US ePassport – Gemalto passes go with GPO


​​​Last updated 10 August 2017

In August 2012, the Government Printing Office (GPO), responsible for supplying the US Department of State with ePassports​, has awarded Gemalto with a second consecutive five-year contract.

Gemalto first partnered with GPO in 2006 following stringent evaluations to meet agency requirements. Gemalto is to supply its latest ICAO-compliant electronic covers as well as support for the lifetime of the agreement. In 2016, the State Department issued 18.6 million ePassports to American citizens.

US ePassport  

Gemalto is one of only two vendors to be selected after a rigorous selection process for the supply of the US ePassport program.​

On December 17, 2014, the name of the GPO was officially changed to "Government Publishing Office".

US passport: facts and figures

As of August 2017, the U.S. Department website​ is reporting passport processing times of approximately six to eight weeks. Expedited passports take about three weeks but cost an extra $60 to process. 

The passport fee for a new adult document​ is $135 for standard processing and standard delivery, and a renewal costs $110. The U.S. passport is valid for 10 years for citizens of 16 or older when the passport was issued. For citizens of 15 or younger when your passport was issued, validity is 5 years only.

The authorities have issued 18,676,547​ new passports for 2016​​. Over 2015 by 3 million. 

The State Department projects Americans will apply for 21 million passports in 2017 and 20.4 million in 2018​ in a recent interview​ given on May 3, 2017 to Federal News Radio.

Discover no​​w 10 cool ​facts about the US passport.​


​What happens at border control? ​

The micro-controller included in the U.S. passport represents a highly secure feature in itself. In the case that a counterfeiter successfully manages to change the portrait and citizen information on the datapage, the data in the chip cannot be accessed and altered. Any tampering attempt can be detected since the altered data will not compute correctly, as it has not been signed and authorized by the Issuing Authority.​​ 

The following steps describe the typical semi-automatic verification by a Border Control Officer, to explain the exchange of information and the security mechanisms at work. The processes for electronic gates or mobile terminals are similar.

Infographic: What happens at passport control?

(Click to enlarge the infographic)

  1. The traveler arrives at the control point and presents the passport.
  2. ​The officer swipes the data page through a special reader to read the two lines of printed characters (known as Machine Readable Zone or MRZ) on the bottom of the datapage.
    This allows the generation of a session key to access the microcontroller and read the data stored in it, using the Basic Access Control (BAC) mechanism defined by the ICAO. This guarantees security as it requires access to the passport to be able to read the chip and thus prevents eavesdropping.
  3. The officer holds the passport over another reader, that uses contactless protocol, to read the micro-controller. The information is then displayed on the monitor, along with the picture. The officer can check that the information stored in the micro-controller and printed on the data page are the same. 
  4. The chip has been signed by the Issuing Authority's ce​rtificate. The system can automatically check the validity of the certificate by accessing the Public Key Directory managed by ICAO which handles the certificate exchange between participating countries.
  5. Several automated checks can take place:  Search in Interpol's Lost & Stolen Travel document watch list, to check if the document is listed there, as part of an identity theft attempt to illegally enter the country;  Search in the databases of the Ministry of Interior and Ministry of Foreign Affairs databases according to Customs and Border Protection procedures put in place , to track fugitives or people deported in the past.​​

Press Release

Read our Press Release