interior Ministry.

Gemalto is manufacturing the travel documents based on its Sealys ePassport, including a powerful microprocessor for biometric​ identification. First deliveries started in early 2007.

Gemalto is also providing the Estonian authorities with Coesys Issuance solution​, configured for central issuance in the premises of the Citizenship and Migration Board and for color photo printing by inkjet technique.

Furthermore, Gemalto provides its Coesys Enrolment solution​​​​ including software and equipment for capturing and digitizing the data, picture and signature.

ePassport in Estonia under UV

Supplemental Access Control (SAC) for Estonia

​Today, the Estonian ePassport integrates the SAC protocol as a European Union country member.

This new set of security features is an evolution of BAC (Basic Access Control) aimed at ensuring future-proof security in electronic travel documents. It is similar in function to BAC and ensures that the contactless chip cannot be read without physical access to the travel document and that the data exchange between the chip and the reading device is encrypted

Due to its simplicity, BAC turned out to be a very successful protocol and it is now used in almost every ePassport. Unfortunately, BAC’s level of security is limited by the protocol’s symmetric (secret key) cryptography design and there is no straightforward way to strengthen it. 

 SAC offers dramatic advantages over first-generation techniques and is taking advantage of the past 30 years of public key research and analysis with the use of elliptic curve cryptography.

It is based on Password Authenticated Connection Establishment (PACE v2). During the authentication phase, it implements asymmetric cryptography and bases data encryption on a shared key between the reading device and the chip. Data confidentiality is thus enhanced and eavesdropping becomes impossible.

Read the Press Release [PDF - 46kb]

 Get Inspired

  • Special multimedia feature: eGov leader Estonia

    Special multimedia feature: eGov leader Estonia

    An in-depth look at how Estonia built its digital infrastructure from scratch.

    Visit the microsite

  •  Digital Life in Estonia

    Life in Estonia

    Sustainable development in the digital society: a mindset

    Read more