Passports, Visas and Driving Licences: ICAO 9303 and Security Printing

ICAO 9303 Part 9 specifies the e-Passport chip architecture: a contactless integrated circuit (typically conforming to ISO/IEC 14443, the contactless smart card standard) embedded in the passport cover or within the biographical data page substrate. The chip carries Data Groups (DG1 through DG16) containing the MRZ data, the holder's facial image (DG2), fingerprint templates (DG3, DG4, access-controlled), iris images (DG5, DG6, access-controlled), and other national data groups.

Access to chip data is controlled by three mechanisms specified in ICAO 9303: Basic Access Control (BAC), Extended Access Control (EAC), and Password Authenticated Connection Establishment (PACE). BAC uses the MRZ data printed on the biographical page as a cryptographic key to derive a session key, which means the chip data can only be read by a device that has optically read the MRZ (preventing contactless skimming of the chip without physical possession of the passport). EAC provides a second access control layer, governed by certificates issued by the inspecting state, to access fingerprint and iris data groups. PACE, the successor to BAC, provides a more cryptographically robust key-establishment protocol using the document's Card Access Number (CAN) or MRZ data.

Passive Authentication (PA) is the mechanism by which the chip's integrity is verified without contacting the issuing state in real time: the chip stores a Document Security Object (DSO), which is a digital signature by the issuing state's Document Signer Certificate (DSC) over a hash of each Data Group. Any modification of chip data breaks the hash and hence the DSO signature. A border control reader verifies the DSO against the issuing state's DSC, whose chain of trust is published on the ICAO Public Key Directory (PKD). A chip that fails Passive Authentication indicates data modification (tampering with the biometric or the MRZ DG1 data).

Active Authentication (AA) prevents chip substitution: the chip contains a private key used to sign a reader challenge; the public key on the chip is authenticated via the DSO chain. A chip transplanted from a different genuine passport fails Active Authentication because the private key does not match the public key in the DSO.

For a forensic document examiner, the chip examination workflow begins with a contactless card reader and specialist software (PassiveAuth, JMRTD, or proprietary border-system tools). A failed Passive Authentication or Active Authentication result is a forensic indicator of electronic data manipulation and must be reported alongside the physical examination findings.

The biographical data page of a contemporary ICAO 9303-compliant passport concentrates more security-printing technology per square centimetre than any other document in ordinary civilian use. The specific combination of features varies by issuing state but the ICAO 9303 minimum specifications (combined with the recommendations from the ICAO NTWG, the Technical Advisory Group on Machine Readable Travel Documents) produce a common core across major-issuing states.

The Indian passport (redesigned series from 2021) carries: a laser-engraved portrait and biographical data (laser engraving burns the printed layers to produce a permanent, tactile record resistant to the chemical bleaching attacks that affect inkjet-over-paper designs); a colour-shift OVI ghost portrait in the lower right of the biographical page; microprinting in the page border and in the background security print; UV-fluorescent security printing in a pattern visible under 365 nm UV across the biographical page surface; and a polycarbonate data page (replacing the earlier laminated paper page) in which the biographical data is embedded within the polycarbonate layers rather than printed on the surface, making delamination attacks that allow photo substitution unsuccessful because the portrait is within the material rather than on it.

The UK passport (redesigned 2019, manufactured by De La Rue) uses a similar polycarbonate laser-engraved biographical page and adds a KINEGRAM holographic foil patch on the biographical page and on the inside front cover. The KINEGRAM shifts between a gold-tinted Royal coat of arms and a full-colour image of the holder depending on the viewing angle. The US passport (redesigned 2021, manufactured by the US Government Publishing Office's Security and Intelligent Documents Unit) uses a polycarbonate laser-engraved data page with a colour-shifting electronic-pattern OVI element, UV-fluorescent inkings across all biographical data fields, and a microprinted border. German passports (Bundesdruckerei) use a similar polycarbonate architecture with KINEGRAM, laser engraving, and a microprinted security laminate.

Visa labels (affixed to passport pages by consular officers) carry their own security features: for Schengen visas, the Schengen visa sticker (produced by the EU's centralised security printer) carries a KINEGRAM stripe, OVI numeral, guilloché background pattern, UV-fluorescent security inks, and laser-personalised holder data. Indian visas (affixed by Indian Missions abroad) carry a security laminate with holographic elements and microprinting.

