Doc 9303  第 9303 號文件

Machine Readable Travel Documents
機器可讀旅行證件

Part 2: Specifications for the Security of the Design, Manufacture and Issuance of MRTDs
第 2 部分：旅行身分文件安全設計、製造和簽發規範

ICAO  國際民航組織

Doc 9303

Machine Readable Travel Documents
機器可讀旅行證件

Part 2: Specifications for the Security of the Design, Manufacture and Issuance of MRTDs
第 2 部分：機讀旅行證件設計、製造及簽發之安全規範

AMENDMENTS  修訂版

RECORD OF AMENDMENTS AND CORRIGENDA
修訂紀錄及勘誤表

TABLE OF CONTENTS  目錄

1. SCOPE … 1  範圍 … 1
2. SECURITY OF THE MRTD AND ITS ISSUANCE … 1
   旅行證件（MRTD）之安全及其簽發 … 1
3. MACHINE ASSISTED DOCUMENT VERIFICATION … 2
   機器輔助文件驗證 … 2
   3.1 Feature Types … 3
   3.1 特徵類型 … 3
   3.2 Basic Principles … 4
   3.2 基本原則 … 4
   3.3 Machine Authentication and eMRTDS … 4
   3.3 機器驗證與電子機讀旅行證件系統 … 4
4. SECURITY OF MRTD PRODUCTION AND ISSUANCE FACILITIES … 5
   機讀旅行證件生產與簽發設施的安全性 … 5
   4.1 Resilience … 6
   4.1 韌性 … 6
   4.2 Physical Security and Access Control … 7
   4.2 實體安全與存取控制 … 7
   4.3 Production Material Accounting … 7
   4.3 生產物料會計 … 7
   4.4 Transport … 7
   4.4 運輸 … 7
   4.5 Personnel … 7
   4.5 人員 … 7
   4.6 Cyber Security … 7
   4.6 網路安全 … 7
5. PROVISION OF INFORMATION ON NEWLY ISSUED MRTDS … 7
   新簽發機讀旅行文件資訊之提供 … 7
6. PROVISION OF INFORMATION ON LOST AND STOLEN MRTDS … 8
   遺失及被盜機讀旅行文件資訊之提供 … 8
   6.1 Communicating Proactively with Document holders … 8
   6.1 與文件持有人積極溝通 … 8
   6.2 Maintaining National Databases of Lost, Stolen and Revoked Travel Documents … 8
   6.2 維護遺失、被盜及註銷旅行文件之國家資料庫 … 8
   6.3 Sharing Information about Lost, Stolen and Revoked Travel Documents with INTERPOL and Verifying Documents against INTERPOL Databases Systematically at Primary Inspection … 9
   6.3 與國際刑警組織共享遺失、被竊及作廢旅行文件之資訊，並系統性地在初步查驗時 against 國際刑警組織資料庫驗證文件 … 9
   6.4 Installing Checks to Determine Whether a Holder is Presenting a Lost, Stolen or Revoked Document at Border Crossing … 9
   6.4 在邊境 crossing 點安裝檢查機制，以確定持有人是否出示遺失、被竊或作廢的文件 … 9
   APPENDIX A TO PART 2. SECURITY STANDARDS FOR MRTDS (INFORMATIVE) … App A-1
   附錄 A 至第 2 部分。旅行文件安全標準（參考性） … 附錄 A-1
   A1 Scope … App A-1
   A1 範圍 … 附錄 A-1
   A2 Introduction … App A-1
   A2 簡介 … 附錄 A-1
   A3 Basic Principles … App A-1
   A3 基本原則 … 附錄 A-1
   A4 Main Threats to the Security of Travel Documents … App A-2
   A4 旅行文件安全的主要威脅 … 附錄 A-2
   A5 Security Features and Techniques … App A-4
   A5 安全特徵與技術 … 附錄 A-4
   Page  頁面
   APPENDIX B TO PART 2. MACHINE ASSISTED DOCUMENT SECURITY VERIFICATION (INFORMATIVE) … App B-1
   附錄二 第二部分：機器輔助文件安全驗證（資訊性） … 附錄 B-1
   B1 Scope … App B-1
   B1 範圍 … 附錄 B-1
   B2 Document Readers and Systems for Machine Authentication … App B-1
   B2 文件讀取器和機器驗證系統 … 附錄 B-1
   B3 Security Features and their Application for Machine Authentication … App B-2
   B3 安全特徵及其在機器驗證中的應用 … 附錄 B-2
   B4 Selection Criteria for Machine Verifiable Security Features … App B-10
   B4 機器可驗證安全特徵的選擇準則 … 附錄 B-10
   APPENDIX C TO PART 2. THE PREVENTION OF FRAUD ASSOCIATED WITH THE ISSUANCE PROCESS (INFORMATIVE) … App C-1
   附錄 C（第 2 部分）：與發行流程相關的詐欺預防（資訊性） … 附錄 C-1
   C1 Scope … App C-1
   C1 範圍 … 附錄 C-1
   C2 Fraud and its Prevention. … App C-1
   C2 詐欺及其預防。… 附錄 C-1
   C3 Recommended Measures against Fraud … App C-1
   C3 對詐欺的建議防範措施… 附錄 C-1
   C4 Procedures to Combat Fraudulent Applications … App C-2
   C4 打擊詐欺申請的作業程序… 附錄 C-2
   C5 Control of Issuing Facilities … App C-3
   C5 發行設施的控管… 附錄 C-3
   APPENDIX D TO PART 2. ASFISLTD KEY CONSIDERATIONS (INFORMATIVE) … App D-1
   附錄 D 至第 2 部分：ASFISLTD 關鍵考量（資訊性） … 附錄 D-1

