EUR-Lex Access to European Union law

Back to EUR-Lex homepage

This document is an excerpt from the EUR-Lex website

Integration of biometric features in passports and travel documents



Regulation (EC) No 2252/2004 on standards for security features and biometrics in passports and travel documents issued by EU countries


  • It seeks to harmonise the security features, including biometric identifiers*, for EU country passports and travel documents to protect against their falsification.
  • It was amended by Regulation (EC) No 444/2009 in 2009 mainly to define exceptions for children under 6 and for people who are physically unable to give fingerprints for travel documents.


The biometric features in passports and travel documents will be used only for verifying the authenticity of the document and the identity of the holder, who will have the right to verify the personal data contained in the passport or travel document and, where appropriate, to ask for rectification or erasure. The collection and storage of biometric data will be exclusively for the purpose of issuing passports and travel documents.

Passports and travel documents must include a high-security storage medium(chip) for memorising digital data and have sufficient capacity to guarantee the integrity, authenticity and confidentiality of that data. The storage medium contains a facial image and two fingerprints taken flat(rather than rolling individual fingers, nail to nail). These data, which must be in interoperable formats, must be secured.

EU countries designate the authorities and bodies authorised to have access to the data contained in the storage medium of documents under their national legislation, subject to any relevant provisions of EU law or international agreements. To ensure that the classified information on security features and production details are not made available to more parties than necessary, each EU country designates one body to be responsible for producing passports and travel documents. EU countries remain free to change that body, if required. For security reasons, each EU country communicates the name of the competent body to the European Commission and the other EU countries.

The minimum security standards with which passports and travel documents issued by EU countries must comply are set out in the annex to the regulation. These are specifications that are not secret. These specifications are supplemented by specifications which may remain secret in order to prevent the risk of counterfeiting and falsifications. These additional specifications are adopted by means of implementing acts by the Commission, are in accordance with international standards, and relate to:

  • further security features;
  • the storage medium and its security;
  • common quality requirements for the facial image and the fingerprints.

In 2018, the Commission adopted an implementing decision laying down the technical specifications regarding the standards for security features and biometrics in passports and travel documents which repealed and replaced similar earlier decisions.

Under amending Regulation (EC) No 444/2009, children under 12 (provisional age limit) and persons for whom it is physically impossible, are exempted from fingerprinting. Only qualified and duly authorised staff of national authorities who are responsible for issuing passports and travel documents may take biometric identifiers. Passports and travel documents must be issued as individual documents in accordance with international requirements.

Under the provisions of the Schengen body of law (acquis), Denmark, the United Kingdom and Ireland did not take part in this regulation and so were not bound by it. Denmark, however, decided to implement it in its national law. Iceland, Norway, Switzerland and Liechtenstein, although not part of the EU, will be involved in implementing the regulation.

The regulation does not apply to identity cards issued by EU countries to their nationals or to temporary passports and travel documents valid for 12 months or less.


EU countries had to apply this regulation:

  • as regards the facial image by 28 August 2006;
  • as regards fingerprints by 28 June 2009.


For more information, see:


Biometric identifiers: personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of an individual, which allows or confirms the unique identification of that person, such as facial images or fingerprint data.


Council Regulation (EC) No 2252/2004 of 13 December 2004 on standards for security features and biometrics in passports and travel documents issued by Member States (OJ L 385, 29.12.2004, pp. 1-6)

Successive amendments to Regulation (EC) No 2252/2004 have been incorporated into the original text. This consolidated version is of documentary value only.


Commission Implementing Decision of 30.11.2018 laying down the technical specifications regarding the standards for security features and biometrics in passports and travel documents issued by Member States and repealing Decisions C(2006) 2909 and C(2008) 8657 (C(2018) 7774 final, 30.11.2018)

last update 08.01.2020