By Ken Ebert

In the world of digital identity, there are many kinds of digital credentials competing to take the place of physical identity documents, so that the porous border between the real and virtual world can be easily crossed. For example, the European Union recently published its specification for digital identity (eIDAS 2.0), which will govern digital identity for over 500 million people, and many countries and states have been experimenting with digital driver’s licenses (mDL).

None of these digital credentials or standards for digital credentials, however, match the DTC standard for digital trust. The DTC — or Digital Travel Credential — is a standard created by the International Civil Aviation Organization (ICAO), the global body responsible for the universal standards governing the information and formatting of physical passports so that governments can be confident that the bearer is the named identity and allowed to cross a border.

The same rigorous standards are applied to creating the digital equivalent of a passport, namely the DTC. There are two types of DTC: the first is created by a person from their passport; the second is issued directly by the passport office to the intended bearer.

Indicio and SITA were the first in the world to successfully implement a Type 1 DTC, and it’s now being adopted by countries and airlines for seamless travel.

Here is why a Type 1 DTC provides the trust governments need to digitize travel and border crossing.

It starts with a chip
Many passports — most created in the last decade or so — contain chips which contain  the ICAO-standardized information in a physical passport, including the image, in a digital format that can be read by the right hardware and software.

This is our starting point. We created an app that airlines can use to read this information. The critical step, however, is not the fact that we can read this information but how we convert it. We make it cryptographically verifiable so that the information doesn’t have to be stored in an airline database in order to be trusted.

This removes one of the longstanding blockers to using digital identities for travel: without decentralized identity, you have to store that information in a centralized database in order to verify it. Doing so puts airlines at risk of a data breach — and that risk, given we’re talking about passport data — has been too great up to this point to push forward on a DTC. But a DTC using a verifiable credential means that the digital passport data is held by the passport owner in a digital wallet on their mobile device.

After scanning their passport with their phone, the data in their passport chip is checked to see if it has been signed by a legitimate passport office. Only a government passport authority can sign the passport data, and so a fraudulent passport will have an invalid signature and can therefore be easily identified and rejected.

Second, the person must bind their passport to their phone by performing liveness and biometric checks during the scanning. The software compares the biometrics from the traveler using the device to those contained in the passport chip. Biometrics also bind the app and the device to the person, so there are multiple layers of protection against someone who isn’t the subject of the passport using it.

There are two ways to authenticate a DTC: either verifying the DTC because the DTC issuer is trustworthy, or use the embedded passport information in the DTC to directly authenticate the original passport data.

This is what gives airlines, airports, and border control the confidence to enable seamless check in, boarding, and border crossing: The data in the DTC has been authenticated and is now fully portable and instantly verifiable. And because of the way verifiable credentials use cryptography and digital signatures, this information has been digitally sealed in such a way that if someone tried to alter it, it would be easily spotted.

This is an overview of the trust-creating technology behind a DTC. For a fuller understanding of the technology and its features, check out our Beginner’s Guide to Decentralized Identity or contact us to get your DTC.

####

Sign up to our newsletter to stay up to date with the latest from Indicio and the decentralized identity community