1. SCOPE  1. 範圍

• Appendix A to this Part describes security measures to be taken within the structure of the MRTD and of the premises in which it is produced;
  本部分附錄 A 敘述了在機器可讀旅行證件結構及其生產場所中應採取的安全措施；
• Appendix $B$$B$BB describes optional means of achieving machine-assisted document verification;
  附錄 $B$$B$BB 描述了實現機器輔助文件驗證的可選方法；
• Appendix C describes the security measures to be taken to ensure the security of the personalization operations and of the documents in transit.
  附錄 C 描述了確保個人化作業和傳輸中文件安全性的安全措施。

2. SECURITY OF THE MRTD AND ITS ISSUANCE
2. 機讀旅行文件（MRTD）及其核發的安全性

• Counterfeit involves the creation of all or part of a document which resembles the genuine MRTD with the intention that it be used as if it were genuine. Counterfeits may be produced by attempting to duplicate or simulate the genuine method of manufacture and the materials used therein or by using copying techniques;
  仿冒是指創建全部或部分文件，使其看起來類似於真正的機讀旅行文件，目的是讓其被當作真品使用。仿冒文件可能通過嘗試複製或模仿真品的製造方法和材料，或使用複製技術來製作；
• Fraudulent alteration, also known as forgery, involves the alteration of a genuine document in an attempt to enable it to be used for travel by an unauthorized person or to an unauthorized destination. The biographical details of the genuine holder, particularly the portrait, form the prime target for such alteration; and
  偽造變造，又稱為偽造，是指以允許未經授權的人員前往未經授權的目的地為目的，而對真實文件進行變更。真實持有人的個人資料，尤其是肖像，是此類變造的主要目標；且
• Impostors. “Impostor” is defined as someone representing himself ${}^1$${}^1$^(1){ }^{1} to be some other person. Security features should be incorporated to facilitate the visual and/or automated detection of fraudulent use of the MRTD by an impostor.
  冒名頂替者。「冒名頂替者」定義為自稱為他人的人。安全功能應納入，以便於目視和/或自動偵測冒名頂替者對機讀旅行文件的詐欺使用。

3. MACHINE ASSISTED DOCUMENT VERIFICATION
3. 機器輔助文件驗證

• the layout of machine readable travel documents as specified in Doc 9303 maintaining backward compatibility;
  依照文件 9303 所規定的機器可讀旅行文件版面配置，同時保持向下相容性；
• the security features recommended in Appendix A of this Part; and
  附錄 A 中建議的安全特徵；及
• making use of the technical capabilities of advanced readers installed worldwide to accommodate eMRTDs.
  充分運用全球安裝的先進讀取設備的技術能力，以支援電子機器可讀旅行文件。

3.1 Feature Types  3.1 特徵類型

3.1.1 Structure feature  3.1.1 結構特徵

• the interference characteristic of a hologram or other optically variable device that can be uniquely identified by a suitable reader;
  全息圖或其他光學變色設備的干擾特性，可由適當的讀取器唯一識別；
• retro-reflective images embedded within a security laminate; and
  嵌入安全覆層中的逆反射影像；以及
• controlled transmission of light through selective areas of the substrate.
  透過基材選定區域可控制光線的傳輸。

3.1.2 Substance feature  3.1.2 物質特徵

• the use of pigments, usually in inks, which respond in specific and unusual ways to specific wavelengths of light (which may include infrared or ultraviolet light) or have magnetic or electromagnetic properties; and
  使用顏料（通常在墨水中），這些顏料對特定和非尋常的特定光波長（可能包括紅外線或紫外線）有特殊反應，或具有磁性或電磁特性；且
• the incorporation into a component of the data page of materials, e.g., fibres whose individual size or size distribution conform to a predetermined specification.
  將材料（例如單一尺寸或尺寸分佈符合預定規格的纖維）納入資料頁面的元件中。

3.1.3 Data feature  3.1.3 資料特徵

• encoded data stored on the document in magnetic media such as special security threads; and
  編碼儲存在文件磁性媒體上的資料，例如特殊安全線；以及
• designs incorporating the concealed data which only become detectable when viewed using a specific wavelength of light, optical filters, or a specific image processing software.
  包含隱藏資料的設計，只有在使用特定波長的光、光學濾鏡或特定影像處理軟體時才能偵測到。

3.2 Basic Principles  3.2 基本原則

3.3 Machine Authentication and eMRTDS
3.3 機器驗證與電子機讀旅行文件系統

• the contactless IC is defective and fails to communicate; or
  非接觸式 IC 故障且無法通訊；或
• there are no certificates available for checking the authenticity and integrity of the data on the contactless IC.
  目前並無憑證可用於檢查非接觸式 IC 上資料的真實性與完整性。

A functioning contactless IC in an eMRTD can also aid machine authentication by storing the machine authentication features and its coordinates in the relevant Data Groups (DGs).
eMRTD 中功能正常的非接觸式 IC 也可藉由將機器驗證特徵及其座標儲存在相關資料群組（DGs）中，來協助機器驗證。

4. SECURITY OF MRTD PRODUCTION AND ISSUANCE FACILITIES
4. 機讀旅行證件生產與簽發設施之安全性

1. resilience;  韌性；
2. physical security and access control;
   實體安全和存取控制；
3. production materials and MRTD accounting;
   生產材料和機讀旅行證件會計；
4. transport;  運輸；
5. personnel; and  人員；及
6. cyber security.  網路安全。

