1. What is the EINSTEIN project and what does it aim to achieve?
EINSTEIN — “Interoperable Applications Suite to Enhance European Identity and Document Security and Fraud Detection” — is a Horizon Europe project funded under the EU’s Civil Security for Society programme, running from January 2024 to December 2026. Its mission is to help law enforcement agencies and border guards combat identity fraud and travel document forgery more effectively, by researching and trialling six innovative applications that advance the state of the art in identity and document security. Protecting citizens from identity fraud is itself a fundamental public interest — EINSTEIN’s tools are designed to serve that goal while fully respecting individuals’ rights and privacy.
2. Why is combating identity and document fraud such a priority for Europe?
Identity and travel document fraud causes real harm to real people — victims can find their identity used to commit crimes, access services fraudulently, or cross borders illegally in their name. Despite technological advances, sophisticated fraudsters continue to exploit gaps in existing systems, and law enforcement agencies must keep pace. Strengthening document and identity security protects both national borders and the integrity of identity systems that citizens rely on every day.
3. What are the six applications that EINSTEIN will deliver?
EINSTEIN is developing six distinct but interoperable applications, each targeting a specific operational scenario:
- Online ID issuance — detects and prevents fraudulent biometric data being submitted during remote online applications for identity documents, protecting the integrity of the passport issuance process.
- Mobile document and identity checks — enables authorised officers to verify the relationship between the authenticity of the identity document and the holder using a standard smartphone, without specialised fixed equipment.
- Document authentication module — helps document experts authenticate passports, identity cards, and breeder documents, flagging forgery, tampering, or counterfeiting.
- Land border pre-registration — allows travellers to voluntarily submit identity information and biometrics in advance of a land border crossing, reducing waiting times and supporting smoother processing.
- EES kiosk with advanced fraud detection — an enhanced self-service kiosk supporting the EU Entry/Exit System, with AI-driven fraud detection built in.
- Fast-track biometric corridor — allows pre-enrolled travellers to have their identity verified on the move, without stopping, using face and iris recognition.
4. What is the document authentication module and what types of fraud can it detect?
The document authentication module is a tool for trained document experts in immigration services and border authorities, not an automated replacement for human judgement. It helps verify the authenticity of passports, identity cards, and breeder documents by checking a wider range of embedded security features — physical, printed, electronic, and special characters — than is typically possible in a standard check. It can flag several forms of fraud: counterfeit documents made to mimic genuine ones, forged documents where details such as names or photos have been altered, and documents that may have been tampered with in less obvious ways. The aim is to assist experts, not to make autonomous decisions about individuals.
5. How does the mobile document check application work, and who can use it?
The mobile application allows authorised law enforcement and border officers to scan and assess identity documents using a commercially available smartphone. It is intended for use by trained, authorised personnel only — not as a general-purpose tool. It brings reliable document verification to situations where fixed inspection equipment is unavailable, such as at land borders or during field operations, and provides officers with a rapid assessment to support — not replace — their own judgement.
6. What is the online ID issuance application and what fraud risks does it address?
When citizens apply for identity or travel documents online, there is a risk that fraudsters could submit manipulated or stolen biometric images during the application. EINSTEIN’s online issuance application performs real-time checks on the biometric data submitted, identifying suspicious material before a fraudulent document can be issued. This supports the security of the document issuance process.
7. What is the EES kiosk and how does fraud detection improve it?
The EU Entry/Exit System (EES) records the entries and exits of third-country nationals at Schengen Area external borders. EINSTEIN’s enhanced EES kiosk adds AI-driven fraud detection to the standard data collection process, including real-time presentation attack detection — identifying attempts to spoof the biometric sensor using a photograph, mask, or prosthetic, rather than a genuine live biometric.
8. What is the land border pre-registration application, and is it mandatory?
Pre-registration is entirely voluntary. It allows travellers who choose to participate to submit their identity information and biometrics in advance of arriving at a land border, rather than at the border itself. This reduces queuing and speeds up the crossing experience. Border guards benefit from richer, pre-verified data before the traveller arrives. EINSTEIN’s pre-registration application also supports Digital Travel Credentials (DTC), a new standard that allows a verified digital version of a travel document to be stored securely on a personal device.
