Biometric passport

This section needs additional citations for verification. Please help improve this article by adding citations to reliable sources in this section. Unsourced material may be challenged and removed. (September 2022) (Learn how and when to remove this message)

Biometric passports have protection mechanisms to avoid and/or detect attacks:

Non-traceable chip characteristics

Random chip identifiers reply to each request with a different chip number. This prevents tracing of passport chips. Using random identification numbers is optional.

Basic Access Control (BAC)

BAC protects the communication channel between the chip and the reader by encrypting transmitted information. Before data can be read from a chip, the reader needs to provide a key which is derived from the Machine Readable Zone: the date of birth, the date of expiry and the document number. If BAC is used, an attacker cannot (easily) eavesdrop transferred information without knowing the correct key. Using BAC is optional.

Passive Authentication (PA)

PA is aimed at identifying modification of passport chip data. The chip contains a file, Document Security Object (SOD), that stores hash values of all files stored in the chip (picture, fingerprint, etc.) and a digital signature of these hashes. The digital signature is made using a document signing key which itself is signed by a country signing key. If a file in the chip (e.g., the picture) is changed, this can be detected since the hash value is incorrect. Readers need access to all used public country keys to check whether the digital signature is generated by a trusted country. Using PA is mandatory.^[6] As of January 2017, 55 of over 60 e-passport-issuing countries belong to the ICAO Public Key Directory (PKD) program.^[7]

Active Authentication (AA)

AA prevents cloning of passport chips. The chip contains a private key that cannot be read or copied, but its existence can easily be proven. Using AA is optional.

Extended Access Control (EAC)

EAC adds functionality to check the authenticity of both the chip (chip authentication) and the reader (terminal authentication). Furthermore, it uses stronger encryption than BAC. EAC is typically used to protect fingerprints and iris scans. Using EAC is optional. In the European Union, using EAC is mandatory for all documents issued starting 28 June 2009.^{[citation needed]}

Supplemental Access Control (SAC)

SAC was introduced by ICAO in 2009 for addressing BAC weaknesses. It was introduced as a supplement to BAC (for keeping compatibility), but will replace it in the future.

Shielding the chip

This prevents unauthorised reading. Some countries – including at least the US – have integrated a very thin metal mesh into the passport's cover to act as a shield when the passport cover is closed.^[8] The use of shielding is optional.

To assure interoperability and functionality of the security mechanisms listed above, ICAO and German Federal Office for Information Security (BSI) have specified several test cases. These test specifications are updated with every new protocol and are covering details starting from the paper used and ending in the chip that is included.^[9]

Since the introduction of biometric passports, several attacks have been presented and demonstrated.

Non-traceable chip characteristics

In 2008, a Radboud/Lausitz University team demonstrated that it is possible to determine which country a passport chip is from without knowing the key required for reading it.^[10] The team fingerprinted error messages of passport chips from different countries. The resulting lookup table allows an attacker to determine from where a chip originated. In 2010, Tom Chothia and Vitaliy Smirnov documented an attack that allows an individual passport to be traced,^[11][12] by sending specific BAC authentication requests. In 2016, Avoine et al. published a survey on security and privacy issues in passport protocols, where a new technique to track passports is introduced, based on the response time of basic commands.^[13]

Basic Access Control (BAC)

In 2005, Marc Witteman showed that the document numbers of Dutch passports were predictable,^[14] allowing an attacker to guess/crack the key required for reading the chip. In 2006, Adam Laurie wrote software that tries all known passport keys within a given range, thus implementing one of Witteman's attacks. Using online flight booking sites, flight coupons and other public information it's possible to significantly reduce the number of possible keys. In some early biometric passports BAC wasn't used at all, allowing attacker to read the chip's content without providing a key.^[15]

Passive Authentication (PA)

In 2006, Lukas Grunwald demonstrated that it is trivial to copy passport data from a passport chip into a standard ISO/IEC 14443 smartcard using a standard contactless card interface and a simple file transfer tool.^[16] Grunwald used a passport that did not use Active Authentication (anti-cloning) and did not change the data held on the copied chip, thus keeping its cryptographic signature valid.

In 2008, Jeroen van Beek demonstrated that not all passport inspection systems check the cryptographic signature of a passport chip. For his demonstration Van Beek altered chip information and signed it using his own document signing key of a non-existing country. This can only be detected by checking the country signing keys that are used to sign the document signing keys. To check country signing keys the ICAO PKD^[17] can be used. Only 5 out of 60+ countries are using this central database.^[18] Van Beek did not update the original passport chip: instead an ePassport emulator was used.^[19]

Also in 2008, The Hacker's Choice implemented all attacks and published code to verify the results.^[20] The release included a video clip that demonstrated problems by using a forged Elvis Presley passport that is recognized as a valid US passport.^[21]

Active Authentication (AA)

In 2005, Marc Witteman showed that the secret Active Authentication key can be retrieved using power analysis.^[14] This may allow an attacker to clone passport chips that use the optional Active Authentication anti-cloning mechanism on chips – if the chip design is susceptible to this attack.

In 2008, Jeroen van Beek demonstrated that optional security mechanisms can be disabled by removing their presence from the passport index file.^[22] This allows an attacker to remove – amongst others – anti-cloning mechanisms (Active Authentication). The attack is documented in supplement 7 of Doc 9303 (R1-p1_v2_sIV_0006)^[23] and can be solved by patching inspection system software. Note that supplement 7 features vulnerable examples in the same document that – when implemented – result in a vulnerable inspection process.^{[citation needed]}

In 2014, Calderoni et al. show a procedure to bypass the security protocol that is commonly adopted to prove chip authenticity (Active Authentication) within first-generation electronic passports. The discussed breach is related to some metadata files (EF.COM, EF.SOD) and allows the attacker to conceal those data required by the inspection system during the protocol's execution.^[24] This breach may facilitate a malicious user in using fake documents cloned from original ones.

