ePassport — from BAC to PACE-CAM.
Electronic travel documents have evolved from contact-only paper-plus-chip to PACE-protected, biometric-rich, multi-application travel credentials with PKD-distributed trust roots.
First MRZ machine-readable passport
Optical-character MRZ added to the printed booklet. The starting point of the digital travel document.
ICAO 9303 Doc 9303 first edition
Earliest unified standard for machine-readable travel documents.
Biometric data on chip recommended
ICAO publishes recommendations on biometric facial image storage on a contactless chip.
First chip-enabled passports rolled out
Malaysia and Belgium issue the first widely-deployed ePassports with face-image data on chip and Basic Access Control (BAC) protecting the chip read.
PKD launched
ICAO Public Key Directory begins distributing CSCA / DSC trust anchors across participating states.
Extended Access Control (EAC) v1 in EU
EU member states adopt EAC to protect fingerprint biometrics: chip authentication + terminal authentication.
PACE replaces BAC (Doc 9303 7th ed.)
Password Authenticated Connection Establishment fixes BAC weaknesses: stronger key derivation, perfect forward secrecy on the chip-reader channel.
Supplemental Access Control (SAC) deployed
EU mandates SAC = PACE for new passports issued from 2016. BAC remains as a fall-back for older readers.
Logical Data Structure 2 (LDS2)
Doc 9303 extends the on-chip data model: travel records, visa records, biometric refreshes — not just static issuance data.
DESFire-class travel documents in pilots
Some smaller-jurisdiction national-ID + travel-document combinations adopt DESFire EV2 alongside ICAO 9303 chips.
eMRTD on phone (Digital Travel Credential)
ICAO DTC concept: travel credential extractable from the ePassport chip and bound to a verifiable mobile credential. Pilots in Finland and the Netherlands.
Backend platforms for issuance + personalisation
In-country enrolment, sovereign personalisation, CSCA-key custody, and PKD upload pipelines become standard parts of national-ID programmes.
Frontend + backend converge
A single platform handles enrolment UIs, biometric capture, applet personalisation, DSC signing, and PKD distribution — with audit hooks across the entire issuance chain.
Continue exploring.
Building against this evolution?
If your roadmap touches any of these milestones, our engineering team can map the standards posture to a deployable architecture.