Which information is stored in European Passports other than what is written in it?

Question

My question is what information other than the one on the main page of the passport is stored on the chip. E.g. does a spanish passport chip contain information about everytime I travelled abroad with my passport even if it did not require a visa? Does it contain information such as marital status and home address?

Answer 1

In additon to information printed on the passport document the chip stores

• a face image in digital form (although it is the same image that is printed on the passport, its quality isn't affected by reflections, degradation over the years, dirt... therefore you could consider it as "other" information)
• in most cases fingerprint data, and maybe other biometrical data (depending on the country)
• last, not least, a digital signature over all digital data stored on the chip, issued by the country that issued the passport.
  This makes the data much more trustworthy than relying on the optical security features of a passport document.
  Anybody (not only the issuing country) can verify this digital signature.

By the way: the specification European and any other passports comply to is not a secret and it is publicly available (in six different laguages!): ICAO Doc9303; note that only a small fraction of what is specified there, gets actually implemented (e.g. no address in German passports; although the specification describes it).
Also reading and verifying most of the digitally stored data (not the biometric data though) of a passport can be done by anyone having the right tools (NFC reader or NFC-capable mobile and the right software; no special legitimation required).
This is not the case, however, in general for ID cards (e.g. German ID card).

Now concerning the data examples you mentioned:

• "information about everytime I travelled abroad with my passport...": no, not stored
• "marital status": no, not stored
• "home address": could be stored; but then I'd expect it also to be printed on the document; e.g. German passports don't store holders home address; if you are required in your country to bring your passport when you register a new home address, then probably yes.

Answer 2

ePassports are a subset of eMRTDs (Electronic Machine Readable Travel Documents).

The data that can be stored on them is governed by ICAO 9303 (specifically part 10 and 11). Most of the data that it allows to be stored is optional, and only required data is also printed on eMRTDs' identity pages.

From what I've seen, the data that's on eMRTDs varies greatly between country and country, and can even vary between different types of passports (such as between Regular Passports and Special Passports).

Even in the EU, there's a great variety in the sets of data that's encoded in the passports, however, in some cases I've seen countries share the same set of data (Belgium and France, iirc).

The list of files (rather, "data groups") supported by ICAO 9303 can be seen below:

Out of the ~15 types of supported data groups, only 2 are required, and these are just the information that also is visible on the identity page of your passport: DG1 and DG2.

DG5 and DG7 are optional, but they represent data that's also visible on the identity page.

• DG1 (Details Encoded in MRZ) is just the data on the MRZ (Machine Readable Zone), which is also printed on the identity page of the passport.
• DG2 (Encoded Face) contains a JPEG or JPEG2000 file containing your face, which is also printed on the identity page. In some cases (like in UK passports), DG2 may also contain certain information like location of eyes.
• DG5 (Displayed Portrait) is rarely used, and matches DG2 in all cases I saw.
• DG7 (Displayed Signature or Usual Mark) is used by some countries (Belgium etc) and includes a JPEG/JPEG2000 file of the signature on passport.

As for commonly included information that's not visible on the identity page:

• DG3 (Encoded Finger(s)), DG4 (Encoded Eye(s)). This information usually requires Extended Access Control to access due to the sensitive nature of the data, which requires bilateral collaboration between country that issued the passport and any country that wants to access it, and as such is unlikely to be read from your passport by anyone but the issuing country. I've not seen any cases of DG4 (Encoded Eye(s)) being used, but many countries include DG3 (Encoded Finger(s)) if the person gave fingerprints when applying for their passport.
• DG11 (Additional Personal Detail(s)) can contain many additional details, including but not limited to Name of Holder, Place of Birth, Address, Profession, or even an image of Proof of Citizenship (though I've never seen that one in the wild). Some passports (Turkey, Belgium, France etc) include this info.
  • The Name of Holder included in this section is Unicode, with a length limit of 99 bytes, allowing for most if not all names to be represented correctly in the chip data (unlike the one in DG1, which is ASCII-latinized with a 39 character limit).
• DG12 (Additional Document Detail(s)) can contain information like Date of Issue, Issuing Authority, etc. This information is also provided on some passports (Turkey, Belgium, etc).