Extended Access Control (EAC)

In 2007, Lukas Grunwald presented an attack that can make EAC-enabled passport chips unusable.^[25] Grunwald states that if an EAC-key – required for reading fingerprints and updating certificates – is stolen or compromised, an attacker can upload a false certificate with an issue date far in the future. The affected chips block read access until the future date is reached.

Privacy proponents in many countries question and protest the lack of information about exactly what the passports' chip will contain, and whether they affect civil liberties. The main problem they point out is that data on the passports can be transferred with wireless RFID technology, which can become a major vulnerability. Although this could allow ID-check computers to obtain a person's information without a physical connection, it may also allow anyone with the necessary equipment to perform the same task. If the personal information and passport numbers on the chip are not encrypted, the information might wind up in the wrong hands.

On 15 December 2006, the BBC published an article^[26] on the British ePassport, citing the above stories and adding that:

"Nearly every country issuing this passport has a few security experts who are yelling at the top of their lungs and trying to shout out: 'This is not secure. This is not a good idea to use this technology'", citing a specialist who states "It is much too complicated. It is in places done the wrong way round – reading data first, parsing data, interpreting data, then verifying whether it is right. There are lots of technical flaws in it and there are things that have just been forgotten, so it is basically not doing what it is supposed to do. It is supposed to get a higher security level. It is not."

and adding that the Future of Identity in the Information Society (FIDIS) network's research team (a body of IT security experts funded by the European Union) has "also come out against the ePassport scheme... [stating that] European governments have forced a document on its people that dramatically decreases security and increases the risk of identity theft."^[27]

Most security measures are designed against untrusted citizens (the "provers"), but the scientific security community recently also addressed the threats from untrustworthy verifiers, such as corrupt governmental organizations, or nations using poorly implemented, unsecure electronic systems.^[28] New cryptographic solutions such as private biometrics are being proposed to mitigate threats of mass theft of identity. These are under scientific study, but not yet implemented in biometric passports.

A number of people oppose this technology citing religion or forced data collection, describing biometrics as "the mark of the beast".^[29]

• Algeria: Issued since 5 January 2012.^[30] Valid for 10 years for adults, and 5 years for minors. The data page of the passport is from rigid polycarbonate plastic and contains a microchip embedded in which are stored biometric data of the holder including fingerprints, photo and signature. The data is extracted from the chip with wireless RFID technology.
• Benin: Issued since 2022.^[31]
• Botswana: Issued since 8 March 2010.^[32][33] The Botswana passport, which features 48 pages, is written in English and French. The first page features a map of Botswana superimposed with wildlife.
• Cameroon: Issued since July 2021, costing 110,000 CFA. Valid for 5 years.^[34]
• Cape Verde: Issued since 26 January 2016, costing €50. It is noted that the scheme will gradually expand to Cape Verdean diplomatic missions in Boston and Lisbon in the future.^[35]
• Egypt: Egypt does not yet issue biometric passports.
• Gabon: Issued since 23 January 2014.
• Ghana: Issued since 1 March 2010 and costing GH¢ 50–100 for adults and children. The passports contain several other technological characteristics other than biometric technology. However the Ghanaian biometric passports do not carry the "chip inside" symbol (), which is mandatory for ICAO-standard electronic passports.^[36][37][38]
  As of February 2020^[update], the application fee for regular 32 page passport booklet is GH₵320 and GH₵550 for regular 48 page passport booklet. The application fee for expedited 32 page passport booklet is GH₵350 and GH₵300 for expedited 48 page passport booklet.^[39] To facilitate the application for and acquisition of Ghanaian passports, Passport Application Centers (PACs) have been set up around the major cities of Ghana, including Accra, Kumasi, Tamale, Ho, Sekondi-Takoradi, and in Sunyani.^[40] 22 Diplomatic Missions outside Ghana have the mandate as at November 2020, to issue Biometric Passports to Ghanaians who are abroad.^[41] Passports issued for applications received starting 31 March 2019 have a validity period of ten years (it was previously five years).^[42] The Ministry of Foreign Affairs and Regional Integration has introduced a 48-page passport booklet (It was previously 32 pages only) available from 1 February 2020.
• Kenya: Issued since 1 September 2017. Contain fingerprints, facials and signature including other vital information, which is all ICAO compliant.
  In mid July 2019, a few foreign embassies such as Berlin, Paris, London, and Washington, DC started processing applications for Kenyans in the diaspora. Kenya plans to invalidate old style passports on 31 December 2021.
• Lesotho: Date of introduction is uncertain. However, the enabling statute was tabled in November 2016.^[43]
• Libya: The Libyan government stated that it will start issuing biometric passports of ordinary passports by the end of 2025, although the biometric passports of Diplomatic and Special passports were issued since 2021.
• Madagascar: Issued since 2014 and costs 110,000 Ariary. Since September 2014, it is mandatory for Malagasy citizens to depart the country with a biometric passport.^[44]
• Mauritania: Issued since 6 May 2011,^[45] costs US$115.68. Valid for 5 years.
• Morocco: Issued since 2008 for trial, and in general since 25 September 2009,^[46] costs MAD 500 (approximately US$49).
• Mozambique: Issued since September 2014. The issuance of such passports was suspended 40 days later but was resumed in February 2015.^[47]
• Namibia: Issued since 8 January 2018.^[48][49]
• Nigeria: Issued since 2007 as the first in Africa. The harmonized ECOWAS Smart electronic passport issued by the Nigerian Immigrations Service is powered by biometric technology in tandem with the International Civil Aviation Organization (ICAO) specifications for international travels.
  Travelers' data captured in the biometric passport can be accessed instantly and read by any security agent from any spot of the globe through an integrated network of systems configured and linked to a centrally-coordinated passport data bank managed by the Nigerian Immigrations Service.^{[citation needed]}
• Rwanda: Issued since 27 June 2019, and is in compliance with the new East African Community technical specifications as well as International Civil Aviation Organization (ICAO). Among the new features include a microchip making it tamper-proof. The Rwandan passport is issued Rwandan citizens for international travel. Rwanda started issuing East African Community Biometric Passport also known as E-Passport in June 2019 replacing the old ones that will only stay valid until June 2021, The new passports are valid for five years and ten years. Ordinary, service, and diplomatic passports are issued.
• Sierra Leone: Issued since 1 September 2015 in compliance with International Civil Aviation Organisation (ICAO). New book design launched at the same time as the switch to e-passport from Machine Readable Passport (MRP). Book re-designed again in 2022 and electronic chip upgraded for faster processing of bio-metric data. Currently issuing e-passports for Ordinary, Diplomatic and Service books.^[50]
• Somalia: Issued since 10 October 2006, costs US$100 if applied inside of Somalia, and US$150 abroad.^[51]
• South Sudan: Issued since 3 January 2012.^[52][53] The new passport are valid for five years.
• Sudan: Issued since May 2009, costs SDG 250 (approximately USD 100), SDG 200 for students and SDG 100 for children. Valid for 10 years, or 7 years for a commercial passport.^[54]
  The new electronic passports are issued in three categories. The citizen's passport (ordinary passport) is issued to ordinary citizens and contains 48 pages. Business men/women who need to travel often have a commercial passport that contains 64 pages. Smaller passports that contain 32 pages only are issued to children. The microprocessor chip contains the holder's information.
• Tanzania: Issued since 1 January 2018. The Bio-metric Tanzanian passport is one of the strongest passports in Africa. It is in compliance with the new East African Community Passport which eases border crossing for east African community member nationals.
• Togo: Issued since August 2009, cost then was 30,000 CFA francs. For Togolese residing abroad, the price varies.
• Tunisia: The Tunisia ministry of interior stated that it will start issuing biometric passports at the end of year 2016 which did not happen.
• Zimbabwe: The Zimbabwean government launched the new e-passports on 15 December 2021 at Chiwashira Building in Harare.^[55]