4.1 Resilience  4.1 韌性

• use of distributed production and issuing facilities;
  使用分散式生產和簽發設施；
• secondary production sites when production is centralized;
  當生產集中時，設置次要生產場址；
• emergency issuing facilities;
  緊急簽發設施；
• rapid access to spare parts and support;
  快速取得備用零件及技術支援；
• second sourcing of all MRTD components.
  所有機讀旅行文件元件的雙源採購。

4.2 Physical Security and Access Control
4.2 實體安全與存取控制

• wire cages or solid walls to segregate production areas;
  使用金屬網籠或實心牆壁劃分生產區域；
• strong rooms for storage of finished, un-personalized MRTDs and key security components for MRTD production;
  設置保險室，存放未個人化的機讀旅行證件（MRTDs）以及生產機讀旅行證件所需的關鍵安全元件；
• security pass-based access control between zones;
  區域間以安全通行證進行存取控制；
• video surveillance inside and outside the facility;
  設施內外的影像監控；
• perimeter security;  周界安全；
• full-time security personnel.
  全職安全人員。

4.3 Production Material Accounting
4.3 生產材料核算

4.4 Transport  4.4 運輸

4.5 Personnel  4.5 人員

4.6 Cyber Security  4.6 網路安全

1. viruses and other malware, both in conventional computing facilities and in production machinery;
   病毒和其他惡意軟體，無論是在傳統運算設施還是生產機械中；
2. denial-of-service attacks through online MRTD application channels and web services exposed by production and issuance systems;
   透過線上電子機讀旅行證件申請管道和生產及簽發系統所暴露的網路服務進行阻斷服務攻擊；
3. compromise of issuing systems to enable attackers to issue passports or steal personal data or cryptographic assets (such as private keys for eMRTD production).
   入侵簽發系統，使攻擊者能夠簽發護照、竊取個人資料或加密資產（例如電子機讀旅行證件生產的私密金鑰）。

5. PROVISION OF INFORMATION ON NEWLY ISSUED MRTDS
5. 提供新核發旅行證件的資訊

6. PROVISION OF INFORMATION ON LOST AND STOLEN MRTDS
6. 提供遺失及被盜旅行證件的資訊

1. communicating proactively with document holders;
   主動與證件持有人溝通；
2. maintaining national databases of lost, stolen and revoked travel documents;
   維護遺失、被竊和作廢旅行證件的國家資料庫；
3. sharing information about lost, stolen and revoked travel documents with INTERPOL and verifying documents against INTERPOL databases systematically at primary inspection;
   與國際刑警組織共享遺失、被竊和作廢旅行證件的資訊，並在初步檢查時系統性驗證國際刑警組織資料庫中的證件；
4. installing checks to determine whether a holder is presenting a lost, stolen or revoked document at a border crossing.
   在邊境檢查站安裝檢查機制，以判定持照人是否出示遺失、被竊或作廢的證件。

6.1 Communicating Proactively with Document Holders
6.1 與證件持有人主動溝通

6.2 Maintaining National Databases of Lost, Stolen and Revoked Travel Documents
6.2 維護遺失、被盜及吊銷旅行證件的國家資料庫

6.3 Sharing Information about Lost, Stolen and Revoked Travel Documents with INTERPOL and Verifying Documents against INTERPOL Databases Systematically at Primary Inspection
6.3 與國際刑警組織共享遺失、被盜及吊銷旅行證件資訊，並在初步檢查時系統性地針對國際刑警組織資料庫驗證證件

6.4 Installing Checks to Determine Whether a Holder is Presenting a Lost, Stolen or Revoked Document at Border Crossing
6.4 安裝檢查機制，以判定持證人是否在邊境 crossing 出示遺失、被盜或註銷的證件

6.4.1 When a travel document gets a "hit" on INTERPOL's lost, stolen or revoked database
6.4.1 當旅行證件在國際刑警組織的遺失、被盜或註銷資料庫中出現"命中"

6.4.2 Processing the rightful owner of the travel document through border control
6.4.2 通過邊境管制處理旅行證件的合法持有人

6.4.3 Processing a traveller after determining that he is not the rightful owner of a document declared lost, stolen or revoked
6.4.3 在確定旅客並非遺失、遭竊或作廢文件的合法持有人後的處理程序

APPENDIX A TO PART II - SECURITY STANDARDS FOR MRTDS (INFORMATIVE)
附錄 A - 機讀旅行文件之安全標準（參考資料）

A. 2 INTRODUCTION  A. 2 簡介

A. 3 BASIC PRINCIPLES
A. 3 個基本原則

A. 4 MAIN THREATS TO THE SECURITY OF TRAVEL DOCUMENTS
A. 旅行文件安全的 4 大主要威脅

• counterfeiting a complete travel document;
  偽造完整的旅行文件；
• photo substitution;  照片替換；
• deletion/alteration of data in the visual or machine readable zone of the MRP data page;
  在機讀旅行證件資料頁的視覺或機讀區域中刪除或更改資料；
• construction of a fraudulent document, or parts thereof, using materials from legitimate documents;
  使用合法文件的材料構建偽造文件，或其部分；
• removal and substitution of entire page(s) or visas;
  移除並置換整頁或簽證；
• deletion of entries on visa pages and the observations page;
  刪除簽證頁面和備註頁面上的紀錄；
• theft of genuine document blanks;
  竊盜真實文件空白表格；
• impostors (assumed identity; altered appearance); and
  冒名頂替者（假冒身份；偽造外表）；以及
• tampering with the contactless IC (where present) either physically or electronically.
  實體或電子方式竄改非接觸式 IC 晶片（如果有的話）。

