eu-LISA's Digital Newsletter
The eu-LISA Bits & Bytes provides an overview of the Agency's recent progress and the state-of-play on the development and management of the large-scale IT systems that govern the Schengen Area's internal security.
In this issue:
… and more.
Large-Scale IT Systems' Evolution and Outlook
The Agency's main priorities in 2020 were to continuously design and develop the new systems (EES, ETIAS, ECRIS-TCN), adapt the existing systems to the requirements stemming from the applicable regulations and ensuring a high level of performance and availability of these existing large-scale IT systems (Eurodac, SIS, VIS).
For a refresher on what the large-scale IT systems are and do, see our dedicated portal: Discover eu-LISA
Systems' availability untouched
eu-LISA managed to ensure high level performance and availability of SIS, VIS, Eurodac and their sub-systems during the pandemic. Further than that, measures were taken to mitigate risks related to the implementation of the new systems (EES, ETIAS, ECRIS-TCN) and interoperability components.
The development of EES, ETIAS, ECRIS-TCN and the interoperability architecture is on track. In parallel, the Agency is upgrading SIS, adapting VIS to meet the EES Regulation requirements and waiting for the recast of VIS and Eurodac regulations to be adopted (the new Eurodac recast regulation is issued in the Migration and Asylum Pact).
In 2020, the Automated Fingerprint Identification System functionality (AFIS) was introduced to SIS, enabling law enforcement and border authorities to improve identity checks and ensure better coordination.

In September 2020, the European Commission presented a new proposal for the Eurodac recast as one of the cornerstones of the EU Pact on Migration and Asylum. The upgraded system will be operated and developed by eu‑LISA. In line with the proposal, Eurodac is to be fully reshaped into a European database to support the EU's policies on asylum, resettlement and irregular migration.
The new Eurodac system is a platform for information exchange between Member States, containing comprehensive data concerning asylum seekers and irregular migration. Eurodac is essential for the successful implementation of the Pact as a whole and for the ability of Member States to improve efficiency of migration and asylum management policies in EU.
Once implemented, it will bring a number of tangible benefits for the migration and asylum authorities in the Member States, in particular:
- Focus on applicants rather than applications to determine responsibility for asylum claims;
- Include new categories of persons for whom data (biometric and alphanumeric data) will be stored;
- Allow its use to improve the identification of irregular migrants and to deter unauthorized movements to other Member States (secondary movements);
- Contribute to preventing asylum shopping;
- Improve registration, playing a determining role in countering trafficking of human beings, with a decisive contribution to the protection of minors and other categories of vulnerable persons;
- Facilitate relocation and better monitoring of returnees;
- Track support for voluntary departure and reintegration;
- Enable to draw up new statistics to support decision-making and improve analytical capabilities of relevant national authorities and EU Agencies
The new Eurodac will also be an important building block in the new interoperability architecture for internal security and border management. It will have a strong, positive effect on situational awareness and decision-making in Member States, providing relevant depersonalized information to the Common Repository for Reporting and Statistics (CRRS) for analytical purposes.

eu-LISA is operating the Schengen Information System (SIS), which has fundamental role in the EU’s internal security. Ongoing work with the system upgrade (the SIS recast) will provide better tools for border and law enforcement authorities in the fight against crime and terrorism. The strengthened SIS will contain new categories of alerts (persons and objects) and more biometric data. It will include preventive measures on vulnerable persons, as well as return decisions and entry bans, and enable more effective information sharing for counter-terrorism purposes.
The upgrade brings following improvements:
- Information sharing: New categories of alerts, ensuring more reliable information is available to Member States;
- Biometrics: SIS will contain palm prints, fingerprints, facial images and DNA samples;
- Counter-terrorism: More information will be shared on persons and objects involved in terrorism-related activities;
- Vulnerable persons: Preventive alerts to protect missing persons, children at risk of abduction, potential victims of trafficking or gender-based violence;
- Irregular migration: Return decisions and entry bans will be shared to enhance their effective enforcement;
- Enhanced access for EU Agencies: Europol will have access to all alert categories, while Frontex operational teams will be able to access SIS to carry out their tasks at hotspots;
- SIS Automated Fingerprint Identification System (AFIS) to perform cross-European fingerprint-based searches.
AFIS became mandatory for all Member States at the end of 2020. The solution, developed by eu‑LISA, is a major milestone in the fight against crime, as it enables law enforcement and border authorities to improve identity checks and ensure better coordination. A number of Member States are already actively using the SIS AFIS functionality and checking person alerts on the basis of the fingerprints stored in SIS.