• Afghanistan: Issued since September 2011. Contains digital images of fingerprints, photo and electronic signature of the passport holder. Valid for up to 10 years.^[56][57]
• Armenia: Issued since July 2012. Contains digital images of fingerprints, photo and electronic signature of the passport holder. Valid for 10 years.^[58][59][60]
• Azerbaijan: Issued since September 2013. Contains information about the passport holder's facial features, as well as finger and palm prints.
• Bahrain: Issued since 20 March 2023.^[61][62]
• Bangladesh: Issued since April 2010, biometric machine-readable passports cost ৳3450 (US$28) for regular delivery, including all taxes, and ৳6900 (US$57) for express delivery including all taxes.^[63] E-passports cost ৳4025 (US$33) to ৳13800 (US$110) with all taxes included.^[64] The cost varies depending on the number of pages and the validity of the e-passport.^[64] The e-passport is valid for either five years or ten years depending on the age of the applicant.^[65] Bangladesh is the first country in South Asia to issue e-passports for all eligible citizens. The electronic microprocessor chip embedded e-passport has forty-one different security features, including holographic images embossed in thin film laminate, which change colour under light and appear to move.^[66] Demographic and biometric information of the bearer including the fingerprints of all ten fingers, iris scan, color photograph of the face and digital signature are stored on the chip in the e-passport.^[67] The Government of Bangladesh issues three different types of e-passports. These are diplomatic passports with a red cover; official passports with a blue cover; and regular or ordinary passports with a green cover.
• Brunei: Issued since 17 February 2007. The Bruneian ePassport has the same functions as the other biometric passports.^[68]
• Cambodia: Issued since 17 July 2014. The cost for a 5-year passport, issued only to children aged five and under, is US$80; while the 10-year passport, issued to all people older than five, costs US$100.^[69]
• China: On 30 January 2011, the Ministry of Foreign Affairs of the People's Republic of China launched a trial issuance of e-passports for public affairs. The face, fingerprint and other biometric features of the passport holder will be digitalized and stored in pre-installed contactless smart chip in the passport.^[70][71] On 1 July 2011, the Ministry began issuing biometric passports to all individuals conducting public affairs work overseas on behalf of the Chinese government.^[72]
  Ordinary biometric passports have been introduced by the Ministry of Public Security starting from 15 May 2012.^[73] The cost of a passport is 200 CNY (approximately US$31) for first time applicants in China and CNY 220 (or US$35) for renewals and passports issued abroad.
  Effective from 1 July 2017, cost of a biometric ordinary passport is reduced to CNY 160 (approximately US$24) for both first time applicants and renewal applicants.^[74] As of April 2017, China had issued over 100 million biometric ordinary passports.^[75]
• Hong Kong: In 2006, the Immigration Department announced that Unihub Limited (a PCCW subsidiary company heading a consortium of suppliers, including Keycorp) had won the tender to provide the technology to produce biometric passports. In February 2007, the first biometric passport was introduced. The cover of the new biometric passport remains essentially the same as that of previous versions, with the addition of the "electronic passport" logo at the bottom. However, the design of the inner pages has changed substantially. The design conforms with the document design recommendations of the International Civil Aviation Organization. The new ePassport featured in the 2008 Stockholm Challenge Event and was a finalist for the Stockholm Challenge Award in the Public Administration category. The Hong Kong SAR ePassport design was praised on account of the "multiple state-of-the-art technologies [which] are seamlessly integrated in the sophisticated Electronic Passport System (e-Passport System)".^[76] The cost for a HKSAR passport is HKD 370 (or USD 48) for a 32-page passport and HKD 460 (or USD 59) for a 48-page passport.^[77]
• Macao: Issued since 1 September 2009.
• Georgia: Issued since 2010. Valid for 10 years to adults, costing 150 lari if issued at tenth business day. The same day issuance will cost 350 lari. The price of the photo (3 Lari) needs to be paid additionally. There are discounts, e.g. a 50% discount for persons under age 18.^[78][79]
• India: India calls Biometric Passport as ePassport.
  The Government of India issues three different types of passports – Diplomatic passports; Official passports; and regular/ordinary passports.
  India initiated the first phase deployment of Biometric Passports in 2008, only to diplomatic passport holders. On 25 June 2008 Indian Passport Authority issued the first Biometric passport to Pratibha Patil, the then President of India.^[80]
  Between 2008 and 2024, Biometric passport rollout for ordinary citizens was in various stages of internal development, testing and tendering.
  In April 2024, the government has finally started the test rollout of Biometric Passports to ordinary citizens. It started with the testing of the project at Regional Passport Offices (RPO) in Bhubaneswar and Nagpur. Post successful pilot launch and requisite certifications, it will be rolled out at remaining Regional Passport Offices across India in a phased manner in 2025.