• Level 1 - Cursory examination for rapid inspection at the point of usage (easily identifiable visual or tactile features);
  第 1 級 - 於使用點進行快速檢查的初步檢查（可輕易辨識的視覺或觸感特徵）；
• Level 2 - Examination by trained inspectors with simple equipment; and
  第 2 級 - 由受訓檢查員使用簡單設備進行檢查；及
• Level 3 - Inspection by forensic specialists.
  第 3 級 - 由法醫專家進行檢查。

• photo substitution;  照片替換；
• delamination or other effects of deconstruction;
  層間分離或其他拆解效果；
• reverse engineering of the contactless IC as well as other components;
  非接觸式 IC 晶片以及其他元件的反向工程；
• modification of any data element;
  任何資料元素的修改；
• erasure or modification of other information;
  刪除或修改其他資訊；
• duplication, reproduction or facsimile creation;
  複製、重製或製作傳真；
• effectiveness of security features at all three levels: cursory examination, trained examiners with simple equipment and inspection by forensic specialists; and
  安全特徵在所有三個層級的有效性：粗略檢查、使用簡單設備的專業檢驗人員及法醫專家的檢查；以及
• confidence and ease of second level authentication.
  第二層驗證的信心和便利性。

A. 5 SECURITY FEATURES AND TECHNIQUES
A. 5 安全特徵和技術

1. substrate materials;  基材材料；
2. security design and printing;
   安全設計與印製；
3. protection against copying, counterfeiting or fraudulent alteration; and
   防止複製、仿冒或欺詐性竄改；以及
4. personalization techniques.
   個人化技術。

A.5.1 Substrate Materials
A.5.1 基材材料

A.5.1.1 Paper forming the pages of a travel document
A.5.1.1 組成旅行文件頁面的紙張

• UV dull paper, or a substrate with a controlled response to UV, such that when illuminated by UV light it exhibits a fluorescence distinguishable in colour from the blue-white luminescence used in commonly available materials containing optical brighteners;
  UV 暗色紙張，或具有受控 UV 反應的基材，當以紫外線光源照射時，其螢光顏色可與含光學增白劑的一般材料的藍白色螢光明顯區分；
• watermark comprising two or more grey levels in the biographical data page and visa pages;
  浮水印由傳記資料頁面和簽證頁面上的兩個或多個灰階組成；
• appropriate chemical sensitizers in the paper, at least for the biographical data page (if compatible with the personalization technique); and
  在紙張上添加適當的化學感光劑，至少在傳記資料頁面上（如果與個人化技術相容）；以及
• paper with appropriate absorbency, roughness and weak surface tear.
  具有適當吸收性、粗糙度和較弱表面撕裂強度的紙張。

• watermark in register with printed design;
  與印刷設計相符的浮水印；
• a different watermark on the data page to that used on the visa pages to prevent page substitution;
  資料頁面使用與簽證頁面不同的浮水印，以防止頁面置換；
• a cylinder mould watermark;
  圓柱模造浮水印；
• invisible fluorescent fibres;
  不可見的螢光纖維；
• visible (fluorescent) fibres;
  可見（螢光）纖維；
• security thread (embedded or window) containing additional security features such as micro print and fluorescence;
  具有額外安全特徵（如微小印刷和螢光）的安全線（嵌入或窗口）；
• a taggant designed for detection by special equipment; and
  專為特殊設備偵測設計的標記物；以及
• a laser-perforated security feature.
  雷射穿孔的安全特徵。

A.5.1.2 Paper or other substrate in the form of a label used as the biographical data page of a travel document
A.5.1.2 用作旅行文件生物特徵資料頁的標籤形式的紙張或其他基材

Basic features:  基本特徵：

• UV dull paper, or a substrate with a controlled response to UV, such that when illuminated by UV light it exhibits a fluorescence distinguishable in colour from the blue-white luminescence used in commonly available materials containing optical brighteners;
  紫外線暗淡的紙張，或對紫外線有可控制反應的基材，使其在紫外線照射下呈現出的螢光顏色，與一般含有光學增白劑的材料的藍白色螢光不同；
• appropriate chemical sensitizers in the paper (not normally possible in a plastic label substrate);
  紙張中適當的化學增感劑（在塑膠標籤基材中通常無法做到）；
• invisible fluorescent fibres;
  隱形螢光纖維；
• visible (fluorescent) fibres; and
  可見（螢光）纖維；以及
• a system of adhesives and/or other characteristics that prevents the label from being removed without causing clearly visible damage to the label and to any laminates or overlays used in conjunction with it.
  一種黏著劑系統和/或其他特性，可防止標籤被移除，且在移除時會對標籤及與其搭配的任何層壓材料或覆蓋層造成明顯的損壞。

Additional features:  額外特徵：

• security thread (embedded or window) containing additional security features such as micro print and fluorescence;
  具有額外安全特徵的安全線（嵌入式或視窗式），如微型印刷和螢光效果；
• a watermark can be used in the paper of a data page in paper label form;
  可在資料頁紙張標籤形式中使用浮水印；
• a laser-perforated security feature; and
  雷射打孔安全特徵；
• die cut security pattern within the label to create tamper evidence.
  標籤內的模切安全圖案，以製造防竄改證據。

A.5.1.3 Security aspects of paper forming the inside cover of a passport book
A.5.1.3 護照書籍內頁封面的安全性考量

