Skip to content

RFID

Biometric documents are documents similar to the traditional ones except for one significant difference: they have an RFID chip embedded. The information stored on the chip is the same as that displayed on the data page of identity documents: full name, date of birth, place of birth, date of issue, expiration date, portrait, fingerprints, etc.

Regula devices with RFID-reading modules with the help of Document Reader SDK allow extracting, validating, and comparing data from RFID chip memory.

PKD Certificates

One of the methods to verify RFID chip is the Passive Authentication procedure.

For the Windows desktop application, place certificates for PA to the following directory:

C:\Users\<USER>\AppData\local\Regula\PKD

On Windows, before starting RFID session, you can also change the PKD parameters via the RegulaReader.READERDEMO COM object:

  • RFIDPKDFolder property sets the custom directory for PKD certificates
  • PKDAddResource method adds a resource to local PKD as an in-memory byte array
  • PKDAddResourceFromFile method adds a resource to local PKD from file by its name

For more information, see COM interface documentation, also available in the installation directory of the Document Reader SDK.

TCC Parameters

To apply the additional level of security in the process of RFID chip reading and verification, you can configure the communication with the Terminal Control Centre (TCC) in accordance with the BSI TR-03129 standard.

When the parameters are set, TCC will be accessed for certificates and sign the challenges during the Terminal Authentication procedure, when reading the RFID chip.

The table below demonstrates all available TCC configuration parameters with their descriptions.

Parameter Description
serviceUrlTA Terminal Authentication URL of the TCC service.
serviceUrlPA Passive Authentication URL of the TCC service.
pfxCertUrl URL of the PFX-format certificate.
pfxCert PFX-format certificate, encoded in Base64. If both pfxCertUrl and pfxCert are set, the latter is used.
pfxPassPhrase Passphrase for the PFX-format certificate (if the password is used).

The described TCC parameters must be set before starting the RFID session, by using one of the two methods, described further.

Via JSON File

Before starting the document processing, fill the TCCparams.json file with the appropriate parameter values, as demonstrated below.

TCCparams.json
{
    "tccParams": {
        "serviceUrlTA": "<TERMINAL_AUTHENTICATION_URL>",
        "serviceUrlPA": "<PASSIVE_AUTHENTICATION_URL>",
        "pfxCertUrl": "<PFX_CERTIFICATE_URL>",
        "pfxCert": "<BASE64_PFX_CERTIFICATE_STRING>",
        "pfxPassPhrase": "<PASSPHRASE>"
    }
}

Put the TCCparams.json file into the directory as follows:

C:\Users\<USERNAME>\AppData\Local\Regula\Document Reader SDK\TCCParams.json

Via COM Interface

On Windows, you can set the TCC parameters to RFID session via the RegulaReader.READERDEMO COM object, using the SetRFIDTCCParams method. It takes as the argument the AParams—the JSON string, containing the same parameters as described in the JSON File section.

For more information, see COM interface documentation, also available in the installation directory of the Document Reader SDK.

Next Steps

  1. BSI TR-03129 PKIs for Machine Readable Travel Documents-Protocols for the Management of Certificates and CRLs
  2. Regula Document Reader COM Server documentation