The creation of a new identity document always involves many stakeholders, each with high expectations. Designing a new ID document is very much about managing these expectations and making decisions while creating something truly unique. The design process often involves several teams and at least one lead designer. As each team has their own specific requirements, there are many decisions and internal approvals. Success often depends on the active involvement of decision makers from the beginning. Part 1 of this article series describes the pre-design process, while Part 2 highlights some best practises for the actual design creation process.

The design process of security documents is complex as there are many stakeholders, each with their own requirements. This is why there is a lot of literature about specifications for identity products and solutions. As graphic designers play a key role in the creation of ID document designs and face many complex decisions, there is a need for a dedicated product design specifi­cation: a statement of how a design is to be made and what it wants to convey. In this article we will consider the graphic designer’s point of view when it comes to creating a security document. In Part 1 we will introduce the product design specification (PDS), its six require­ment subgroups for the design and layout, and how each of them impacts the design. As there is a multi­tude of requirements to be met, it is helpful to have a PDS available from the beginning of the design creation. There will be many difficult choices to make and a PDS helps designers get these right from the start.

Product design specification

Expectations for ID documents are always set high, with many stakeholders contributing and rules and regulations to be respected.[1] When there is a conflict between requirements, careful priorities and compro­mises are needed. Designing a new ID document is very much about managing expectations and making decisions while creating something truly unique.

Figure 1: The six requirement subgroups of a PDS.

Product design specifications make the creation of a design easier and more predictable. A PDS brings together all points of view regarding the creation of a design each with their own specifications. These specifications can be divided into at least six subgroups (see Figure 1). We will discuss each of them individually in this article.

A good example of the use of a product design speci­fication is De Heij’s banknote design policy published in 2012.[2] It specifies what the design wants to convey and describes requirements that affect the artwork and layout. It helps ensure that the new ID document meets the users’ needs and that it can be produced within the limitations of the processes available. It is important to distinguish between the product design specification, which defines how a design is made, and a product specification, which provides critical defining information about the product itself. These statements are meant to complement each other.

Although some of the six main subgroups that make up a PDS are very technical and specific, and others are more subjective, they are all equally important. Ideally, a PDS is available when a design creation begins, as it makes it easier to make the right choices from the beginning.

Standards and legislation

Standards are the basics for all ID documents and are usually a good starting point for a project. Of the subgroups in Figure 1, it is one of the most straight­forward to understand, although there are a few challenges designers may encounter in this subgroup. Standards or requirements for ID products may exist at global, regional and country level. If there are conflicts between these requirements, the designer has to decide which one takes priority. However, the biggest challenge related to standards is interpreting them correctly and checking whether the final result is in compliance. For instance: If the standard contains illustrations or drawings, should they be considered as an example to follow or the example to follow?

Some rules or standards may be very precise and not allow any flexibility (for example, the rainbow split in the EU e-Resident Permit, which has been specified down to two decimal spaces). Others are hard to measure, such as the standard for international driving licences, which should have a 30% pantone 198 colour. And the challenge with the American AAMVA-compliant driving licence cards is simply that there is lots of information to incorporate.

In the worst cases, a standard is in direct conflict with requirements from other subgroups. Standards may limit the use of some security features, or fitting large amounts of personal data on a card may affect readability.

Machine readable elements

Machine readable elements are mandatory in ID documents. Some documents even have several of them: machine readable zones with OCR-B font, a card serial number, a card access number, barcodes and even chips. These elements are based on a few well-known reading technologies (OCR, UV, IR). Machine readable elements must be robust, reliable, quick to read and easy to integrate with the rest of the ecosystem.

Some machine readable elements are created purely for security and tracking purposes, such as the ones with diffractive optically variable devices (DOVIDs) or additional tracers. Regardless of the purpose of the element, it is a must for the designer to have a good understanding of the functionality and its limitations in order to design it properly.