• Indonesia: 48-page biometric passports cost Rp650,000 (US$43).^[81] As of 12 October 2022, the validity of newly issued passports are extended from 5 years to 10 years.^[82]
  Diplomatic and service biometric passports are issued since 19 August 2021.^[83]
• Iran: Issued since July 2007 for diplomatic and service passports, 20 February 2011 for ordinary biometric passports. The cost of a new passport was approximately IRR 1,500,000 (less than US$8) if issued inside Iran, 100 euros if issued overseas.^[84]
• Iraq: Iraq started issuing the biometric passport to the public in March 2023.^[85]
• Israel: Issued since July 2013 for a 2-year pilot project under the Biometric Database Law. This was optional. In August 2013, any passport expiring in more than 2 years could be replaced free of charge with a biometric one upon request. Passports expiring within 2 years were charged the full fee.
  The review of the pilot project (that was supposed to be concluded in 2015) was postponed by order of the Minister of the Interior to a later date, due to the controversy regarding the creation of the Biometric Database rather than storing the biometric data only in the passport's chip, as is the practice in many other countries. In 2015, the duration of the pilot project was extended until 2017. In May 2017, the pilot project ended. Newly issued passports were then required to be biometric.^[86]
  To obtain a biometric passport, an applicant must appear in an Interior Ministry office "to be photographed by the special camera which records information such as facial bone structure, distance between one's eyes, ears to eyes and ratio of facial features one from another. The applicant will also be fingerprinted and all this information will be stored in the new high-tech electronic passport."^[87]
  As of January 2022, Israeli passports issued in the airport or outside of Israel are not biometric, and are generally valid for 5–10 years (1 year if issued as an emergency passport in the airport).
• Japan: Issued since March 2006. The passports meet requirements of the U.S Visa Waiver Program which calls for countries to roll out their biometric passports before 26 October 2006.
• Jordan: On 1 September 2025, Jordan officially launched its electronic passport (e-passport) service as part of a broader initiative to modernize public services and enhance digital transformation. The e-passport includes advanced security features, biometric data stored on an embedded electronic chip, and a polycarbonate profile page designed for durability and resistance to tampering. It complies with international standards set by the International Civil Aviation Organization (ICAO). The e-passport is available to all Jordanian citizens for new issuance, renewal, or replacement in cases of loss or damage. Citizens may choose between the traditional passport and the e-passport, with no change in issuance fees. Both passport types remain valid for travel. The service is accessible through the Civil Status and Passports Department’s e-services portal and the Sanad mobile application. Passports are delivered via Jordan Post for a nominal fee. The launch follows a pilot phase attended by government officials, including the Minister of Interior and the Minister of Digital Economy and Entrepreneurship. The introduction of the e-passport is part of a wider digitalization strategy by the Civil Status and Passports Department, which has launched 25 electronic and 6 digital services out of a total of 58. The share of electronic transactions increased from 4.63% in the first five months of the year to 23% in the subsequent three months.^[88]
• Kazakhstan: Kazakhstan has presented its concept at implementing biometric passport in 2009.
• Kuwait: Issued since March 2017. By late 2018 older non-biometric passports will no longer be valid for use.
• Laos: Issued since September 2016.
• Lebanon: Issued since 1 August 2016. Lebanese passports are navy blue, with the Lebanese Cedar emblazoned in the centre of the front cover. "The Lebanese Republic, Passport" is written on the cover page in both Arabic and French. The contents of the passport are in Arabic, French and English.
• Malaysia: Issued since 1998.^[1] Malaysia is however not a member of the Visa Waiver Program (VWP) and its first biometric passport did not conform to the same standards as the VWP biometric document because the Malaysian biometric passport was issued several years ahead of the VWP requirement. The difference lies in the storage of fingerprint template instead of fingerprint image in the chip, the rest of the technologies are the same. Also the biometric passport was designed to be read only if the receiving country has the authorisation from the Malaysian Immigration Department. Malaysia started issuing ICAO compliant passports from February 2010.^[89]
  Malaysia used to issue passports with validity for 2 years and 5 years, but the passport with 2 years validity was withdrawn since January 2015.^[90]
  The pricing for a Malaysian passport are RM 200 (approximately US$50) with 5 years validity, MYR 100 (approximately US$25) for senior citizens, children below 12, Hajj pilgrims, and students below 21 and studying abroad is MYR 100 and is free for disabled citizens.^[91]
