End-to-end ePassport platform engineering
Backend, frontend, PKI, enrolment, personalisation — the full stack behind an ICAO 9303-compliant ePassport programme, designed and engineered as one piece of software. Our scope is platform engineering only: we do not issue passports, we build the systems that issuing authorities use to do it. No government-approval claim is implied or stated; certification is the issuing authority’s programme, not ours.
ePassport systems break at the seams. Owning the whole stack is the point.
CSCA & DSC management
Country Signing CA and Document Signing Certificate ceremonies. Key custody, signing-cycle management, revocation policy, archival. The CA is the trust root — everything downstream depends on it being run well.
PKD integration
Public Key Directory upload, download, and master-list management per ICAO 9303 Part 12. Compatible with the ICAO PKD operating policies; deployable against a national or regional PKD.
Enrolment frontend
Biometric capture (face, fingerprints, iris) per ISO/IEC 19794 family. Operator workflows, supervisor escalation, exception handling. Designed for desk-officer ergonomics, not just biometric ingest.
Personalisation backend
LDS1 / LDS2 logical data structure generation. Document Security Object signing. Personalisation script handoff to the perso line.
Inspection-system support
Reference verifier for the data-page and chip dataset. Useful for issuance QA, for fraud teams, and for cross-border interoperability testing.
Architecture-led
We do platform engineering — the operating authority owns the keys, the policy, the deployment, and the certification programme. We deliver code, documentation, and a deployment-ready system.
What the platform is designed against.
ICAO 9303
Parts 1–12. LDS, active/passive authentication, chip authentication, PACE, terminal authentication, Document Signer infrastructure.
ISO/IEC 14443
Contactless transport, T=CL command flow, the chip’s electrical interface.
ISO/IEC 19794 / 39794
Biometric data interchange formats — the encoding the LDS expects.
BSI TR-03110 family
Where applicable for EAC and chip-authentication mechanisms.
Common Criteria PP
The protection profile against which the chip is evaluated — AmbiSecure consumes the certified silicon, not produces it.
FIPS / NIST
Cryptographic primitives (AES, SHA-2, ECC) the standards mandate.
How the work runs.
ePassport platform engagements are multi-phase by nature. Here is the canonical shape.
Architecture review
Standards mapping, threat modelling, deployment-target survey, capability matrix. Output: a system design document.
PKI build
CSCA / DSC ceremonies, key custody design, signing-cycle automation, PKD integration.
Backend build
LDS generation, signing pipeline, audit log, operator API. Tested against the reference inspection system.
Frontend build
Enrolment and personalisation UX. Operator training material. Exception flow design.
Handoff
Code, runbooks, key-ceremony scripts, audit log spec. The operating authority owns and operates the platform from cutover onward.
Where this fits in the bigger picture.
Solution: Government identity
Where ePassport platform engineering fits in the wider government identity stack.
Solution: Smart-card personalisation
The personalisation line that backs the ePassport issuance backbone.
Technology: Secure elements
The chip primitive the ePassport platform writes to.
Blog: Engineering ePassport platforms
Cornerstone read — CSCA/DSC PKI, LDS generation, enrolment frontend, inspection-system reference.
Blog: PKI credential issuance
The PKI lifecycle and key-ceremony patterns the ePassport platform reuses.
Product: PIV nano-card applet
An adjacent government-identity primitive that pairs with the ePassport platform.
Scope an ePassport platform engagement.
Tell us your authority, jurisdiction, target standards profile, and whether you have an incumbent supplier. Initial scoping conversations are straight-engineering, no BDR funnel.