Requirements in this subgroup are often given the highest priority when the functional layout is designed. This should ensure the best possible functionality, with high reading rates. However, a 2016 study highlights that: “The majority of confirmed cases were attributed to errors within the personalisation system rather than physical deficiencies of the passport (such as improper materials or construction).”[3]

User experience

Although there have been decades of in-depth studies into visual and tactile perception, there is still very little research focusing specifically on the user experience of ID documents. In terms of user experience, ID documents have a lot in common with banknotes, hence the findings on banknotes are also relevant for ID documents.

The group of people who verify ID documents is very large and diverse and includes users ranging from law enforcement officers to civil servants. However, most of them have similar needs, such as good readability and easily recognisable elements, as well as durability and easy handling in various conditions. Documents can, for example, be designed to be more wear-resistant by adding embossing in various positions in order to protect against scratches. Well-designed documents show only a minimal amount of visible change during the validity period.[4]

ID documents usually contain a lot of data protected by security features and a compromise has to be found between user experience and protection. One of the design challenges is to enable quick verification of personalised data by making these as large and clear as possible while protecting them with security features.

Developing a good user experience through product design is a challenge if samples or prototypes are not available. Relying on simulations alone without access to real materials and processes may lead to poor interpretations.

Involving representatives of minorities such as the visually impaired in the decision making as early as possible is very important. For example, Braille letters on polycarbonate are barely 1/20th of the standard height and without using trials user expectations may not be met. Some tailored solutions have been introduced to the market, but standard solutions are not yet available for ID documents.


Artwork can be many things: a means to convey beauty or feelings or it may carry an explicit or implicit message. Both the artwork and the decision-making process regarding the artwork should be adapted for different customs and cultures. Designs are based on choices, opinions and emotions and there are no rights or wrongs here. In most projects decisions regarding artwork are a complex process, but it does not always have to be this way. Defining objectives for the artwork (referred to as a ‘design brief’ by De Heij[2]) is as important as other specification subgroups, although slightly different and not necessary as explicit. The following deliverables are commonly used in artwork specifications: the design brief, the design theme and the design concept.

Design brief

A design brief is a guideline for new artwork which contains definitions to improve the mutual under­standing between customer and artist(s). A design brief can prevent a large number of iterations, which would have caused an overwhelming workload. An effective design brief is also the single most important factor in ensuring the success of the design.

Design theme

The design theme is a recurrent, underlying objective that ensures the overall consistency of the design or artwork of a family of products. This description may contain one or some ideas, messages or feelings that the design should convey.

Figure 2: Different approaches for deciding on the design theme.

Design concept

Based on the design brief and design theme, the design concept expresses the new artwork, theme and message that the design wants to convey. The concept aims to illustrate the new design which is later com­plemented with details. It helps the designer and stakeholders understand the look and feel of the ID document and its various parts.

Gathering ideas for the new design themes is easy and even requesting proposals is doable, whereas it is much more challenging to choose the winning pro­posal. Whether a jury or a round of votes decides on the design, it is good practice to involve experts from different areas to submit and enhance proposals. However, for most issuing authorities the selection methodology depends on local culture and customs.

When building the design concept, it is important to keep in mind that the security features of the document have to be embedded within the artwork. A visually appealing design does not necessarily provide the best basis for a secure document.

Many methods have been tested, and these usually resemble one of the two opposite approaches shown in Figure 2.

The selection method usually depends on the level of public engagement as there are many possibilities and each of them requires time and resources. Engaging the public is one of the important trends and modern technology makes this relatively easy. For example, the Finnish police involved the citizens in the design process, asking them to submit ideas during the Nordic Travel Fair in January 2016. Themes for the Egyptian passport could be submitted via social media. In Norway external parties were invited to submit design proposals for ID documents and the winner was selected by a jury.

Whatever the method used and design theme chosen, it needs to be explained and translated to those who actually turn it into a security document. A product design specification could be a useful tool for this.

Design for manufacturing

The best ID documents are those designed with process capabilities and material limitations in mind. Although design for manufacturing (DfM) is easily considered as only of interest to suppliers, the best results are actually achieved when all stakeholders contribute. In this article the DfM subgroup covers materials, processes and people, as it is very difficult to make the best choices if these are considered independently from one another.

