In line with the strategic goals of the OSCE, the largest regional security organisation in the world, the OSCE’s Action against Terrorism Unit (ATU) has developed a comprehensive programme on Travel Document Security (TDS). The TDS programme comprises several interrelated components that promote the security of identities, documents and borders. Christopher Hornek highlights the OSCE’s strategic goals regarding the future of travel documents as well as the key components and achievements of the TDS programme.
With 57 participating States from Europe, Central Asia and North America, the Organization for Security and Co-operation in Europe (OSCE) is the largest regional security organisation in the world – a primary instrument for early warning, conflict prevention, crisis management and post-conflict rehabilitation. It has 16 missions or field operations in South-Eastern Europe, Eastern Europe, South Caucasus and Central Asia.
The OSCE deals with three dimensions of security: the politico-military; the economic and environmental, and the human dimension. It addresses a wide range of security-related concerns, including arms control, confidence and security building measures, human rights, national minorities, democratisation, policing, and counterterrorism. All 57 participating States of the OSCE enjoy equal status and decisions are taken by consensus on a politically, but not legally binding basis.
Electronic travel documents: the OSCE’s strategic goals
With a view to the future of travel documents, the OSCE has two clear strategic goals:
• strengthening identity management
• bringing border control up to the speed of biometrically enabled travel documents
Strengthening identity management
With the introduction of electronic machine readable travel documents (e-MRTDs), the physical security of travel documents has noticeably increased. Moreover, through the proper use of Public Key Infrastructure the electronic biographic and biometric data contained on electronically enabled travel documents can be validated with essentially 100% assurance of authenticity. Due to this successful ‘lockdown’ on the document, individuals or groups who want to use travel documents for terrorist activities or other illegal purposes apply for legitimate documents under false identities and pretences. The acquisition of false identities, through either deceit or corruption, is an underlying threat to all travel document issuing systems.
In addition to this threat, another important issue in this area is the de novo introduction of electronic passports without integration with or use of identity management data from existing passport issuing databases, as witnessed by the OSCE. This widely spread disconnect between passport systems exposes a newly introduced e-Passport to vulnerabilities that can weaken identity management and border security. Therefore, when implementing an e-Passport programme, a government should consider wider strategic concerns and take due account of the needs and requirements of all the various agencies and ministries involved in issuing and inspecting travel documents.
As our identity is verified nearly every day for purposes other than travel, claiming and establishing one’s identity has become a ubiquitous task and one which will only grow, especially in cyberspace. To accommodate wider implications of the development of identity management systems and identity/travel documents, the OSCE Transnational Threats Department works closely with the OSCE Office for Democratic Institutions and Human Rights (ODIHR) to promote a comprehensive approach to identity management, an approach that incorporates human rights aspects into antiterrorism work. ODIHR has sound experience in this area as it has been managing a programme promoting freedom of movement and migration in the OSCE area.
Bringing border control up to speed
Comprehensive border control promotes border security and facilitates cross-border movement, the two principles underlying the travel documents inspection process. Centralising information about passport bearers and travel documents is an excellent means of modernising a country’s travel document inspection processes, as it permits accessing this information and carrying out an inspection via one machine-assisted transaction. The border control officer is able to ensure the authenticity of the-Passport, conduct law enforcement and database checks and critically, verify identity by matching the document to the bearer. The machine-assisted check ensures consistency and standardisation of the data being checked and recorded and makes control procedures faster and more comprehensive. In fact, border control in the 21st century will revolve around the inspection of the traveller and the accompanying e-MRTD.
Currently however, passport control in the OSCE is lagging behind the capabilities of the travel document and much modernization needs to be conducted for the border to catch-up to the new technologies being deployed by ePassports. This situation is compounded by the fact that eMRTD technology itself is a moving target with continuous introduction of new technologies such as Supplemental Access Control (SAC) and Logical Data Structure 2.0,to name just two. This not only impacts some issuing agencies, who could be misled as to what is a minimum requirement and what is an optional security benefit, but also presents clear interoperability issues at the border.