---

The files on eMRTDs get write-locked after the initialization process. That means that they cannot be modified after the document has been issued.

These files are all hashed, and these hashes are then signed and stored on a PKCS#11 certificate on the chip (on a file called "Security Object"), allowing detecting counterfeit eMRTDs with fake or tampered information.

All files (except for those specifying authentication parameters) require authentication to be accessed. Most authentication schemes (BAC and PACE) require document's expiry, birthday and document number to derive the keys to authenticate. This is why passport readers at border control have to read the MRZ before they can read the chip.

Some countries (like Germany and Turkey) offer additional functionality on eMRTDs, though usually these are on eIDs and not on ePassports. These are usually country-specific and are not as widely deployed.

---

To answer your example questions:

• As the files are immutable for security reasons, your passport does not and cannot store your travel history. Individual governments, however, likely keep databases with your travel history and can query these with the information present on your passport.
  • There's also various countries that have data-sharing agreements about travelers, so a country you're visiting for the first time may already know your travel history involving some other countries (e.g. US and Canada have an information sharing treaty, and EU's EES (when it finally comes out) will record travels of non-EU citizens in EU, and make it available to all EU countries).
• There's no official way to encode marital status, though it may be encoded as part of title in DG11 or as an optional detail in DG13. It could also be written on the passport's endorsements page.
• Your address at the time of document initialization may be stored on the document itself on DG11. While I don't know if Spain does this, I know that some other countries does this.

---

Various countries choose to put various different things in the Endorsement/Observations page, which is easier to view for all, but is strictly speaking not the "Main Page", so I'll add a bit on that as well. As this can be on the back sometimes, it could be easy to miss.

UK, to my knowledge, is one of the countries that actively uses this. UK puts your other citizenships (if your name doesn't match them), clarifies that you're not a lord but that you changed your names to include "Lord", states that you're actually a Lord, Doctor, Judge, etc, and probably various other things.

---

The only way to know what exactly is encoded in your passport is to read it.

There's a number of mobile applications that allow you to do so on your own, such as ReadID NFC Demo for Android or ReadID NFC Me for iOS. While these apps may not be able to list all the data that's encoded on your passport, they should give a rough idea on what may or may not be in your passport.

Answer 3

Which information is stored in European Passports other than what is written in it?

In French passports, until 2008 the chip didn't contain any other information on the passport holder, then in 2008 the law changed and fingerprints of two fingers were added. Note that the chip does include a digital version of the photo printed on the passport.

---

Source: Décret [archive] no 2005-1726 du 30 décembre 2005 relatif aux passeports électroniques. See Article 2 quoted below:

Article 2: Afin de faciliter l'authentification du détenteur des passeports mentionnés à l'article 1er, ces titres comportent un composant électronique contenant les données mentionnées au même article, à l'exception de la signature. Ce composant électronique, qui est une puce sans contact, comporte des sécurités de nature à prémunir le titulaire du titre contre les risques d'intrusion, de détournement et de modification.

Modification from Décret n°2008-426 du 30 avril 2008 - art. 3 (mirror) (thanks jcaron for pointing it), which adds fingerprints of two fingers:

Afin de faciliter l'authentification du détenteur des passeports mentionnés à l'article 1er, ces titres comportent un composant électronique contenant les données mentionnées au même article, à l'exception de la signature, ainsi que, hors le cas prévu au premier alinéa de l'article 6-1, l'image numérisée des empreintes digitales de deux doigts.

Answer 4

With high probability, it contains exactly what is written on the hard plastic card, nothing more.
How would that other information even get there? The chip is read-only, so you would need a new passport every time they want to store that you travelled.

Answer 5

In addition to the information which is also written as human-readable text and the facial image that is printed in the passport, the chip also contains biometric data such as fingerprints (one exception is for passports issued by Ireland, which do not contain fingerprints). See https://en.wikipedia.org/wiki/Biometric_passport#European_Union_/_EFTA for details.

The information regarding travels abroad is not stored on the chip (but it may exist in some government database and could be retrieved by the authorities, when needed).