A.5.1.4 Synthetic substrates
A.5.1.4 合成基材

• construction of the data page should be resistant to physical splitting into layers;
  資料頁面的結構應能抵抗物理分層；
• UV dull substrate with a controlled response to UV, such that when illuminated by UV light it exhibits a fluorescence distinguishable in colour from the blue-white luminescence used in commonly available materials containing optical brighteners;
  UV 暗底材具有受控的 UV 響應，使其在 UV 光照射下呈現的螢光顏色可與一般光學增白材料中常見的藍白色發光區分。
• appropriate measures should be used to incorporate the data page securely and durably into the machine readable travel document; and
  應採取適當的措施，安全且持久地將資料頁納入機器可讀旅行文件；以及
• optically variable feature.
  光學變異特徵。

• windowed or transparent feature;
  視窗式或透明特徵；
• tactile feature; and  觸覺特徵；以及
• laser-perforated feature.
  雷射穿孔特徵。

A.5.2 Security Printing  A.5.2 安全印刷

A.5.2.1 Background and text printing
A.5.2.1 背景和文字列印

• two-colour guilloche security background design pattern ${}^1$${}^1$^(1){ }^{1};
  雙色吉洛克安全背景設計圖樣 ${}^1$${}^1$^(1){ }^{1} ；
• rainbow printing;  彩虹印刷；
• microprinted text; and  微印文字；及

1. Where the guilloche pattern has been computer-generated, the image reproduced on the document must be such that no evidence of a pixel structure shall be detectable. Guilloches may be displayed as positive images, where the image lines appear printed with white spaces between them, or as negative images, where the image lines appear in white, with the spaces between them printed. A two-colour guilloche is a design that incorporates guilloche patterns created by superimposing two elements of the guilloche, reproduced in contrasting colours.
   當浮雕圖案是由電腦產生時，複製在文件上的影像必須確保不可偵測出像素結構。浮雕圖案可以呈現為正面影像，其中影像線條以白色空間分隔呈現印刷，或是負面影像，其中影像線條為白色，而線條間的空間被印刷。雙色浮雕是一種設計，其中浮雕圖案係透過疊加兩個浮雕元素並以對比色彩重現。

• security background of the biographical data page printed in a design that is different from that of the visa pages or other pages of the document.
  個人資料頁面的安全底紋，其設計與簽證頁面或文件其他頁面不同。

Additional features:  額外特徵：

• single or multi-colour intaglio printing comprising a “black-line white-line” design on one or more of the end leaves or visa pages;
  單色或多色凹版印刷，在一頁或多頁結束頁或簽證頁上採用「黑線白線」設計；
• latent (intaglio) image;
  隱藏式（凹版印刷）影像；
• anti-scan pattern;  防掃描圖案；
• duplex security pattern;
  雙面安全花紋；
• relief (3D) design feature;
  浮雕（3D）設計特徵；
• front-to-back (see-through) register feature;
  正面到背面（透明）登記特徵；
• deliberate error (e.g. spelling);
  故意的錯誤（例如拼寫錯誤）；
• every visa page printed with a different security background design;
  每一頁簽證均印有不同的安全背景設計；
• tactile feature; and  觸覺特徵；且
• unique font(s).  特殊字型。

A.5.2.2 Inks  A.5.2.2 墨水

• UV fluorescent ink (visible or invisible) on the biographical data page and all visa pages; and
  生物辨識資料頁和所有簽證頁上使用紫外線螢光墨水（可見或不可見）；
• reactive ink, where the substrate of the document pages or of a label is paper, at least for the biographical data page (if compatible with the personalization technique).
  反應性墨水，其中文件頁面或標籤的基底材料為紙張，至少在個人資料頁面上（如果與個人化技術相容）。

Additional features:  額外特徵：

• ink with optically variable properties;
  具有光學可變性質的墨水；
• metallic ink;  金屬墨水；
• penetrating numbering ink;
  滲透式編號墨水；
• metameric ink;  同色異構墨水；
• infrared drop-out ink;  紅外線隱藏墨水；
• infrared absorbent ink;  紅外線吸收墨水；
• phosphorescent ink;  磷光墨水；
• tagged ink; and  標記墨水；以及
• invisible ink which fluoresces in different colours when exposed to different wave lengths.
  當暴露於不同波長時會呈現不同顏色的螢光隱形墨水。

A.5.2.3 Numbering  A.5.2.3 編號

Basic features:  基本特徵：

• the passport number should appear on all sheets of the document and on the biographical data page of the document;
  護照號碼應出現在文件的所有頁面和文件的個人資料頁；
• the number in a document shall be either printed and/or perforated;
  文件中的號碼應以印刷及/或打孔方式呈現；
• the document number on a label shall be in a special style of figures or typeface and be printed with ink that fluoresces under ultraviolet light in addition to having a visible colour;
  標籤上的文件編號應以特殊的數字樣式或字體印製，並使用在紫外線下會發光的墨水印刷，同時具有可見顏色；
• the number on a data page of a passport made of synthetic substrate or on an MRTD card can be incorporated using the same technique as is used for applying the biographical data in the personalization process; and
  護照的資料頁面若為合成基材或機讀旅行證件卡片，其編號可以使用與個人化資料套用相同的技術來製作；
• for MRTD cards, the number should appear on both sides.
  對於機讀旅行證件卡片，編號應同時出現在正反兩面。