• Maldives: Issued since 26 July 2006. The new passport follows a completely new design, and features the passport holder's facial and fingerprint information as biometric identifiers. A 32-page Ordinary passport will cost Rf350, while a 64-page Ordinary passport will cost Rf600. Children under the age of 10 years and people applying for passports through diplomatic missions abroad will be issued with a 32-page non-electronic Ordinary passport, which will cost Rf250.
• Mongolia: Issued since the end of 2016.
• Nepal: Nepal started issuing E-passport from end of 2021.^[92] Nepalese writer Satya Mohan Joshi was the first to receive the e-passport.^[93][94] The Nepalis e-passports are produced by IDEMIA, the software that the Passport office uses is also from the same company.^[95]
• Oman: Issued since the end of 2014.^[96] It consists of 48 pages and is valid for up to 10 years. Omani passports' cover is red and have inscriptions in golden letters indicating the official name of the country at the top and the word "passport" at the bottom both in Arabic and English divided by the coat of arms. The biometric passport symbol, alerting to the presence of a RFID chip inside the document, is at the very bottom of the cover page.^[97]
• Pakistan: The Government of Pakistan issues three different types of passports. These are Diplomatic passports; Official passports; and Ordinary passports. On 30 March 2022, Prime Minister Imran Khan launched the e-passport service, which has twenty-nine new security features added. At this initial stage, the e-passport facility was only available for diplomatic officials and government officials who are issued diplomatic passports and official passports respectively.^[98] The issuance of e-passports for Islamabad residents only commenced on 10 June 2023, at DGI&P Headquarters in Islamabad. However, starting from 16 August 2023, the issuance of e-passports extended to all field offices throughout the nation. Over time, this service will also be introduced to Foreign Missions of Pakistan abroad.^[99]
• Palestine: Issued since 1 September 2022. Costs NIS 200.
• Philippines: Issued since 11 August 2009, costs about ₱950.^[100][101]
• Qatar: Issued since 20 April 2008, costs QAR 200.^[102]
• Saudi Arabia: On 10 February 2022, the Saudi Arabian ministry of interior has announced that they began issuing the new electronic Saudi Passport, with the same issuing fees as the past (300 SAR for 5 years and 600 SAR for 10 years).^[103][104]
• Singapore: Issued since 15 August 2006,^[105] costs SGD 70 if applied for online, by mail or ICA deposit box and SGD 80 if applied for via a Singapore Overseas Mission. Valid for 10 years. The passport now complies with the U.S Visa Waiver Program.^[106]
• South Korea: Issued since 25 August 2008, costs 55,000 Won (USD 55). Validity for 5 years for men who have not served in the National Service, and 10 years for everybody else. On 21 December 2021, issuing the next generation biometric passports to South Korean citizens has begun, which was delayed by one year as planned due to the COVID-19 pandemic.^[107][108]
• Syria: Syria has started issuing biometric passports on 21 August 2023 for all new passports. The fee varies from £100 to £700 based on the period of processing. The validity varies between 2 years for young male citizens (due to military service), up to 6 years for other citizens. The current fee for the urgent passport (1–3 days processing time) makes it the most expensive passport globally.^[109]
• Taiwan: Issued since 29 December 2008, costs NT$1,300 (approximately US$40) for an ordinary passport with either 3, 5 or 10 years validity.[1]
• Tajikistan: Issued since 1 February 2010.
• Thailand: Diplomats and government officials passports issued from 26 May 2005. From 1 June 2005, a limited quantity of 100 passports a day was issued for Thai citizens, however, on 1 August 2005 a full operational service was installed and Thailand became the first country in Asia to issue an ICAO compliant biometric passport.^[110]
• Turkmenistan: Turkmenistan became the first country in ex-USSR, in mid-Asia region to issue an ICAO-compliant biometric passport. The passport is available since 10 July 2008.^[111]
• United Arab Emirates: The United Arab Emirates Ministry of Interior began to issue biometric passports on 11 December 2011, making it the second GCC state to launch biometric passports after Qatar.^[112]
• Uzbekistan: In Uzbekistan on 23 June 2009 Islam Karimov issued a Presidential Decree^[113] "On measures to further improve the passport system in the Republic of Uzbekistan." On 29 December 2009 the President of Uzbekistan signed a decree to change the dates for a phased exchange of populations existing passport to the biometric passport. In accordance with this decree, biometric passports were phased in, beginning on 1 January 2011. In the first phase, the biometric passport was issued to employees of ministries, departments and agencies of the republic, individuals who travel abroad or outside the country, as well as citizens who receive a passport in connection with the achievement of a certain age or for other grounds provided by law. The second phase was for the rest of the population who were able to get new passports for the period from 2012 to 2015.
• Vietnam: Issued since 1 March 2023, costs VNĐ100000 for a new issue, VNĐ200000 for a reissue due to damage or loss, is valid for 10 years and is only issued to citizens from 14 years old.^[114] As of March 2025, the biometric passport is only being issued in Vietnam. Overseas missions are still issuing non-biometric passports.

