Inspection System Service

The Inspection System Service is a central component of the ADSS Server that provides secure ePassport inspection capabilities for border management systems. It acts as a trusted intermediary between passport readers and backend validation infrastructure, enabling secure communication and reliable verification processes. The service accepts requests from terminal readers over secure TLS connections and validates ePassport data using trusted certificate sources. It supports both Passive Authentication (BAC), which verifies the authenticity of the document using certificate chains, and Terminal Authentication (EAC), which enables secure access to biometric data on the passport chip. The service retrieves and maintains trust data such as CSCA certificates, CRLs, and Master Lists, and uses cryptographic keys stored in secure hardware like HSMs or smart cards to perform authentication operations.

In operation, a passport reader sends a request to validate an ePassport, after which the service verifies the document signature and, if required, performs secure authentication with the chip to access biometric data. The results are then returned to the reader. The service integrates with external systems such as DVCA and PKD to ensure that trust data remains current and supports automated polling and certificate life-cycle management. This approach provides a secure, scalable, and centralized solution for ePassport inspection while simplifying integration within border control environments.