Additional features:  其他特徵：

• if perforated, it is preferable that laser perforation be used. Perforate numbering of the data page is optional but, if used, care should be taken not to interfere with the clarity of the portrait or VIZ and not obstruct the MRZ in any way. It is desirable to perforate the cover of the passport; and
  若有打孔，建議使用雷射打孔。資料頁碼打孔為可選項，但如果使用，務必注意不要影響肖像或視覺檢查區的清晰度，且不得阻礙機器可讀區域。建議同時打孔護照封面；
• if printed, it should ideally be in a special style of figures or typeface and be printed with an ink that fluoresces under ultraviolet light in addition to having a visible colour.
  若採用印刷，理想情況下應使用特殊字體或字型，並以能在紫外線下螢光且具有可見顏色的墨水印刷。

A.5.2.4 Special security measures for use with non-laminated biographical data pages
A.5.2.4 未塗層生物特徵資料頁的特殊安全措施

A.5.2.5 Special security measures for use with cards and biographical data pages made of plastic
A.5.2.5 塑膠卡片和生物特徵資料頁面的特殊安全措施

A.5.3 Protection Against Copying
A.5.3 防止複製

A.5.3.1 Need for anti-copy protection
A.5.3.1 防仿冒保護需求

A.5.3.2 Anti-copy protection methods
A.5.3.2 防仿冒保護方法

A.5.4 Personalization Technique
A.5.4 個人化技術

A.5.4.1 Document personalization
A.5.4.1 文件個人化

A.5.4.2 Protection against alteration
A.5.4.2 防止竄改

• laser toner printing;  雷射碳粉列印；
• thermal transfer printing;
  熱轉印列印；
• ink-jet printing;  噴墨列印；
• photographic processes; and
  攝影製程；及
• laser engraving.  雷射雕刻。

A.5.4.3 Choice of document system
A.5.4.3 文件系統的選擇

A.5.4.4 Protection against photo substitution and alteration of data on the biographical data page of a passport book
A.5.4.4 保護護照本生理資料頁面不被替換照片及資料竄改

• personalizing the portrait and all biographical data by integration into the basic material;
  將肖像和所有生理資料整合至基本材料中進行個人化；
• the security printed background (e.g. guilloche) shall merge within the portrait area;
  安全印刷背景（例如盾形花紋）應與肖像區域融合；
• use of reactive ink and chemical sensitizers in the paper;
  使用反應性油墨和化學感光劑於紙張上；
• a visible security device should overlap the portrait without obstructing the visibility of the portrait; an optically variable feature is recommended; and
  可見的安全裝置應跨越肖像，但不得阻礙肖像的可見性；建議使用光變特徵；且
• use of a heat-sealed (or equivalent) secure laminate, or the combination of an personalizing technology and substrate material that provide an equivalent resistance to substitution and/or counterfeit of the portrait and other biographical data.
  使用熱封（或同等）安全覆膜，或結合個人化技術與基底材料，以提供與替換和/或偽造肖像及其他個人資料同等級的防護。

Additional features:  額外特徵：

• displayed signature of the holder may be scanned and incorporated into the printing;
  持卡人的簽名可能會被掃描並納入列印；
• steganographic image incorporated in the document;
  文件中納入隱寫術影像；
• additional portrait image(s) of holder;
  額外的持卡人肖像影像；
• machine-verifiable features as detailed in Doc 9303, Parts 9 through 12.
  依照文件 9303 第 9 至第 12 部分所詳述的可機器驗證特徵。

A.5.5 Additional Security Measures for Passport Books
A.5.5 護照簿的額外安全措施

A.5.5.1 Position of the biographical data page
A.5.5.1 個人資料頁的位置

A.5.5.2 Whole-page substitution
A.5.5.2 整頁替換

Basic features:  基本特徵：

• the sewing technology that binds the pages into the book must be such that it must be difficult to remove a page without leaving clear evidence that it has happened;
  將頁面裝訂成冊的縫紉技術必須使得移除頁面時會留下明顯的痕跡；
• security background of the biographical data page printed in a design that is different from that of the visa pages;
  生物識別資料頁的安全背景採用與簽證頁不同的設計；
• page numbers integrated into the security design of the visa pages; and
  簽證頁面安全設計中整合的頁碼；
• serial number on every sheet, preferably perforated.
  每張紙上都有序號，最好是打孔的。

• multi-colour and/or specifically UV fluorescent sewing thread;
  多色和/或特殊紫外線螢光縫紉線；
• programmable thread-sewing pattern;
  可程式化的縫紉線路徑；
• UV cured glue applied to the stitching;
  塗抹於縫線上的紫外線固化膠；
• index or collation marks printed on the edge of every visa page;
  每頁簽證邊緣印製的索引或對照標記；
• laser-perforated security features to the biographical data page; and
  以雷射打孔的安全特徵標示在個人資料頁；且
• biographical data printed on an inside page in addition to the data page.
  除了資料頁外，另在內頁印製的個人資料。

A.5.6 Quality Control  A.5.6 品質控管

A.5.7 Security Control of Production and Product
A.5.7 生產和產品的安全控制

A.5.7.1 Protection against theft and abuse of genuine document blanks or document components
A.5.7.1 防範真品文件空白或文件組件遭竊盜和濫用