INTERPOL and FRONTEX (the EU's border and coast guard agency) classify travel-document fraud into six primary categories, which are used consistently across law enforcement in India (NCRB data), the UK (National Document Fraud Unit, NDFU), the US (Department of Homeland Security's Document and Benefit Fraud Task Forces), and EU member states.

Counterfeit documents are those produced without authority from scratch, replicating a genuine document's appearance. These are the most easily detected category because they must replicate all security features simultaneously, which requires either access to genuine security-printing equipment and materials (rare) or substitution of simulated features that fail under laboratory examination.

Fraudulently altered documents are genuine documents that have been modified: name change, date of birth change, date of expiry extension, or visa validity modification. Alterations to printed data on a laser-engraved polycarbonate page are physically extremely difficult because the data is in the polycarbonate matrix; alterations to the older laminated paper pages are detectable through laminate disturbance, ink-layer anomaly, or substrate thinning from scraping.

Photo-substituted documents are genuine documents with the original biographical page photograph replaced. In older laminates and in some issuing states' pages with insufficient laminate adhesion, the photograph could be lifted and replaced. Modern polycarbonate pages defeat this attack because the portrait is laser-engraved within the material. Residual cases involve: lifting the laminate and re-laminating with a replacement photograph; trimming and re-inserting a photograph into an intact laminate; or applying a second photograph layer over the first with adhesive, detectable as a raised portrait edge under the laminate.

Page substitution involves replacing one or more interior pages of the booklet (visa pages, endorsement pages) or, in extreme cases, the entire biographical data page. Modern passport sewing and binding techniques leave detectable disturbance: thread pattern mismatch, adhesive residue at the spine, page-thickness discontinuity at the substituted page.

Impersonation fraud presents a genuine document used by a person other than the rightful holder. No physical alteration has occurred; the forensic document examiner has no role in detection (facial comparison by trained border officers or biometric systems is the detection mechanism). However, the associated ePassport chip carries the genuine holder's fingerprints and facial biometrics, which fail biometric comparison against the impersonator at a border equipped with biometric verification.

Look-alike fraud is a variant of impersonation where the fraudster selects a genuine document belonging to a legitimate holder who physically resembles them. Detection relies on the examiner's facial comparison skill and on biometric comparison. In EU border operations, FRONTEX training standards include facial comparison methodology under the standardised FRONTEX detection methodology (now incorporated in the EU Border Guard Common Core Curriculum).

The forensic examination of driving licences presents a different challenge from passports: there is no single global standard equivalent to ICAO 9303. The forensic examiner must first correctly identify the claimed issuing authority, locate its security printing specification, and then examine the suspect document against that specification.

In the United States, the AAMVA (American Association of Motor Vehicle Administrators) issues the DL/ID Card Design Standard, which specifies the physical and digital security architecture for state-issued driving licences and identity cards. The standard requires: a PDF417 barcode on the back carrying the encoded holder data; a magnetic stripe (on many states); UV-fluorescent security printing; microprinting; and, in the REAL ID Act compliant versions, a machine-readable zone conforming to ICAO 9303 TD1. The DL format varies significantly by state: a California DL differs in security feature arrangement from a New York DL, which differs from a Texas DL, creating a substantial reference-collection burden for examiners.

EU Directive 2006/126/EC (implemented from January 2013) standardised the EU driving licence format across member states: credit-card size, polycarbonate substrate (in the most recent implementations), laser-engraved holder data, holographic overlay, and consistent field layout with common EU cat code and standardised validity dates. Post-Brexit UK driving licences maintain an identical format to the EU specification as a matter of continuity but are now domestic documents rather than EU community licences.

