A public key infrastructure (PKI) is an hierarchical system made up of hardware, software and strict policies enabling the management, distribution, use, storage, and revocation of digital certificates and public-key encryption. Using PKI technology, governments and organizations can securely manage their keys and certificates - establishing and maintaining a trustworthy working and networking environment. A PKI enables the use of encryption and digital signature services across a wide variety of applications such as for digitially signing ePassports or eIDs.

Opteryx specializes in ICAO PKI:

The ICAO's (International Civil Aviation Organization) document 9303 (ISO/IEC 7501) strictly specifies the technical framework for eMRTDs (ePassport or Machine Readable Travel Document). 

In accordance with those strict requirements, Opteryx offers a complete turn-key ICAO PKI solution covering ePassports, eIDs, eDriving License, or any machine readable travel document.


ICAO PKI Solution package:

  • CSCA - Country Signing Certification Authority: manages the digital certificates of the national Document Signers 
  • DS - Document Signer: signs the digitized data stored on the ePassport's chip.
  • N-PKD National Public Key Directory: manages the ICAO Public Key Directory.
  • CVCA Country Verifying Certification Authority: issues the CV digital certificates to the Document Verifiers (DV).
  • CVRA–SPOC Country Verifying Registration Authority–Single Point of Contact: Web services interface for the automatic operations (DV certification) and the notifications (suspension of CVCA service, compromised DV keys, etc.).
  • DV Document Verifier: acts as a subordinate CA issuing the CV digital certificates to the national Inspection Systems (IS).