• good physical security of the premises with controlled access to delivery/shipment and production areas, and document storage facilities;
  良好的場所實體安全，控管送貨、出貨和生產區域以及文件儲存設施的進出；
• full audit trail, with counting and reconciliation of all materials (used, unused, defective or spoiled) and certified records of same;
  完整的稽核追蹤，對所有材料（已使用、未使用、有缺陷或報廢的）進行盤點和對帳，並有經過認證的相關紀錄；
• all document blanks and other security-sensitive components serially numbered with full audit trail for every document from manufacture to dispatch, as applicable;
  所有文件空白頁及其他涉及安全的元件，均須依序編號，並為每份文件從製造到發送的過程提供完整的稽核追蹤紀錄（如適用）；
• where applicable, tracking and control numbers of other principal document components (e.g. rolls or sheets of laminates, optically variable feature devices);
  在適用的情況下，其他主要文件元件的追蹤及控制編號（例如複合材料捲筒、捲片，或具光變特徵的裝置）；
• secure transport vehicles for movement of blank documents and other principal document components (if applicable);
  用於移動空白文件及其他主要文件元件的安全運輸車輛（如適用）；
• details of all lost and stolen travel document blanks to be rapidly circulated between governments and to border control authorities with details sent to the INTERPOL lost and stolen database;
  所有遺失及被竊旅行證件空白頁的詳細資訊，須迅速在各政府間流通，並將相關資訊傳送至國際刑警組織的遺失及被竊資料庫；
• appropriate controls to be in place to protect the production procedures from internal fraud; and
  建立適當的控制機制，以防範生產流程中的內部詐欺；以及
• security vetting of staff.
  員工安全背景調查。

Additional measures:  額外措施：

• CCTV coverage/recording of all production areas, where permitted; and
  在允許的情況下，所有生產區域均設置閉路監視系統/錄影；以及
• centralized storage and personalization of blank documents in as few locations as possible.
  集中儲存並個人化儘可能少的空白文件。

APPENDIX B TO PART II - MACHINE ASSISTED DOCUMENT SECURITY VERIFICATION (INFORMATIVE)
附錄 B 至 第二部分 - 機器輔助文件安全驗證（資訊性）

B. 1 SCOPE  B. 1 範圍

B. 2 DOCUMENT READERS AND SYSTEMS FOR MACHINE AUTHENTICATION
B. 2 文件讀取器和機器驗證系統

B.2.1 Standard Readers  B.2.1 標準讀取器

• VIS, UV, IR illumination and high resolution image grabbing capabilities (minimum resolution 300 dpi) - this allows for reading the MRZ (preferably in the IR spectral range) and image processing of other features (in the VIS spectral range); and
  可見光（VIS）、紫外線（UV）、紅外線（IR）照明和高解析度影像擷取能力（最低解析度 300 dpi）- 這允許讀取機讀區（MRZ）（最好是在紅外線光譜範圍內）和處理其他特徵的影像（在可見光光譜範圍內）；
• ISO 14443 compliant contactless IC readers ( $@13.56\mathrm{MHz}$$@13.56\mathrm{MHz}$@13.56MHz@ 13.56 \mathrm{MHz} frequency).
  ISO 14443 相容的非接觸式 IC 讀卡機（ $@13.56\mathrm{MHz}$$@13.56\mathrm{MHz}$@13.56MHz@ 13.56 \mathrm{MHz} 頻率）。

• MRZ read and check digit verification;
  機讀區（MRZ）讀取和檢查碼驗證；
• Contactless IC read and Passive Authentication (and, optionally, Active Authentication); and
  非接觸式 IC 讀取及被動式驗證（且可選擇性地進行主動式驗證）；
• generic security checks (UV dull paper, IR readable MRZ, …).
  一般性的安全檢查（紫外線暗色紙張、可讀取紅外線機讀區等）。

• pattern recognition using databases (based on VIS, UV and IR images);
  使用資料庫進行模式辨識（基於可見光、紫外線和紅外線影像）；
• read and authenticate digital watermarks (steganographic features) to check for authentic issuance;
  讀取並驗證數位浮水印（隱寫特徵）以檢查是否為正版核發；
• detect and read out (alphanumeric) displays and their future security features; and
  偵測並讀取（英數）顯示器及其未來的安全功能；以及
• detect and read out LED-in-plastic based security features.
  偵測並讀取塑膠內嵌 LED 的安全功能。

B.2.2 Advanced Readers  B.2.2 進階讀取器

• coaxial illumination for the verification of retro-reflective security overlays;
  同軸光照以驗證反光安全覆蓋層；
• laser diode or LED illumination for the verification of special structure features, e.g. for optically diffractive devices (DOVIDs);
  雷射二極體或 LED 光照以驗證特殊結構特徵，例如用於光學繞射裝置（DOVIDs）；
• magnetic sensors for special substrate features, e.g. for the verification of magnetic fibres;
  磁感測器用於特殊基底特徵，例如驗證磁性纖維；
• spectral analysis or polarization detection devices; and
  光譜分析或偏振檢測裝置；
• transmission illumination of the MRP data page for the verification of registered watermarks, laser perforation, window-features and see-through registers - needs a special reader geometry to allow for the placement of the data page only (no cover behind) on the reader.
  需採用特殊讀取器幾何設計，以便僅能將資料頁（不允許背面）放置於讀取器上，用於驗證已註冊的浮水印、雷射打孔、視窗特徵和透明登記資訊之傳輸照明。

B.2.3 Background Systems, Public Key Infrastructure (PKI)
B.2.3 背景系統、公開金鑰基礎建設（PKI）