Promoting the ICAO Public Key Directory
The 2009 OSCE Ministerial Council Decision No. 11 takes note of the ICAO’s work to develop the ICAO Public Key Directory (PKD), a globally interoperable validation system for e-MRTDs that significantly improves border security measures and thereby contributes to counter terrorism and to the prevention of illegal cross-border activities. The Decision also notes that it is an ICAO-recommended practice that States issuing or intending to issue e-Passports and/or implementing automated checks on e-Passports at border controls should participate in the PKD. It also calls on the participating States to consider becoming participants in the ICAO PKD, subject to administrative and financial resources, and thereby to contribute to enabling border control and other relevant national authorities to validate digital signatures of e-MRTDs.
In early 2009, when the OSCE began its initiative to promote the ICAO PKD, only six OSCE participating States had signed up to the Directory. Since then this number has jumped to 20, and four OSCE Partners for Co-operation have also joined. Nonetheless, only 33 countries out of more than 100 states issuing e-Passports are currently participants of the PKD. The OSCE tries to bridge this gap by organising workshops to promote understanding of the benefits of participation in the PKD and of its administrative, financial and technical aspects. In addition to the May 2010 OSCE-wide workshop co-organised with ICAO and attended by 200 participants, such capacity-building events have been held in Uzbekistan, Moldova, Kyrgyzstan and Albania.
In addition to promoting participation in the ICAO PKD, the OSCE is also encouraging the use of the PKD to validate e-MRTDs at the border as a precondition for an integrated travel document control. After the travel document has been established as genuine through PKD, further checks can be conducted using a number of tools. They include, but are not limited to, Interpol databases, exit/entry records, travel history, visa databases, traveller screening through Passenger Name Records (PNR) and Advance Passenger Information (API) and biometric verification to ensure that the document, the identity and the traveller all match.
Travel Document Security Programme
The OSCE Secretariat, under the direction of the Secretary General, provides operational support to the organisation. Based in Vienna, one of the thematic units the Secretariat houses is the Action against Terrorism Unit (ATU), part of the Transnational Threats Department (TNT). Established in 2002, the ATU is the organisation’s focal point for co-ordinating and facilitating OSCE initiatives and capacity-building programmes in combating terrorism.
The ATU has developed a comprehensive programme on Travel Document Security (TDS). The programme was initiated by OSCE participating States to prevent terrorist movement through the development of law enforcement tools that would address in a comprehensive manner concerns related to terrorism, policing and border management, and fight other transnational threats such as illegal migration and illicit trafficking in all its forms.
The TDS programme comprises several interrelated components that promote the security of identities, documents and borders:
• To help secure identities, the OSCE seeks to improve the documents, civil and population registration systems and other methods and processes used to verify and/or validate a citizen’s identity during the travel document application process. Ensuring respect for human rights and the rule of law is an indispensable element in the OSCE’s work on securing identities.
• To promote document security and commensurate border inspection, the OSCE supports the introduction by its participating States of e-MRTDs with biometric identifiers and their participation in the ICAO PKD, a vital tool for border control as it allows effective validation of the authenticity of electronic security features and biometric data stored in electronic travel documents.
• To strengthen border security the OSCE facilitates access by its participating States to passport control databases, including the Interpol database for Stolen/Lost Travel Documents (SLTD), thereby enhancing border management systems in order to better capture, verify, share and analyse information on cross-border movements.
• While new technologies are increasingly being used in travel and identity documents, in many OSCE participating States the capacities at the border for machine-assisted inspection still lag behind. The OSCE helps the countries to address this through technical assistance projects that modernise equipment, as well as by training border officers on identifying forged documents with the use of basic forensic tools.
Achievements within the TDS programme
The OSCE has organised workshops, seminars, training courses and study visits in the area covered by the Travel Document Security programme, as well as training on the identification of forged documents.
Workshops, seminars, training courses and study
Since 2003, the OSCE has organised more than 55 workshops, seminars, training courses and study visits in the area covered by the Travel Document Security programme. The geographic focus was on Central Asia, and a strong partnership was established with the region. More than half of the projects were completed there, with more than 800 out of a total number of 1,600 participants coming from Central Asia.
A flagship example is Uzbekistan, which hosted three events and sent more representatives to OSCE travel document security events than any other participating State of the OSCE. In 2010 the OSCE together with ICAO developed a set of recommendations to accompany the roll-out of Uzbekistan’s electronic passport system. Based on the OSCE/ICAO report, the OSCE delivered legal, technical and policy advice for the introduction of Uzbekistan’s e-Passport, donated 32 passport enrolment stations for the Uzbekistan Interior Ministry and held a seminar on ICAO PKD issues.