It was planned that, except for Denmark and Ireland, EU passports would have digital imaging and fingerprint scan biometrics placed on their RFID chips.^[115] This combination of biometrics aims to create an unrivaled level of security and protection against fraudulent identification papers.^[vague] Technical specifications for the new passports have been established by the European Commission.^[116] The specifications are binding for the Schengen agreement parties, i.e. the EU countries, except Ireland, and the four European Free Trade Association countries—Iceland, Liechtenstein,^[117][118] Norway and Switzerland.^[119] These countries are obliged to implement machine readable facial images in the passports by 28 August 2006, and fingerprints by 26 June 2009.^[120] The European Data Protection Supervisor has stated that the current legal framework fails to "address all the possible and relevant issues triggered by the inherent imperfections of biometric systems".^[121]

Irish biometric passports only used a digital image and not fingerprinting. German passports printed after 1 November 2007 contain two fingerprints, one from each hand, in addition to a digital photograph. Romanian passports will also contain two fingerprints, one from each hand. The Netherlands also takes fingerprints and was^[122] the only EU member that had plans to store these fingerprints centrally.^[123] According to EU requirements, only nations that are signatories to the Schengen acquis are required to add fingerprint biometrics.^[124]

In the EU nations, passport prices will be:

• Austria (available since 16 June 2006): a passport for citizens aged 12 or older costs €112,^[125] while a chip-free version for children aged 2-11 costs €44.^[126] As of March 2009 all newly issued passports for citizens aged 12 or older contain fingerprints.^[127] Passports are valid for 2 years after issuance for children up to the age of 1; 5 years for children aged 2–11; 10 years for citizens aged 12 and older.
• Belgium (introduced in October 2004): €71 or €41 for children + local taxes. As of May 2014, passports for adults are valid for 7 years.
• Bulgaria (introduced in July 2009; available since 29 March 2010): BGN 40 (€20) for adults. Passports are valid for 5 years.^[128]
• Croatia (available since 1 July 2009): HRK 390 (€53). The chip contains two fingerprints and a digital photo of the holder. Since 18 January 2010 only biometric passports can be obtained at issuing offices inside Croatia. Diplomatic missions and consular offices must implement new issuing system until 28 June 2010.
• Cyprus (available since 13 December 2010): €70, valid for 10 years
• Czech Republic (available since 1 September 2006): CZK 600 for adults (valid 10 years), CZK 100 for children (valid 5 years). Passports contain fingerprints.
• Denmark (available since 1 August 2006): DKK 890 for adults (valid for 10 years), DKK 150 for children 0–11 (valid for 2 years [age 0–2] or 5 years), DKK 178 for children 12–17 (valid for 5 years), and DKK 378 retirement age (from July 2021 67 years) (valid for 10 years). A new and standardised photo must be supplied too. As of January 2012 all newly issued passports contain fingerprints.^[129][130]
• Estonia (available since 22 May 2007): EEK 450 (€28.76) (valid for 5 years). As of 29 June 2009, all newly issued passports contain fingerprints.^[131]
• Finland (available since 21 August 2006): €53 (valid for up to 5 years). As of 29 June 2009, all newly issued passports contain fingerprints.^[132]
• France (available since April 2006): €86 or €89 (depending whether applicant provides photographs), valid for 10 years. As of 8 June 2022^[update], all newly issued passports contain fingerprints with the exception of emergency passports that hold a validity of 1 year.^{[133][134][135]}
• Germany (available since November 2005): ≤23 year old applicants (valid for 6 years) €37.50 and >24 years (valid 10 years) €70.^[136] Passports issued from 1 November 2007 onwards include fingerprints.^[137][138]
• Greece (available since 26 August 2006): €84.40 (valid for 3 years for children up to 14, valid for 10 years for adults).^[139] Since June 2009, passports contain fingerprints.^[140]
• Hungary (available since 29 August 2006): HUF 7,500 (€26), valid for 5 years, HUF 14,000 (€48.50) valid for 10 years. As of 29 June 2009, all newly issued passports contain fingerprints.^{[141][142][143]}
• Ireland: Biometric passport booklets have been available since 16 October 2006, and Biometric passport cards since October 2015. 34-page passport booklets are priced at €75, 66-page booklets at €105,^[144] both valid for 10 years. For children aged between 3 and 18 years the price is €26.50 and the passport booklets are valid for 5 years. Infants' passport booklets for those under 3 years cost €16 and expire 3 years after issue. Irish biometric passport cards are only available to adults of 18 years and over who already have an Irish passport booklet and cost €35. They expire on the same date as the holder's Irish passport booklet or 5 years after issue, whichever is the shorter period. (Ireland is not a signatory to the Schengen Acquis and has no obligation or plans to implement fingerprint biometrics.)
• Italy (available since 26 October 2006): €116,^[145] valid for 10 years. As of January 2010 newly issued passports contain fingerprints.^[146]
• Latvia (available since 20 November 2007): an adult passport costs €30, or €20 if received together with eID,^[147] valid for 10 or 5 years.
• Lithuania (available since 28 August 2006): €43.^[148] For children up to 16 years old, valid max 5 years. For persons over 16 years old, valid for 10 years.^[149]
• Malta (available since 8 October 2008): €70 for persons over 16 years old, valid for 10 years, €35 for children between 10 and 16 years (valid for 5 years) and €14 for children under 10 years (valid for 2 years).
• Netherlands (available since 28 August 2006): Approximately €11 on top of regular passport (€38.33) cost €49.33. Passports issued from 21 September 2009 include fingerprints. Dutch identity cards are lookalike versions of the holder's page of the passport but do not contain fingerprints.^[150]
• Poland (available since 28 August 2006): PLN 140 (€35) for adults, PLN 70 for children aged under 13, free for seniors 70+ years, valid 10 years (5 years for children aged below 13). Passports issued from 29 June 2009 include fingerprints of both index fingers.^[151]
• Portugal (available since 31 July 2006 – special passport; 28 August 2006 – ordinary passport): €65 for all citizens valid for 5 years. All passports have 32 pages.^[152]
• Romania (available since 31 December 2008): RON 258 for citizens over the age of 12, RON 234 for citizens under the age of 12,^[153] valid for 10 years for those over the age of 18, 5 years for those over the age of 12 to 18, and for 3 years for those under 12. As of 19 January 2010, new passport includes both facial images and fingerprints.^[154] Temporary passports valid for only one year can be issued for the price of RON 96 and is issued in less than 3 working days.
• Slovakia (available since 15 January 2008): an adult passport (>13 years) costs €33.19 valid for 10 years, while a chip-free child's (5–13 years) version costs €13.27 valid for 5 years and for children under 5 years €8.29, but valid only for 2 years. The latest version was issued in 2014 and contains a contactless chip in the biodata card that meets ICAO specifications.^[155]
• Slovenia (available since 28 August 2006): €42.05 for adults, valid for 10 years. €35.25 for children from 3 to 18 years of age, valid for 5 years. €31.17 for children up to 3 years of age, valid for 3 years. All passports have 32 pages, a 48-page version is available at a €2.50 surcharge. As of 29 June 2009, all newly issued passports contain fingerprints.^[156]
• Spain (available since 28 August 2006) at a price of €26 (price at 2018), free passports are issued for citizens that hold a "Familia Numerosa" document. They include fingerprints of both index fingers as of October 2009. (Aged <30 a Spanish passport is valid for 5 years, otherwise they remain valid for 10 years).
• Sweden (available since October 2005): SEK 400 (valid for 5 years). As of 1 January 2012, new passport includes both facial images and fingerprints.^[157]