B. 3 SECURITY FEATURES AND THEIR APPLICATION FOR MACHINE AUTHENTICATION
B.3 安全特徵及其在機器驗證的應用

B.3.1 Substrate Materials
B.3.1 基材

B.3.1.1 Paper forming the pages of a travel document
B.3.1.1 構成旅行文件頁面的紙張

B.3.1.2 Paper or other substrate in the form of a label
B.3.1.2 紙張或其他形式的標籤基材

B.3.1.3 Synthetic substrates
B.3.1.3 合成基材

B.3.2 Security Printing  B.3.2 安全印刷

B.3.2.1 Background and text printing
B.3.2.1 背景和文字列印

• Impractical implementation for passport readers
  對於護照閱讀器來說不切實際的實作
  # User interaction required and not suitable for Automated Border Control systems
  需要使用者互動且不適合自動邊境管制系統

B.3.2.2 Inks  B.3.2.2 墨水

B.3.2.3 Numbering  B.3.2.3 編號

B.3.3 Protection Against Copying
B.3.3 防止複製

B.3.4 Personalization Techniques
B.3.4 個人化技術

B 3.4.1 Protection against photo substitution and alteration
B 3.4.1 防止照片替換和修改

B 3.6 Additional Security Measures Suited for Machine Authentication
B 3.6 適用於機器驗證的額外安全措施

B. 4 SELECTION CRITERIA FOR MACHINE VERIFIABLE SECURITY FEATURES
B. 4 機器可驗證安全特徵之選擇標準

• security - the most important criterion;
  安全性 - 最重要的準則；
• availability, but exclusiveness for security documents (preferably more than one supplier available);
  可用性，但僅限於安全文件（最好有多家供應商可供選擇）；
• dual-use, i.e. additional purpose of the feature beyond machine authentication, e.g. general anti-copy property or visual inspection;
  雙重用途，即該功能除了機器驗證外還有額外目的，例如一般防複製屬性或視覺檢查；
• potential of the Machine Authentication feature to be personalized (i.e. individualized) with information from the passport to secure the personal data (e.g. the passport number, name) in order to avoid reuse of parts of genuine passports;
  機器驗證功能具有使用護照中的資訊進行客製化（即個人化）的潛力，以確保個人資料安全（例如護照號碼、姓名），藉此避免真正護照部分被重複使用；
• compatibility to issuing processes for MRTDs;
  與旅行證件發證流程的相容性；
• compatibility (to existing and standardized properties of MRTDs);
  與（現有和標準化的旅行證件）特性的相容性；
• compatibility to control process at the border and elsewhere (e.g. no obstruction of basic security features, no extra time needed);
  邊境及其他地方的控制流程相容性（例如：不阻礙基本安全功能，不需額外時間）；
• interoperability;  互操作性；
• sensor availability;  感測器可用性；
• cost (for feature and sensor);
  成本（功能和感測器）；
• Intellectual Property (IP) issues, e.g., patents;
  智慧財產權（智慧財產）議題，例如專利；
• primary inspection vs. secondary;
  初級檢查與次級檢查；
• time required to actually utilize the feature;
  實際運用該功能所需的時間；
• potential difficulties associated with the book manufacturing and/or the personalization processes; and
  與書籍製作及/或個人化流程相關的潛在困難；及
• durability, i.e. according to the relevant ISO and ICAO specifications for MRTDs.
  耐久性，亦即依照與機讀旅行文件相關的 ISO 和 ICAO 規範。

APPENDIX C TO PART II - THE PREVENTION OF FRAUD ASSOCIATED WITH THE ISSUANCE PROCESS (INFORMATIVE)
附錄丙至第二部分 - 與發證程序相關的詐欺預防（參考資訊）

C. 1 SCOPE  丙、1 範圍

C. 2 FRAUD AND ITS PREVENTION
C. 2 詐欺及其預防

• theft of genuine blank MRTDs and completion to make them look valid;
  竊盜真實的空白機器可判讀旅行文件（MRTDs）並填寫使其看起來有效；
• applying for the MRTD under a false identity using genuine evidence of nationality and/or identity stolen from another individual, or otherwise obtained improperly;
  以他人被盜或不當取得的國籍及/或身份證據，以虛假身份申請機器可判讀旅行文件；
• applying for the MRTD under a false identity using manufactured false evidence of nationality and/or identity;
  使用偽造的國籍和/或身份證據，以虛假身份申請機讀旅行證件；
• using falsely declared or undeclared lost and/or stolen MRTDs that can be provided to people who might use them in look-alike fraud or with repetitive photo substitutions; and
  使用被虛假聲明或未申報遺失及/或被盜的機讀旅行證件，這些證件可提供給可能進行相貌欺詐或重複替換照片的人；及
• reliance on MRTD employees to manipulate the MRTD system to issue an MRTD outside the rules.
  依賴機讀旅行證件員工操縱系統，以違反規定的方式核發機讀旅行證件。

• altering a genuinely issued document to make it fit a bearer who is not the person to whom the MRTD was issued; and
  變造原本正式簽發的文件，使其看似屬於非原始文件持有人的其他人；及
• applying for an MRTD with the intention of giving or selling it to someone who resembles the true bearer.
  申請機讀旅行證件（MRTD），意圖將其轉售或贈與與真正持有人相貌相似的人。

C. 3 RECOMMENDED MEASURES AGAINST FRAUD
C. 3 打擊詐欺之建議措施

C. 4 PROCEDURES TO COMBAT FRAUDULENT APPLICATIONS
C. 4 打擊詐欺申請的程序

C. 5 CONTROL OF ISSUING FACILITIES
C. 5 簽發設施管控

APPENDIX D TO PART 2 - ASF/SLTD KEY CONSIDERATIONS (INFORMATIVE)
附錄 D - ASF/SLTD 關鍵考量因素（資訊性）