Why ePassport is good for Non Face 2 Face eKYC and Digital Identity, ePassport Data Schema & Cryptography and use case around the world.
PS. now available on both Android (+ NFC) and iPhone 7 up.
5. A digital signature on an ePassport is derived from the
issuing State's security certificates—the Country Signing
Certification Authority (CSCA) Certificate and the
Document Signer Certificate (DSC). Together, the
signature and certificates form a trust chain wherein one
end is securely anchored in the authority of the issuing
State and the other end is securely stored in the chip of
the ePassport as the Document Security Object.
To validate an ePassport at an international border, the
border control system retrieves the Document Security
Object from the chip. Its authenticity, and by implication
the authenticity of the ePassport, can be proven if the
signature checks against the DSC and if the DSC checks
against the CSCA certificate.
https://www.icao.int/Security/FAL/PKD/Pages/ePassportBasics.aspx
ePassport Signing
6. ePassport Cryptography
This asymmetric encryption (PKI) method is used to create the digital
signature found in ePassports.
For ePassports, the purpose of encrypting the information is not to
keep it secret. After all, the information can be easily read on the data
page of the ePassport. The process of encrypting and decrypting is
designed to detect if the data stored on the chip has been modified
and to confirm the authenticity of the data.
When conducting ePassport validation, passive authentication (PA) is
the process of validating the authenticity and integrity of the
content of the chip of an ePassport by verifying the digital signature
on the document using the public keys of the issuing State
https://www.icao.int/Security/FAL/PKD/Pages/ePassportBasics.aspx