ePassport reading – Machine Readable Travel Documents (MRTD)
ePassport reading is now possible for all µFR Series NFC Readers. This feature was introduced with the release of uFCoder library version 5.0.12.
All our µFR Series NFC readers now support reading data groups from NFC chip embedded in Machine Readable Travel Documents (MRTDs), including ePassports which comply with ICAO specifications.
Implementation supports Basic Access Control (BAC) mechanism for NFC chip access. BAC enable authentication and secure cryptographic communication channel with an NFC tag embedded in the MRTD. BAC is based purely on symmetric cryptography using 3DES algorithm and it is implemented according to ICAO 9303, part 11.
MRTDs Basic Access Control is supported in uFCoder library from version 5.0.12.
ePassport reading software SDK example
ePassport MRTD SDK example download link.
Download the project and start binary executable from the appropriate folder:
for a 32-bit Windows start the win32_release\run_me.cmd
for a 64-bit Windows start the win64_release\run_me.cmd
for a 32-bit Linux start linux32_release/ePassport_mrtd
for a 64-bit Linux start linux64_release/ePassport_mrtd
ePassport reading software example requires µFR reader device to be attached and configured to the PC. No other application or service using uFR reader should be running on the computer. After successful start of the “ePassport MRTD Example” you will get screen like the one below.
Now, you should choose one of the ‘M’ or ‘P’ options as stated in the application usage instructions on the screen.
If you chose ‘M’ option, you will be prompted with text:
You have chose to enter subjacent MRZ row located under the
Enter subjacent MRZ row. Subjacent MRZ row have to be 44 characters long.
Example of the subjacent MRZ can be seen on the photo below.
Otherwise, if you chose ‘P’ option you will be prompted with text:
You have chose to enter doc. number, date of birth and date of expiry separately:
Enter the document number. The document number should be 9 characters long.
Enter date of birth. Date format have to be YYMMDD.
Enter date of expiry. Date format have to be YYMMDD.
After you have entered the valid data, application will inform you with a message:
MRZ proto-key has been set successfully.
After this message you can continue with read operations on the NFC tag embedded in the ePassport.
Now you can put the ePassport in the µFR reader field. On successful communication you will get basic information about The NFC tag in the reader field. For example:
Tag type: DL_GENERIC_ISO14443_4, sak = 0x??, uid = ??:??:??:??
SAK and UID in this example are masked and they can have any arbitrary value. ePassports will be always be recognized like DL_GENERIC_ISO14443_4 tag type.
Now you can chose application reading options:
‘C’ – this option reads common data (EF.COM elementary file) from the ePassport. After successful reading, data is parsed and displayed in the following format:
EF.COM has been successfully read. File length is ?? bytes
Raw data: 60 xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx …
Parsing the EF.COM raw data:
LDS version is 01.07
UNICODE version is 04.00.00
Existing data groups list:
Raw data in this example is masked (xx xx xx…) for security purposes. When you read your own document, you will get its actual raw data here. You can read more about LDS version and UNICODE version in the ICAO 9303, part 10 document.
LDS and UNICODE version are followed by the data groups list that ePassport contains. Only DG1 and DG2 are mandatory. All the other data groups can be either present or not in the particular MRTD.
‘S’ – this option reads the document security object (EF.SOD elementary file) and saves it to the binary file which path and name you have to enter when you prompted. Document security object contains digital signature in the standard PKCS#7 CMS format. Presence of the EF.SOD on the MRTD is mandatory.
‘1’ – this option reads the EF.DG1, parse it and displays raw and parsed data in the following format:
EF.DG1 has been successfully read. File length is ?? bytes
61 xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx
xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx xx …
Simple parsing the EF.DG1 raw data:
Document code: P (ePassport)
Issuing State or organization: ???
Name of holder: SURNAME FIRST_NAME
Document number: ?????????
Date of birth (dd.MM.yyyy.): ??.??.????.
Date of expiry (dd.MM.yyyy.): ??.??.????.
Optional data: ??????????????
Raw data in this example is masked (xx xx xx…) for security purposes. When you read your own document, you will get its actual raw data here.
‘2’ – this option reads the EF.DG2 and saves it to the binary file which path and name you have to enter when you prompted. EF.DG2 contains document holder facial image and it is mandatory. EF.DG2 beside facial image could contain biometric facial features too. More about EF.DG2 content you can read in the ICAO 9303, part 10 document.
‘I’ – this option reads the EF.DG2 too. In this case only the facial image is extracted from the MRTD file and saved to the file which path and name you have entered. Image format is automatically detected and the file extension is set according to it. There are two possible image file formats defined for this context: JPEG or JP2 (i.e. jpeg 2000).
‘D’ – this option reads any of the elementary data group (EF.DG) files from the MRTD and saves it to the binary file which path and name you have to enter when prompted. After this option is chosen you will be prompted for EF.DG index. Index can be from the range 1 to 16 (e.g. 1 for EF.DG1 and 14 for EF.DG14). Elementary file you wanted to read must be listed in the EF.COM data groups list.
Current version of the “ePassport MRTD Example” is 1.0 an depends on the uFCoder library version 5.0.12 and uFR firmware version 5.0.22.
To browse or download other software examples visit our Gitlab Software repository.
For purchasing our devices, visit our official online store.
Feel free to contact our technical support if you have any questions about our software examples.