DfM is relevant throughout the life cycle of the ID document. The most critical phases are actually the tendering process and the implementation, when all the baselines such as references, tolerances and service level agreements are set. The challenge begins with defining the DfM subgroup specifications correctly and as early in the process as possible. How can we specify document requirements in order to receive acceptable quotations that meet the fundamental requirements of the document? Finding an answer to this may require a whole new article, or even two.

However, from the designer’s point of view there are usually two main approaches. Defining security features during the tendering process often narrows the design possibilities, and consequently some great possibilities may be left out. Another approach for the tenderer is to request a solution against specified security threats and allow suppliers to create tailored and innovative solutions that meet the actual need. These alternative approaches each have their own advantages. The latter allows suppliers to show the full potential of their solutions which usually feature DfM.

If DfM is not considered from the very beginning, the opportunity to achieve the best possible solutions may be missed. During implementation the key is to involve all stakeholders and make joint decisions in order to utilise the strength of each step in the process. Variations are possible at each step of the process and it is up to the designer to minimise the impact of those variations on the final product.

Threat profile

Identifying current counterfeiting and forgery capabili­ties can help estimate the expected life of proposed solutions, another important factor in the PDS. ID document fraud is usually categorised as follows:[5]

  1. counterfeiting
  2. alteration
  3. recycling parts of genuine documents
  4. theft of blank documents
  5. misuse of a genuine document by an imposter

For each potential misuse of an ID document it is worth composing a threat profile and taking measures to prevent misuse of the newly designed document. A threat profile describes security threats and misuses, and analyses these in order to identify protection solutions. In principle, securing the document is a partly iterative process which could consist of the following steps:

  1. define existing misuses and threats
  2. qualitative analysis of misuses
  3. identify solutions
  4. attempt to attack, break or hack the solutions
  5. improve the solutions
  6. implementation

Qualitative results are needed in order to compare the results of counterfeiting processes with those of the authentic ones. For example, when it comes to printing microtext, offset printing would achieve a noticeably different line thickness compared to alternative methods. It is not only alternative processes which should be compared with the original ones, but also alternative materials and the repeatability of processes. Decisions about how colour, split fountains and artwork are implemented can create a significant deterrent to counterfeiters if the press setup used to produce a genuine document is disguised.[6] In addition to basic problem-solving methods, creating a proper threat profile requires the right network of people and the right tools. And finally, testing the solution is as important as knowing the production technology.


Creating a design involves many intermediate decisions and approvals, and the key to success is the active involvement of all decision makers from the start of the process. Part 1 of this article series was about building the mutual vision for the new product using a product design specification. A PDS can help stake­holders make the right decisions from the start, as well as help document designers lead the artwork in the right direction and help them create the details. Part 2, which will appear in the upcoming KJD&I’s Annual Report on Identity Management, will highlight some best practices for the actual design creation based on a product design specification.


1 Intergraf (2013). The end of official dullness. Infosecura, Vol. 55, pp. 8-11.

2 De Heij, H. (2012). Designing Banknote Identity. DNB Occasional Studies, Vol. 10, No. 3.

3 MacManus, D. (2016). Is Your Passport Compliant? Reconnaissance: ID & Secure Document News. [Accessed 1 August 2018].

4 Fawer, U. (2009). The Czech Republic e-Passport. Keesing Journal of Documents & Identity, Vol. 30, pp. 1-3.

5 Gemalto (2018). Passport security features: 2018 report Anatomy of a secure travel document. [Accessed 1 August 2018].

6 Zlotnick, J., Brough, J. and Eberhardt, T. (2016). Interrupting traditional counterfeiting workflow, Part 1: Colour and split fountains. Keesing Journal of Documents & Identity, Vol. 49, pp. 14-19.

Previous articleRecent impact in Optical Machine Authentication
Next articleCashless versus cash
Toni Kaskiala has worked for Gemalto for 13 years, developing, imple­menting and designing security products, and also spent a few years as a Development Manager of their ID production site. Toni holds several patents related to producing security documents and security features. Over the years he has been involved in over 100 delivered projects and has been fortunate to work closely with many clients. Currently, Toni leads the Security Design Department, which creates between 20 and 30 cards and 2 to 5 passports every year.