Indian driving licences are issued under the Motor Vehicles Act 1988 (amended in 2019) and the Central Motor Vehicles Rules 1989. The "Smart Card" driving licence format introduced from 2001 uses a polycarbonate or PVC smart card with an embedded microchip (carrying the holder's data and photograph), laser-engraved or printed holder data on the front face, and a holographic overlay. The Sarathi application (Ministry of Road Transport and Highways) drives the central data system for licence issuance. Forensic examination of suspect Indian DLs must verify: smart card chip data consistency with printed data; holographic overlay continuity (overlay disturbed at portrait or date-of-birth area indicates substitution attempt); and colour-shifting or UV-fluorescent elements in the design.

Common alteration targets on DLs across all jurisdictions include: date of birth (changed to extend use by under-age holders); expiry date (extended to maintain validity); and, in non-polycarbonate cards, photograph substitution through laminate lifting. The physical detection methods parallel those used for passports: transmitted-light inspection, UV examination, oblique-raking-light laminate examination, and microscopic ink-layer examination.

FRONTEX (European Border and Coast Guard Agency) coordinates travel-document fraud detection across EU external borders, operating EUROSUR (European Border Surveillance System) and FADO (False and Authentic Documents Online), a multi-state database of genuine and fraudulent document images accessible to border officers across EU member states and associated countries. FRONTEX's Document and Identity Fraud unit issues the European Document Fraud Risk Analysis, an annual report classifying fraud types by document, nationality, and detection point. The document-fraud taxonomy described above derives from FRONTEX and INTERPOL classification systems.

INTERPOL's Document Fraud branch coordinates globally, maintaining the INTERPOL Stolen and Lost Travel Documents (SLTD) database (containing over 100 million records of passports and identity documents reported lost or stolen by member states) accessible in real time to border systems in 190 member countries. A passport whose chip Active Authentication fails but whose document number appears in the SLTD database provides two converging lines of forensic and intelligence evidence. INTERPOL also maintains the reference library of genuine travel-document specifications, accessible to national forensic laboratories through the I-24/7 secure network.

In India, the National Crime Records Bureau (NCRB) collates travel document fraud data under its annual Crime in India report. Passport fraud cases are investigated by the Passport Seva Kendra-linked regional passport officers in coordination with local police, with referrals to state FSLs or the CFSL for forensic examination. The Bureau of Immigration (BoI, Ministry of Home Affairs) operates the integrated Foreigners Division, which coordinates with Indian Missions abroad and with INTERPOL on suspect travel documents detected at Indian international ports.

The UK's National Document Fraud Unit (NDFU) is the specialist examination unit for identity and travel-document fraud in England and Wales, staffed by Home Office and UK Border Force document examiners. The NDFU maintains the UK's reference collection of genuine and fraudulent documents and provides expert witness services in criminal trials involving document fraud. The NDFU contributes to FRONTEX training programs and to the EU's PRADO (Public Register of Authentic travel and identity Documents Online), which provides publicly accessible sample images of genuine documents for basic officer training.

1. Document identification
   Identify the claimed issuing state, document type (passport, visa, DL), and issue series from the biographical page, cover design, and MRZ state code. Locate the reference specification for that document before beginning detailed examination.
2. General visual examination
   Assess overall condition, cover design, page layout, and binding integrity. Note any asymmetry, page-thickness variation, loose binding threads, or laminate disturbance inconsistent with age and use.
3. UV examination
   UV lamp at 365 nm: check substrate fluorescence, UV-reactive security inks, thread or fibre position, and serial number ink reactivity. Compare against reference specification.
4. Biographical page detailed examination
   Oblique raking light: assess laminate continuity, portrait-edge profile, and surface topography of laser-engraved fields. Stereo microscope at 10x-40x: ink-layer profile at alteration-suspect fields, MRZ character integrity, microprint quality.
5. MRZ verification
   Visually verify OCR-B character conformity. Manually verify check digits for document number, date of birth, date of expiry, and composite check digit. Any mismatch between VIZ and MRZ is an alteration indicator.
6. Chip examination (e-Passport)
   Read chip with contactless reader and PassiveAuth/JMRTD software. Verify Data Group hashes against Document Security Object signature. Test Active Authentication challenge-response. Failed PA or AA indicates electronic data manipulation.
7. Report and database check
   Cross-reference document number against INTERPOL SLTD database. Report examination findings including fraud-type classification (counterfeit, alteration, photo substitution, look-alike, impersonation) and supporting evidence.