Acuant Ozone
ICAO Compliant ePassport Solutions
Ozone®GO for Mobile Devices
Award-Winning Solutions 2018 Gold Winner ABA2018 Global Excellence Award

The Most Advanced ePassport/eID Solutions Made Simple

Award-winning Acuant Ozone® engages robust cryptographic security to support ePassport issuance, forensic analysis, and border crossing/inspection processes. Ozone®GO supports ePassport/eID/eMRTD authentication processing for identity verification using a mobile device. Ozone offerings provide the trust framework to meet the security and vetting processes required by government regulations: European Commission, USA, Canada, & Global.

Ozone technology provides the most accurate and effective method to confirm: the ID was issued by a trusted issuer, the ID has not been altered after issuance and ensures the ID is trusted by the issuer at the time of authentication (i.e. has not been revoked). The process is fast and secure in just seconds. Image capture issues like glare, sharpness and other factors disappear. OzoneGO allows consumers to simply scan the MRZ, then place their phone on the passport engaging Near Field Communication (NFC) to unlock and read the chip data. Data is securely processed via Ozone authentication in the cloud with cryptography. Layering Acuant FaceID allows for a biometric facial recognition matching in the same workflow.

Why Choose Acuant Ozone®

ePassport Issuance: ICAO compliant PKI & Security Object Encoding

Ozone® provides a robust issuance quality assurance solution which ensures that the electronic encoding of the ePassport Document Security Object (SOD), as well as the supporting PKI components, are compliant with ICAO specifications, international standards, and State specific requirements.

Ozone® DocSigner

Implemented as a web service within an Issuance network, Ozone® DocSigner receives data from an ePassport Personalization System to be formatted and digitally signed as the Document Security Object (SOD) for a specific MRTD. For each set of data received, Ozone® DocSigner will perform a cryptographic hash of the data to produce an LDSSecurityObject, which subsequently is stored in the eContent of a Cryptographic Message Syntax (CMS) object and digitally signed with the private key associated with a DSC. The DSC may also be added to the certificates of the CMS object, called the SOD.

Ozone® Analyzer

Implemented as a web service within the Issuance network, Ozone® Analyzer performs encoding analysis against ICAO and State specific encoding profiles to evaluate the SOD – BEFORE it is written to the electronic chip of the ePassport. If any encoding deviation is identified, then the SOD will not be encoded within the chip.

Ozone® Viewer

Ozone® Viewer is a utility that provides a report of the encoding for the specific object presented, such as a PKI component or a SOD. It can be used to review the encoding of any certificate (including CSCA, DSC, Master List Signer, Deviation List Signer, Link or Cross certificates, as well as Certificate Signing Requests (CSRs), Certificate Revocation Lists (CRLs), Cryptographic Message Syntax (CMS) objects (including SODs), and Master Lists. Further, it can also perform Local Path Discovery and Validation processes to evaluate a specific PKI trust chain.

Ozone® Analyzer Module for Ozone® Viewer

An add on module for Ozone® Viewer, the Ozone® Analyzer Module is implemented as a local Windows Service to provide an encoding analysis of an object against ICAO and/or State specific encoding profiles for the object being reviewed. ICAO profiles specific to multiple versions of ICAO Document 9303 are provided so that an issuer can determine its compliance with a specific release. State specific encoding profiles can be implemented to ensure that encoding selections are consistent within a document series (e.g., the Validity Period for a certificate does not change arbitrarily), and properly enforced for the current document series encoding selections – perhaps being done to enhance the security of the document (i.e., an algorithm modification), to address the correction of a prior deviation (i.e., BER-DER encoding), or to come into compliance with the latest edition of Doc 9303 (i.e., a CSCA Name Change).

ePassport Analysis: Quality Assurance/Quality Control (QA/QC) & Forensic Analysis

Ozone® solutions rapidly and securely meet your fraud detection and quality assurance needs by analyzing the cryptographic and biometric features of ePassports – in support of issuance quality control measures, secondary review processes at a border, or forensic encoding analysis of a document. Acuant offers Ozone® Reader configurations to address both environmental constraints and specific use cases. These capabilities are complimented by the document security feature authentication provided by the AssureID™ document authentication technology.

