2021 Review – DDS Online

Digital Document Security – A Conference for Troubling Times

The role of physical and digital secure documents is coming under increased scrutiny as the world debates how they might be used to implement proof of health status. But, as explored in the recent Digital Document Security Conference, this is only one of the many issues facing the industry as secure documents transition from physical to digital and ultimately virtual formats.

Astrid Mitchell, CEO of conference organisers Reconnaissance, welcomed representatives from more than 75 organisations across 35 countries to the second Digital Document Security (DDS) Conference held online 30 -31 March. Her welcome captured the essence of DDS, which is to provide a forum that connects the communities at the interface between the physical, digital, and increasingly virtual, document security domains.

Ian Lancaster and Francis Tuffy, both from Reconnaissance, shared the keynote address providing context to the conference. Both speakers picked up on the inevitable current focus on identity management that link a person to their health status through secure documentation. Francis highlighted the resonance of the transition in the industry from physical to digital and virtual to what we are witnessing in the current public health crisis from physical certification of vaccinations towards virtual proof of immunity status.

The transition

The first session of the conference considered the transition from physical to digital secure documents through three different lenses. In the first of these, Paul Bastian from Bundesdruckerei (Germany), used the analogy of a physical wallet containing a range of identity related cards to explain the concept of self-sovereign identity (SSI) in that it is the wallet owner (and hopefully bearer) that can choose which card to use in any situation.

The second slot was co-presented by Adriana Ezpeleta and Franziska Muschik, both from Veridos (Germany). In their presentation they considered the benefits of document authentication with visible digital seals (VDS) and a database protected by a PKI infrastructure. It also touched on a possible replacement for this approach with alternatives, including a private blockchain.

The session’s closing presentation came from John Winchcombe – Reconnaissance’s cash and payments expert. John entertained the dematerialisation of cash in considering current central banks’ activity in the areas of ‘wholesale’ and ‘retail’ Central Bank Digital Currencies (CBDCs).

After a short break, Session 2 – Regulation, Standardisation and Cooperation, kicked off with Alan Hodgson, from his eponymously named consulting firm, who explained his role in convening and running technical committees on international standards. His message was that standards will have impact as long as they address the needs of the various stakeholders involved. In the case of identity related secure documents, the interested parties are the consumers (it’s their IDs we’re using after all), governments and standards bodies, and industry – to allow companies to trade across borders. 

Paper 2 in the session saw Franz Brudl, from the Austrian state printer ÖeSD, summarising the main content of the future ISO standard 18013-5 surrounding mobile driving licences (mDL). Franz then shone a light on the potential role that mDLs might play as a door-opener for other mobile credentials.  Thomas Schalldach’s (Thales, France) presentation on using digital documents with unmanned relying party systems shared how latest security mechanisms can address the growing challenges of an open and global digital document ecosystem.

The session finale was Jean-Philippe Egger’s (SICPA, Switzerland) exploration of the role for security printers in the digital age. In response to the shift to secure digital documents, he envisions a need for universal and independent verification of both paper and digital certificates. Jean-Philippe sees  a role for security printers in this transformation, taking advantage of mobile technology to change the way that trusted and private information is shared and verified.

Panel discussion

The panel discussion at the end of Day 1 brought together Tony Poole (AJW/Secure Doc Alliance), Marco Aloe  (SICPA), David Rutnam  (IATA), Husayn Kassai  (Onfido) and Francis Tuffy, under the chair of Ian Lancaster. The topic for the discussion ‘Vaccination certificates and immunity passports’ echoed the themes of Reconnaissance’s White Paper of the same title.

The panellists used their opening remarks to recount the technical readiness of world governments to move forward on certification and health status proof programmes. The image that developed was a fractured one, with countries and blocs proceeding with their own approaches with little attempt at coordination. Despite efforts to limit questions to purely technical considerations it was inevitable that several questions from the audience explored how technical solutions from the ID and secure document industry might address issues of inclusion and morality.

The physical-digital interface

Nuno Gonçalves from INCM –(the Portuguese Mint and Official Printing Office) got Day 2 off to a flying start, exploring new trends in the mixing of the physical and digital worlds using security and facial recognition.

Jan Thiele from Prismade Labs (Germany) continued the session theme of the physical-digital interface, presenting a new printed electronic feature working in tandem with a smartphone. The feature embeds a fully printed keyboard in the document that enables the user to self-authenticate and enter a PIN code. Jan’s demonstration of the technology displayed its ability to prevent optical copies and provide proof of presence.

Marc Schnieper, from private non-profit research and technology organisation CSEM (Switzerland), considered three approaches to making reading security labels on a smartphone more secure. First, he looked at integrating a security feature at the packaging fabrication stage; second, using a QR code constructed from a DOVID-like structure; and finally, a new way to use fluorescent inks to hide a QR code.

Anton Pfeifer from the Institute Industrial IT, Technische Hochschule Ostwestfalen-Lippe (Germany) concluded the session with his presentation describing passive coding methods to detect the authenticity of physical documents.

Dr Matthias Schwan (Bundesdruckerei, Germany), opening the session on ‘Implementation – Putting Theory into Practice’, used his presentation on mobile devices as secure and convenient carriers on eID documents to give real world examples of protecting against the threat of cloning.

 Sina Grebrodt (Koenig & Bauer Banknote Solutions, Switzerland) recounted the experiences of students at the Art Centre, Pasadena (USA) from a project started in 2019 to a current description of a future banknote that encompasses a dual physical and digital hybrid and that can be activated and deactivated on demand.

It is widely accepted that Estonia is amongst the most advanced eGovernment states in Europe, so it made sense that Annika Kluge, from the Estonia Information System Authority, should share the country’s 18 years’ experience of securing electronic documents. In the current trend toward remote working, Annika warns against taking short-term measures which may have unintended long-term consequences.

The final presentation of the final session came from a source not usually associated with document security – Zhihu Li from the State Grid Corporation of China, the largest utility company in the world. Zhihu’s presentation on digital currency and blockchain gave a rare insight into that country’s research efforts in secure documentation.

 Zhihu’s presentation stimulated several questions during the Q&A session at the end of Session 4, including anti-blockchain algorithms and whether national blockchains might undermine many of the strengths of blockchains, such as privacy and decentralisation of transactions.

The panel discussion that signalled the end of Day 2, and the conference, brought together Mark Pic (SURYS), Annika Kluge (Estonia Information System Authority), Narumi Pereira Lima (Brazilian Federal Police) and Ian Lancaster – all under the moderation of Serge Wsevolojskoy of Reconnaissance.

Amongst the lively debate on security and protection issues as secure documents migrate from physical to digital, Marc gave a fantastic demonstration of real-time deep fake video manipulation.  In front of the online conference audience, he used the face of Serge Wsevolojskoy (panel moderator) to ‘speak’ his opening remarks. It wasn’t perfect, but it was sufficiently good to pass casual inspection!

The conference concluded with the announcement from Ian Lancaster that Reconnaissance has taken the decision to merge the Optical Document Security Conference and the Digital Document Security Conference. The new event will be the Optical and Digital Document Security Conference (ODDS), and it will be described as the technical conference for physical, digital and virtual document security.

This new-look event is scheduled for 17-19 January 2022 in Vienna, Austria. See video below.

The Vaccination Certificate and Immunity Passport White Paper is now available, free of charge, via this link.

Optical & Digital Document Security