From 2007 to 2010 the OSCE managed a project in Moldova that provided the country’s Border Service with the hardware and web services to access Interpol databases in real-time. Initially, access was rolled out to 16 border control points – on the borders to Romania and Ukraine and at the Chisinau and Iasi international airports – and 11 police stations. Subsequently the
Moldovan authorities took ownership of the project and extended Interpol database access to 23 border control points. At the conclusion of the project, Interpol experts trained Moldovan border, customs and police officials in using the equipment to access the databases. To enhance integrated passport control, the OSCE donated more than 50 electronically enabled passport scanners to the Moldovan Border Service to be able to use the ICAO PKD in practice through verifying digital signatures of e-Passports.
The Moldova project has proved very effective, with statistics indicating that the number of queries from the Moldovan border is very high, both in absolute and proportional terms. Equally impressive is that Moldovan authorities have shared more than 460,000 domestic records with Interpol’s SLTD database and more than 1,000 records with the Stolen Motor Vehicle (SMV) database. This enables border control officers throughout the world to flag Moldovan documents or vehicles due to criminal use.
Kyrgyzstan and Tajikistan
Building on the momentum developed in Moldova and on the lessons learned from this country, the OSCE and Interpol designed similar projects for Kyrgyzstan and Tajikistan to connect border control points in each country to Interpol’s databases. The project objectives in these two Central Asian countries, which share a long and complex border, also included the development of domestic databases and enhancing inter-agency co-operation between relevant agencies.
Forged Document Training
Many OSCE participating States still lack proper equipment at the border to effectively inspect the growing volume of e-Passports in circulation. Thus passport control officials in many places in the OSCE region still have to resort to handheld physical detection methods. The OSCE repeatedly received feedback from its participating States that their border control officers who do not have recourse to machine-assisted optical verification of document security features are unable to keep track of newly designed document security elements, as well as of new forgery methods. To help address this issue, the OSCE implemented a training programme entitled Increasing Operational Awareness to Detect Forged Documents, developed by the Austrian Federal Interior Ministry. Since September 2007, the OSCE ran this course 18 times, including for border officials from Afghanistan at the OSCE Border Management Staff College in Dushanbe. The course material was subsequently adopted by FRONTEX as a European best practice.
Training on forged documents identification as part of the OSCE Travel Document Security programme was identified by the OSCE office in Skopje and is jointly implemented by the Action against Terrorism Unit and the Borders Unit of the OSCE’s Transnational Threats Department. Officials from passport, customs, drug control and forensic authorities take part in the course to strengthen their operational and analytical capacities and gain necessary skills to detect forged documents. The training course typically lasts two weeks, but can be tailored to the needs of the beneficiary. Training modules cover such issues as document printing, document security features and document forgery methods as well as their means of identification. To enhance the practical skills of the trainees and encourage interaction between the trainers and the students, the OSCE donates basic forensic equipment to help participants identify forgeries. Through a competitive examination at the end of the course, promising students are identified who are in a position to further disseminate these skills as national trainers and to maintain an international co-operative network on exchanging the latest forgery trends and methods.
To further promote international co-operation on this important topic, the OSCE is stepping up its collaboration with the Joint Interagency Counter Trafficking Center of United States European Command, which works to counter the spread of narcotics and other global threats, such as terrorism.
The TDS programme, developed by the OSCE’s Action against Terrorism Unit, has provided initiatives, knowledge, training and equipment to its participating States. This has resulted in improved electronic travel documents and their verification, thus increasing border security. Within its geographic remit, the OSCE will continue its efforts on the cutting edge of travel document security by further developing existing programmes and projects and by identifying innovative responses to challenges in important growth areas, such as identity management and bringing border control up to speed. The basis for this lies in the OSCE’s role as a force multiplier to provide a platform where standards, expertise and donor contributions come together to help participating States of the OSCE better protect their citizens’ identities and their borders.
Christopher Hornek joined the Organization for Security and Co-operation in Europe’s (OSCE) Transnational Threats Department/Action against Terrorism Unit in 2003. Under the supervision of the Unit’s leadership, he is a programme manager for Travel Document Security, the TNTD/ATU's largest programme. In this capacity Christopher has nine years of dedicated experience concerning identity management practices, travel document security standards and border inspection techniques. He was responsible for developing the 2009 OSCE Ministerial Council Decision promoting the ICAO Public Key Directory, a vital border control tool.