THE ANGOLA NATIONAL ID CARD

Download Keesing Journal of Documents & Identity, issue 34, Feb 2011. Introducing a more functional system. In the mid-2000's, Angola began its ...

2 downloads 742 Views 1MB Size
Cases analysed

The Angola National ID Card Advanced document security for a widely dispersed population



by Uwe Ludwig

The Republic of Angola in south-central Africa is bordered by Namibia to the South, the Democratic Republic of the Congo to the North, and Zambia to the East; its West coast is on the Atlantic Ocean with Luanda as its capital city. Now engaged in rebuilding its infrastructure following a long period of civil war, Angola held its first democratic elections in 16 years in September 2008. In the mid2000's, the government decided to replace its outdated national identity documents with an ID card system that was not only counterfeit-resistant and durable, but would also provide proof of identity to its entire population - a daunting task given that the majority of its 16 million citizens live in remote, widely dispersed rural areas.

Introducing a more functional system In the mid-2000’s, Angola began its search for a replacement for its citizen ID document, in order to address a number of problems. The government was unable to enumerate its population, track known criminals, or readily identify refugees at its borders. Furthermore, the widespread use of false documents and ID theft exposed the nation to increased security concerns at a time when its new democratic government was being established and global insecurity was on the rise. Because of very limited technology and transport infrastructures outside of its major urban areas, Angola’s previous centralised card issuance system had never been able to reach its largely rural population, many in remote locations. The government therefore specified a solution that would allow for distributed data capture and issuance, and a credential that would

enable the secure storage and transportability of digital personal, biometric and demographic information stored on the card itself.

Requirements The new ID system was designed to meet multiple criteria: safeguard personal data, store substantial amounts of information directly on the card, including two fingerprint biometrics and iris images, a birth certificate and demographic data, and easily enable individuals to be matched to their biometrics by inspectors. Moreover, the frequent absence of any communications infrastructure required the ability to instantly read the card’s data without access to a network. Delivering these criteria demanded the deployment of the most counterfeit-resistant document possible, with secure and high capacity portable data storage, and very strong visual security attributes.

Uwe Ludwig holds a degree in electronics, engineering and computer science of the Technical University of Wuppertal, Germany and has held a number of international sales and marketing positions in card industry companies. He joined LaserCard in 2004 and is currently vice president of sales, EMEA, as well as managing director of two companies acquired by LaserCard. He has been directly involved in the development and implementation of some of the largest secure government ID card programs.

Keesing Journal of Documents & Identity, issue 34, Feb 2011

25

26

Cases analysed Figure 1 A mobile enrolment and issuance truck.

Furthermore, the government’s vision was to provide one legal identity per person both as a cornerstone of citizenship and a building block of democracy. They specified that the new program should be of outstanding quality, looking to the US Green Card in particular as an example of one of the world’s most robust, large-scale and effective long-term programs. Features ranging from counterfeit-resistance to durability and, above all, multiple levels of visual security led them to select a card program based on optical security media technology.

Selecting the card design was just the first step in the process, however. Key to the delivery of the project were consulting, system design, software development, integration, installation, training, and ongoing support and skills transfer. Program deliverables included enrolment and data capture systems, the credential issuance infrastructure and secure database integration and implementation. A consortium of international and local partners created an ambitious program designed to deliver the most secure, durable and flexible ID program Figure 2 One of the mobile data capture and card issuance units that are deployed troughout Angola's 17 provinces.

Keesing Journal of Documents & Identity, issue 34, Feb 2011

Cases analysed ICAO Figure 3 Angolan citizens enrol for the new ID card.

in Africa, including a satellite-connected mobile card issuance system that could reach all citizens, even in the most remote rural areas. Because of the sparse infrastructure, it was essential that the ID card is capable of storing all required biometric and personal data, be profoundly tamperproof, and enable documents to be confidently validated by relatively inexpert examiners, without network connections.

LaserCard Corporation In 2008, Angola selected optical security media-based ID credentials from LaserCard Corporation for the

program. The selection was based on the reputation of optical security media for uncompromised digital security, high storage capacity, durable construction, off-line credential authentication and confident visual authentication and ID verification. The design of the Angola national ID card enables the easy addition of further applications and functions including proof of the right to vote and, in the future, access to government services. These capabilities were built into the systems and card design from the outset, so that future implementations will require little more than new software applications.

Figure 4 A urban ID issuance, service and support centre, supporting the entire card personalisation system.

