How can we manage the inevitable security erosion of chip-based documents? Eurosmart proposes a new approach.

How can we manage the inevitable security erosion of chip-based documents? Eurosmart proposes a new approach.

Sometimes, the security industry must make a critical balancing act between market realities and security. Chip-based documents are a prime example of this fact. Identity cards, passports and other documents usually have a long lifetime, typically ten years. That’s the reality of the identity document world. At the same time, they embed a chip (composed of hardware and software), the security level of which erodes over time. That’s the essence of cybersecurity. How to reconcile both things? Especially in a context of legal requirements that often ignore the reality of security erosion. Should all identity cards be removed and replaced as soon as a flaw is discovered?

Eurosmart proposes a new approach that addresses the interpretation of legal requirements (e.g., eIDAS Regulation) and the EUCC certification of chip-based documents. The outcome of this new approach would be effective risk management that is both pragmatic and in line with security needs.

Please have a look at our full paper (below) for further information.

Eurosmart_positionpaper_risk_management_ID_documents_09062022