In the EFTA, passport prices will be:

• Iceland Issued since 23 May 2006 and costing ISK 5,100 (ISK 1,900 for under 18 and over 67).
• Liechtenstein biometric passports issued since 26 October 2006.^[158] The technical specifications are binding for Liechtenstein^[117][118] as it became part of the Schengen area in 2011.^[159] The cost of the passport ranges from CHF 50 (children under 12) to CHF 250 for adults.
• Norway Issued since 2005, costs NOK 450 for adults, or c. €50, NOK 270 for children. Increased to NOK 570/342 in 2020.^[160] In 2007 the Norwegian government launched a ‘multi-modal’ biometric enrolment system supplied by Motorola. Motorola's new system enabled multiple public agencies to digitally capture and store fingerprints, 2D facial images and signatures for passports and visas.^[161] The Norwegian biometrics company IDEX ASA has begun development of electronic ID cards (eID) with fingerprint security technology for use throughout the EU.^[162]
• Switzerland Issued since 4 September 2006, costs CHF 140 for adults and CHF 60 for children under 18 years.^[163] Since 1 March 2010, all issued passports are biometric, containing a photograph and two fingerprints recorded electronically.^[164]

• Albania: Issued since May 2009, costs 7500 Lekë (€75). Valid for 10 years. Contains fingerprints, the bearer's photo and all the data written on the passport.
• Belarus: Issued since 1 September 2021, Valid for 10 years. Contains fingerprints and facial photo, the bearer's photo and all the data written on the passport.
• Bosnia and Herzegovina: Issued since 15 October 2009 and costing 50 KM (€25.65). Valid 10 years for adults and 5 years for younger than 18. On 1 June 2010 Bosnia and Herzegovina issued its first EAC passport.
• Kosovo: Issued since 31 October 2011.
• Moldova: Issued since 1 January 2008, costing approximately 760 MDL (€45)^[165] and is obligatory from 1 January 2011. The passport of the Republic of Moldova with biometric data contains a chip which holds digital information, including the holder's signature, as well as the traditional information. It is valid for 7 years (for persons over 7) and 4 years (for persons less than 7) respectively.
  It was introduced as a request of European Union to safeguard the borders between the E.U. and Republic of Moldova.
• Montenegro: Issued since 2008, costing €33.
• North Macedonia: Issued since 2 April 2007, costs MKD 1,500 or c. €22.
• Russia: Issued since 2006. Since 3 August 2018, they cost 6,000 rubles (approximately US$75) and use printed data, photo and fingerprints and are BAC-encrypted.^[166] Biometric passports issued after 1 March 2010 are valid for 10 years. Russian biometric passports are currently issued within Russia and in all of its consulates. From 1 January 2015, the passports contain fingerprints.
• Serbia: Issued since 7 July 2008, costs RSD 3,600 or approximately €32.^[167] Valid for 10 years, 5 years for children aged 3 to 14, and for 3 years for children aged 3 or less.
• Turkey: Turkish passports which are compatible with European Union standards have been available since 1 June 2010.^[168] Colours of the new biometric passports have also been changed. Accordingly, regular passports; claret red, special passports; bottle green and diplomatic passports wrap black colours.^[169]
  Turkish Minister of the State announced that the government is printing the new passports at government minting office since the private contractor failed to deliver in March 2016.^[170]
  As of January 2025, cost of issuing a 10-year passport in Turkey is ₺12,409.00 (approximately €340).^[171]
• Ukraine: It was first planned to issue biometric passports and identity cards on 1 January 2013.^[172] They started being issued since January 2015.^{[citation needed]}
  Starting August 2021, Ukrainian citizens can use digital passports and identity cards in the Diia app for all legal purposes within Ukraine.^[173]
  In Ukraine, the term "digital passport" is used to denote only the fully digital version of the biometric passport accessible via the Diia mobile app.^[173]
• United Kingdom: United Kingdom introduced it in March 2006, initially costing £72.50 for adults (valid for 10 years) and £46^[174] for children under the age of 16 (valid for 5 years).^[175]
• Sovereign Military Order of Malta: Issued since 2005 the SMOM diplomatic and service passports include biometric features and are compliant with ICAO standards.

• Barbados: Issued since September 2018.^[176][177]
• Belize: Issued since 24 October 2022.^[178]
• Canada: Issued since 1 July 2013. It contains the bearer's name, gender, and date and place of birth and a digital portrait of their face.^[179]
• Costa Rica: Issued since 7 March 2022.^[180]
• Dominica: Issued since 26 July 2021.^[181]
• Honduras: Issued since 22 March 2022. Available to all citizens, biometric passports replaced regular passports. Regular passports are valid until expiry date. The price has remained the same at US$35 for a 5-year period and US$50 for a 10-year period. The passport is ICAO-Compliant with the biometric symbol () printed on the biographical data page as well as at the bottom on the front cover.^[182]
• Mexico: Issued since 5 October 2021.
• Panama: Issued since 2014, costs $100.
• Saint Vincent and the Grenadines: Issued since 4 March 2014.^[183]
• United States: The biometric version of the U.S. passport (sometimes referred to as an electronic passport) has descriptive data and a digitized passport photo on its contactless chips, and does not have fingerprint information placed onto the contactless chip. However, the chip is large enough (64 kilobytes) for inclusion of biometric identifiers. The U.S. Department of State first issued these passports in 2006,^[184] and since August 2007 issues biometric passports only. Non-biometric passports are valid until their expiration dates.^[185]
  Although a system able to perform a facial-recognition match between the bearer and his or her image stored on the contactless chip is desired,^[186] it is unclear when such a system will be deployed by the U.S. Department of Homeland Security at its ports of entry.^[187][188]
  A high level of security became a priority for the United States after the attacks of 11 September 2001. High security required cracking down on counterfeit passports. In October 2004, the production stages of this high-tech passport commenced as the U.S. Government Printing Office (GPO) issued awards to the top bidders of the program. The awards totaled to roughly $1,000,000 for startup, development, and testing. The driving force of the initiative is the U.S. Enhanced Border Security and Visa Entry Reform Act of 2002 (also known as the "Border Security Act"), which states that such smartcard identity cards will be able to replace visas. As for foreigners travelling to the U.S., if they wish to enter U.S. visa-free under the Visa Waiver Program (VWP), they are now required to possess machine-readable passports that comply with international standards. Additionally, for travellers holding a valid passport issued on or after 26 October 2006, such a passport must be a biometric passport if used to enter the U.S. visa-free under the VWP.^[189]
  In November 2018, Hartsfield-Jackson Atlanta International Airport and Delta Air Lines opened the nation's first curb-to-gate biometric terminal, which promised to improve aviation security while moving travelers faster through screening.^[190]

