eMRTD Reading SDK for Android

Read and verify the chip of an eMRTD (electronic machine readable travel document).

This is a fully functional sample app. Just load it with Android Studio, compile and install it on a device and follow the on-screen instructions.

Important: In order to read an eMRTD chip, you need to give either a PIN or a document number, the date of birth and the date of expiry. These values are required for authentication.

Setup

Before calling CardReader.read(), it's required to call CardReader.init():

CardReader.init(context, null);

This has to happen only once.

Reading the Chip

After acquiring an IsoDep object from Android, call CardReader.read() to start reading the chip:

CardData cardData = CardReader.read(
		isoDep,
		null, // PIN, can be null if not available
		documentNumber,
		dateOfBirth,
		dateOfExpiry,
		true, // if you want to verify the chip
		null // CardReaderListener to listen for events while reading
);

If successful, a parcelable CardData object is returned that contains the following public final data members:

org.jmrtd.lds.icao.MRZInfo mrzInfo;
org.jmrtd.lds.icao.DG11 personalDetails;
org.jmrtd.lds.icao.DG12 documentDetails;
android.graphics.Bitmap photo;

If the chip should be verified (see above), these members are set accordingly:

CardData.CheckResult chipAuthentication;
CardData.CheckResult activeAuthentication;
boolean isConsistent;
boolean hashsValid;
boolean signatureValid;
byte[] docSigningCertificate;

Validate the Document Signing Certificate

To validate the Document Signer Certificate from above, you need to send a POST request to

https://kinegramdocval.lkis.de/v3/validate

with the Content-Type set to multipart/form-data and the following fields:

client_id      text/plain                Client ID
dsc            application/octet-stream  Document Signer Certificate
idb            application/json          IDB data from the SDK

All fields are mandatory. client_id is a literal provided by your OVDK contact. dsc is the CardData.docSigningCertificate. idb data must be generated with IDBMessageBuilder and the application ID of your app:

String idb = IDBMessageBuilder.build(BuildConfig.APPLICATION_ID);

The request will return a JSON formatted data block containing a Validation ID and the result of the validation, either "valid" or "invalid":

{
	"validation_id": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
	"result": "[valid|invalid]"
}

Please have a look at the sample app for details.

Open Source Licenses