9. What is the fast-track biometric corridor and how does it work?
The fast-track corridor allows travellers who have voluntarily pre-enrolled in the system to have their identity verified on the move — without stopping at a booth or joining a queue. As the traveller walks through a designated corridor, cameras capture their face and iris and compare this against their enrolled biometric profile, confirming their identity in real time. Participation is entirely voluntary and travellers are fully informed about how their data will be used before they choose to enrol. The corridor is being researched and trialled as a way to make border crossing more efficient for both travellers and border officers, while maintaining a high level of security.
10. What are Digital Travel Credentials (DTC) and why does EINSTEIN incorporate them?
Digital Travel Credentials allow travellers to store a verified digital version of their passport or identity document on their smartphone and present it at a border without the physical document. EINSTEIN integrates DTC support into its pre-registration application, ensuring its tools are compatible with this emerging international standard.
11. What is morphing attack detection and why does it matter?
Face morphing is a fraud technique where the photo in an identity document is digitally manipulated by blending two people’s faces into one composite image. A morphed document can pass automated face recognition checks while enabling an imposter to travel under someone else’s identity. Crucially, the document itself may be entirely genuine — only the photo has been attacked. EINSTEIN develops improved methods to detect morphed images in travel documents.
12. What is presentation attack detection?
Presentation Attack Detection (PAD) is the ability of a biometric system to tell the difference between a genuine live biometric — a real face, a real iris — and an attempt to spoof it using a photograph, video screen, 3D mask, or prosthetic. EINSTEIN embeds PAD capabilities into its EES kiosk using AI and camera-based sensors, allowing the system to detect spoofing attempts in real time. This protects the integrity of the biometric process for all legitimate users.
13. How does EINSTEIN tackle deepfakes and AI-generated fraud?
AI tools are making it easier to generate convincing fake images and documents, posing a growing threat to identity verification. EINSTEIN directly addresses this through research into detecting digitally manipulated or AI-generated content in identity documents and biometric systems — ensuring that the tools it develops remain effective even as the fraud landscape evolves.
14. How does EINSTEIN protect individuals’ privacy?
Privacy is built into every EINSTEIN application from the start, following the principle of Privacy by Design. All six applications are designed to comply with the GDPR and with the varying national data protection laws across EU Member States. The project’s Data Management Plan and its Ethical, Legal and Societal Issues (ELSI) Impact Assessment — both publicly available — set out exactly how personal and biometric data is handled. No data is processed beyond what is strictly necessary for the specific function of each application.
15. Will biometric data be stored, and for how long?
EINSTEIN is a research and innovation project — its applications are being tested and trialled, not deployed operationally. Any biometric or personal data collected during pilots is used solely for the purposes of that trial and is handled in strict accordance with GDPR and applicable national law. Data collected during testing is not retained beyond what is necessary for the research, and participants in any field test or trial can withdraw their consent and have their data deleted at any time. All data is stored in encrypted form for the duration of the trial only. Data minimisation — collecting and keeping only what is strictly necessary — is a guiding principle across all six applications.
16. Does EINSTEIN enable mass surveillance?
No — and this is an important distinction. EINSTEIN’s applications operate only in specific, controlled settings: border crossing points, document issuance processes, and document inspection scenarios. They function only in relation to individuals who are actively presenting themselves for a check or who have voluntarily enrolled. None of the tools are designed or capable of monitoring members of the public in open spaces. Surveillance of public areas is entirely outside the project’s scope, and privacy-by-design principles are in place to ensure it stays that way.
17. How does EINSTEIN validate its research through real-world trials?
A key feature of EINSTEIN is its commitment to testing its applications in realistic operational conditions, not just in the laboratory. The project targets a Technology Readiness Level (TRL) of around 6 for each application — meaning the technologies are demonstrated and validated in environments that closely reflect real-world conditions. Six trial use cases are conducted with law enforcement and border control practitioners across multiple EU countries, ensuring that the tools are tested against genuine operational needs and that findings are grounded in real-world experience. The goal is to advance these technologies significantly towards the point where future deployment could be considered, rather than to deliver finished operational systems.
18. What ethical oversight is in place?
Trilateral Research — a specialist organisation with deep expertise in the ethical and societal dimensions of security technologies — is embedded in the consortium as the project’s dedicated ethics partner. Their responsibilities include a comprehensive ELSI Impact Assessment, continuous engagement with end users and civil society, and ongoing dialogue with technology partners on bias, fundamental rights, and compliance with the GDPR and the EU AI Act. Ethical scrutiny is not a one-off exercise but a continuous thread running through the entire project.