Ozone® Reader for Local Passive Authentication

This configuration supports document authentication, in an environment with no external data connections, to assess whether a document is fraudulent or authentic. It combines document reader hardware, Ozone® Reader software, AssureID™ Sentinel software, and the ability to ingest CSCA Master List(s) or individual certificates into a local directory to support Passive Authentication. For each document presented, Passive Authentication is performed against the loaded CSCA certificate(s); analysis of the physical security features of the document is performs against the local Sentinel document reference database; and a report of the document authentication results is generated.

Ozone® Reader for QA (QA Workbench)

This configuration supports document authentication as well as encoding analysis, either leveraging network/hosted data sources or as a standalone capability. The configuration adds Ozone® Analyzer to the bundle of components identified above. In addition to the previously identified series of document authentication operations, the QA Workbench performs an encoding analysis of the Document Security Object (SOD) from the presented document against ICAO and/or State specific encoding profiles. These encoding compliance results are then added to the report generated for a document.

ePassport Authentication: Border Processing and Passive Authentication

Ozone® technology provides the ability to reliably verify the authenticity of electronic travel documents, including ePassports and eIdentification Cards, by authenticating digitally signed documents and verifying the authenticity and authorization of the issuing authority. The solution set incorporates authentication data collection, management, and distribution processes as well as robust, decentralized border control endpoint processing that can be deployed at fixed locations, within automated kiosks, or to mobile devices, and are available for locally installed deployments, through hosted SaaS deployments, or a hybrid combination.

Ozone® National Public Key Directory (NPKD) Support

The Ozone® NPKD software bundle instantiates a capability to retrieve, manage, and distribute the PKI objects required for the performance of Passive Authentication on an ePassport (i.e., CSCAs, CRLs). However, it does NOT include licensing for the validation of ePassports directly against the NPKD. It is simply a licensing of the mechanisms to collect, put under secure management, and distribute the CSCA certificates from each Issuing State (via the generation of an NPKD Master List).

Ozone® Passive Authentication (PA) Support

The Ozone® PA software bundle builds on the NPKD offering to provide a web services interface through which Passive Authentication would be performed. It provides authentication endpoint component(s) that can be distributed across the environment to provide processing support as close to the relying party application making the PA request as possible – without the need to reach back to the centralized components to perform an authentication transaction. This allows the authentication data to be securely updated as often as needed, via an automated schedule; and allows the relying party application to make a simple request for authentication to its closest Ozone® Server, which returns a Yes/No response to the application indicating that the document Passed/Failed PA.

AssureID™ Document Authentication Support

AssureID™ addresses the legacy passport population, cases where the electronic chip of an epassport fails to read, and the automated evaluation of other identity documents for authenticity. AssureID™ employs an authentication engine which leverages a document reference library containing templates for identity documents from over 200 countries, all US states and territories, and all Canadian provinces. It compares the physical security features found on each document (inks, markings, seals, threads, holograms, overlays, etc.) against its reference template for the presented document type and returns an authenticity score to the relying party.

Meet Regulatory Requirements with Award-Winning Ozone®

  • ICAO Compliant Document Security Object (SOD) Issuance
  • ICAO Compliant Quality Assurance Control
  • FATF
  • EU Right to Work
  • Bank Secrecy Act
  • Currency & Foreign Transactions
  • Red Flag Rules (FTC/NCUA)
  • Patriot Act & Anti-Terrorism Act
  • KYC, AML & CIP
  • Gramm-Leach-Billey Act

Book a Meeting

Acuant Ozone® Use Cases

  • Identity Proofing & Verification
  • Mitigate Identity Fraud & ID Forgery
  • Passport Authentication (ePassport/eID/eMRTD)
  • Border Control & Inspection (Primary/Secondary)
  • Anti-Money Laundering

Questions?   Let’s Talk