Keesing Journal of Documents & Identity, issue 34, Feb 2011

27

28

Cases analysed

Box Card Issuance Angola’s personalisation procedures were designed to follow a structured, carefully controlled series of secure steps and processes to ensure one credential per person, despite the difficulties of operating from multiple centres and, in many cases, mobile units in remote locations. Operators have been trained in data capture, personalisation and issuance techniques to support security at each stage, whether in a mobile unit or an urban centre. Procedures include fingerprint biometric checks to verify operator actions and record the identity of operators at each stage of the process, data security systems and processes to protect citizens’ private information and audit trail tracking of each card through the system. Angola’s processes for card issuance include: • Collection and validation of the applicant’s personal data, and control of the quality of the biometric images captured, to ensure reliable future ID verification. • Background checks on each applicant’s biometric information to prevent multiple applications and ensure one identity card per individual. • Secure transfer of data to the personalisation printing, laser-engraving and data encoding onto the optical security media. • Automatically linking each individual item of card stock via a unique serial number to the applicant’s database record as part of the audit trail. • Full quality assurance inspection of each machine-readable technology - barcode, machine-readable text (OCRB) and optical security media - is verified and cross-referenced against the cardholder’s database record. The card is also thoroughly visually inspected. • Each individual decision point and personalisation stage is activated via operator biometrics, preventing unauthorised use of the system and producing a permanent traceable record of operators’ interaction with the system. • The finished card is issued only after a successful one-to-one match of the cardholder’s fingerprint against the template stored on the credential. Angola’s fingerprint matching system has already prevented a number of fraudulent attempts to obtain credentials using false identities. • The database is then updated and the card management system records the process as complete.

Secure credential design The card, which was launched in October 2009, is made out of laminated polycarbonate that meets stringent durability requirements, as certified by an independent laboratory. It features state-of-the-art high resolution, multi-colour security offset printing, including covert features and special inks, together with optical security media on the reverse side. To support reliable visual document examination, the optical media incorporates layered eye-visible authentication and security features such as first, second and third line micro-image security features resolved at > 24,000 dpi, as well as a tamperproof ‘Personalised Embedded Hologram’. This is a high contrast, high resolution facial image of the legitimate cardholder irreversibly laser-etched as an optical variable device into the optical media itself. The optical security media stores: • the cardholder’s digital colour portrait; • demographics • fingerprint and iris images; • templates for automatic identity verification. Keesing Journal of Documents & Identity, issue 34, Feb 2011

The stored data is completely tamperproof since the optical media data recording process is physically irreversible, while it can be updated as needed by authorised personnel using secure equipment.

Card issuance systems and support to serve remote communities The government of Angola also engaged LaserCard’s Professional Services group to deliver a decentralised card personalisation system solution, optimised for ease of use and efficiency, and featuring a ‘job dispatcher’ interface enabling card printing to commence automatically as soon as each credential has been approved for issuance. The solution has been fully integrated into the government’s network system and deployed into approximately 160 fixed and mobile personalisation centres throughout Angola’s 17 provinces and the city of Luanda (figures 1-3). In addition, the card program deploys mobile data capture and card issuance units, from which data is sent back to the centres via secure satellite transmission, or uploaded in batches once the mobile

Cases analysed Figure 5 Many Angolan citizens are experiencing the benefits of ID card ownership for the first time.

units return to a city data centre. The mobile units also undertake issuance of the final ID credentials to outlying areas. In order to obtain their new ID card, each cardholder must provide a fingerprint and/or iris scan, which is matched against the biometric data on the card. Although the program is currently at a relatively early stage of issuance, this has already been found to have prevented a number of attempts at fraud. LaserCard’s Professional Services group and local solution provider DGM Sistemas LDA also collaborated to establish a local service and support centre in Luanda, which provides hardware and software support for the entire card personalisation system (figure 4). From the outset, all partners on the project worked closely with the Angolan government to fulfil the nation’s vision for a sophisticated ID program that meets the on-the-ground realities of its population, climate and security challenges.

Although the program is in its early stages, it is rolling out on time and on budget. The program has been made possible both by the government support, and by an ecosystem of strong partners. It has been driven by local champions who saw the potential for an outstanding ID credential program that would become one of the building blocks of Angola’s democracy. As a result, citizens in all parts of the country are experiencing the benefits of ID card ownership, many for the first time ever.

The close collaboration paves the way for a wellmanaged and effective system, with stable and reliable card issuance. The program partners continue to provide the program’s operators and service technicians with operational and technical support on a regular basis. This serves both to minimise disruptions while also providing knowledge transfer and facilitating the ongoing security and smooth rollout of the program.

A major step forward for a newly democratic nation This program has been designed to be the most secure and durable ID card system in Africa - no other country on the African continent boasts a similar system.

If you would like to respond to the contents of this article, please send an email to [email protected]

Keesing Journal of Documents & Identity, issue 34, Feb 2011

29