The sensitive data electronic identity documents contain must be protected against unauthorised access. In the case of German electronic passports, sensitive data includes the personal information that is not printed on the cards; with German electronic ID cards, all the data involved is treated as sensitive.

This sensitive data can only be read if the Terminal Authentication (TA) protocol has been completed to authenticate the reader at hand.

The RF chip in a German identity document is designed to only grant read access to certain data if the corresponding reader can prove it has explicit read authorisation for that exact data (e.g. only the person's date of birth). To verify this authorisation, the RF chip contains a stored certificate from the Country Verifier Certificate Authority (CVCA)(see also: CVCA). This certificate represents the root of the CVCA public key infrastructure (see also: Public Key Infrastructure), which is a hierarchy for authorisation certificates that are needed to read sensitive data on identity documents.

During Terminal Authentication, a reader sends its read authorisation to an RF chip in the form of a terminal certificate. The reader also transmits its CVCA certificate, along with all the certificates that come between the terminal certificate and the CVCA certificate in the certificate hierarchy. This enables the RF chip to verify the authenticity and integrity of the terminal certificate. For this verification to succeed, all the certificates in the hierarchy (starting with the CVCA certificate) must have been signed with the secret key of the preceding certificate. The CVCA certificate is trusted by the RF chip because it was already stored on the RF chip during the manufacturing process.

Once the authenticity and integrity of the terminal certificate transmitted by the reader have been confirmed, the RF chip still needs to verify that the certificate was actually issued to the reader in question. The RF chip thus sends a random number to the reader, which signs it using the secret key that pertains to the terminal certificate. The reader then transmits the signed random number back to the RF chip. Using the reader's public key (which is part of its terminal certificate), the RF chip can check the signature of the random number and thereby verify whether the reader is in possession of the secret key that matches the terminal certificate.

Terminal Authentication is part of the Extended Access Control (EAC) protocol. If you are interested in further details of this procedure, please refer to Technical Guideline BSI-TR-03110.