• Australia: Issued since October 2005, where as of 1 January 2025 non-urgent passports costs AU$412 for adults and AU$208 for minors aged under 16 years and adults aged 75 years and over.^[191] The Passport contains the same personal information that is on the colour photo PVC page, which includes a large and small digitized photograph. Australia does not use fingerprinting of incoming passengers (fingerprinting is required for visa's for travelers from many countries). Valid for 10 years for adults and 5 years for minors under 16 years and optional for adults 75 years and over.
• Fiji: Issued since 19 September 2019.^[192]
• New Zealand: Issued since November 2005, like Australia and the US, New Zealand is also using the facial biometric identifier. There are two identifying factors: the small symbol on the front cover (), indicating that an electronic chip has been embedded in the passport and the polycarbonate leaf in the front (version 2009) of the book, inside which the chip is located. Like Australia, New Zealand has installed SmartGates into airports to allow New Zealand ePassport and ePassport holders of 4 other countries (Australia, Canada, UK, and US) to clear immigration controls more rapidly, (recently more countries have been added on to the list, but still not all ePassports) and facial recognition technology has been installed at immigration gates. The cost for a non-urgent passport is NZ$247 (when applying online or in person in New Zealand) for adults, and NZ$144 for children.^[193] Passport were valid for five years if issued before December 2015. However, in 2015 the New Zealand government approved for the reinstatement of a 10-year validity period for passports, with all adult passports issued after December 2015 being valid for 10 years.

• Argentina: Issued since June 2012, costs 35,000 pesos (USD 34). Valid for 10 years^[194]
• Bolivia: Issued since 1 February 2019 and costing BOB 550 (USD 79.13). Valid 6 years. The Bolivian ePassport has the same functions as the other biometric passports as regulations from OASI.
• Brazil: Issued since December 2006. However, just in December 2010 it began to issue passports with microchips, first in the capital Brasília and Goiás state. Since the end of January 2011, this last is available to be issued all over Brazil. Valid for 10 years for adults and costs R$156.07 (approximately €35).^[195] In December 2014, the Federal Police Department extended the validity of the document, from five to ten years.^[196]
• Chile: Issued since 2 September 2013. Valid for 5 years and since 1 February 2020 10 years.^[197]
• Colombia: Issued since 1 September 2015, costing COP 169,000 (approx. USD 48).^[198]
• Ecuador: Issued since 14 September 2020.
• Paraguay: The Paraguayan Ministry of Foreign Affairs began issuing biometric passports in April 2010, initially only to Paraguayan citizens who applied through consulates and embassies abroad.^[199] As of July 10, 2023, the Paraguayan government has standardized the biometric passport for all citizens within the national territory.^[200]
• Peru: On 21 February 2016, the Superintendencia Nacional de Migraciones announced that the first Peruvian biometric passports would be delivered by 26 February 2016.^[201][202] It features a new cover, along with several security improvements, in order to be exempted for visas for the Schengen Area.^[203] It will cost PEN 98.50, approximately USD 28, making it the cheapest passport in Latin America.^[204]
• Uruguay: The Uruguayan Ministry of the Interior started to issue biometric passports to Uruguayan citizens on 16 October 2015. The new passport complies with the standards set forth by the Visa Waiver Program of the United States.^[205] However for naturalised citizens, the passport is not ICAO 9303 compliant as the country of birth is used in the "nationality" field and associated MRZ leading to errors being returned on usage (as noted in section 7.1 of ICAO 9303 part 3).
• Venezuela: Issued after July 2007, Venezuela was the first Latin American country issuing passports including RFID chips along other major security improvements. The chip has photo and fingerprints data.^[206]

The ICAO standard sets a 35x45 mm image with adequate resolution with the following requirements:

• The facial image shall depict a true likeness of the rightful holder of the passport and shall not be digitally altered or enhanced to change the subject's appearance in any way
• A close up of the head and shoulders with the subject facing square on and looking directly at the camera with both eyes visible and with a neutral expression with the mouth closed
• Both edges of the face must be clearly visible. The subject shall not be looking, portrait-style, over one shoulder
• The eyes must be open, and there must be no hair obscuring them
• Glasses: the photograph must show the eyes clearly with no lights reflected in the glasses. The glasses shall not have tinted lenses. Avoid heavy frames if possible and ensure that the frames do not cover any part of the eyes. Glasses should appear only if permanently worn.
• Head coverings shall not be accepted except in circumstances that the issuing State specifically approves. The face must be visible from the hairline to the chin and forward of the ears.
• A uniform light-coloured background shall be used to provide a contrast to the face and hair. For colour portraits, light blue, beige, light brown, pale grey or white are recommended for the background

Though some countries like USA use a 2x2 inch photo format (51x51 mm), they usually crop it to be closer to 35:45 in ratio when issuing a passport.

• International Certificate of Vaccination or Prophylaxis
• International Civil Aviation Organization Public Key Directory
• Polycarbonate e-passport
• National biometric ID card