eu-LISA is in charge of the operational management and development of the Visa Information System (VIS). It is a system for the exchange of visa data among Schengen Member States. As such, it connects consulates in non-EU countries and all external border crossing points of Schengen States. Currently, VIS processes data and decisions relating to applications for short-stay visas to visit or to transit through the Schengen Area. The system can perform biometric matching, primarily of fingerprints, for identification and verification purposes. VIS will be adapted to meet the provisions of the EES Regulation and its new version will enter operations together with EES, in line with the targets set at political level.
In December 2020, political consensus was reached between the European Parliament and the Council on the upgrades of the system. The VIS recast will enable eu‑LISA to implement following functionality improvements:
- Enhanced security checks across all databases: with interoperability in place and with the provision envisaged in the forthcoming VIS Recast Regulation, all visa applications recorded in the system will be automatically checked against all other EU information systems. This obligatory cross-check will detect applicants using multiple identities and identify anyone posing a security or non-compliance risk;
- Better data and information exchange: Currently, no information is held at EU level on long stay visas and residence permits. The upgraded VIS database will extend its scope to include such information. This will allow competent authorities to quickly determine whether a long-stay visa or a residence permit used to cross the Schengen Area’s external borders is valid and in the hands of its legitimate holder, thus closing an important security gap;
- More efficient return procedures: Copies of the applicant's travel document will also be included in the VIS database. This measure, coupled with the authorisation for Frontex teams to access VIS, will facilitate the identification and readmission of people subject to a return procedure who do not have travel documents, thereby increasing the efficiency of the EU's return policy;
- Strengthened capacity to prosecute and prevent crime: Law enforcement authorities and Europol will have a more structured access to VIS for the prevention, detection or investigation of terrorist offences or other serious crimes, under strict conditions and in full respect of the EU's data protection rules. Access to VIS will be also opened to law enforcement authorities for the purpose of searching for or identifying missing or abducted persons and victims of trafficking;
- Schengen Consultation and Ex-post notification procedures: Currently, these procedures are supported via VIS Mail, a mechanism allowing Member States to consult and notify each other on issuing Schengen visas, or limited territorial validity visas. With the Recast, the functionalities currently supported by VIS Mail will be integrated into the revised VIS, to allow automation and efficient services towards the third country nationals that are subject to visa requirements.

Implementation of the Entry-Exit System (EES) is one of the top priorities of eu‑LISA. It will be an automated IT system for registering travellers from third-countries - both short-stay visa holders and visa exempt travellers - each time they cross an EU external border. The system will register the person's biographic and biometric data (live fingerprints and facial images) and the date and place of entry and exit, in full respect of fundamental rights and data protection rules
In 2020, major efforts were undertaken by eu‑LISA to ensure the implementation of EES at the fastest possible pace and to mitigate the impact of the COVID-19 pandemic to planned activities at central and national levels. On 14 December 2020, the JHA Council decided to shift the go-live of the EES by 2 months (May 2022) in order to absorb the COVID-19 related impacts and to allow more preparation time for the Member States.
eu-LISA continues the implementation of the signed Framework Contract for the EES Central System, currently in the development and central testing phases. The testing of national systems with the EES Central System will be launched in 2021. Installation of National Uniform Interfaces (NUI) is ongoing and most Member States are well on track.
The tender for the shared Biometric Matching System (sBMS), was concluded in April 2020. The requirements are being finalised and the system entered the development and testing phase in October 2020.
As another structural part of the EES, the Web Services project has been contractually launched in September 2020, by signing two specific contracts, aimed at the creation of services for Carriers (air, land and sea) and for Third-Country Nationals.
The detailed EES implementation plan has been continuously monitored and refined in close collaboration with Member States, in the context of the EES-ETIAS Advisory Group (EES-ETIAS AG) and other eu‑LISA governing bodies (Management Board, Programme Management Board). The performance of the EES contractor is continuously monitored and contractual possible risk management approaches are being applied with respect to delivery times and the quality of deliverables.

The active development of the European Travel Information and Authorisation System (ETIAS) will start in 2021. It will be a largely automated IT system created to provide a travel authorisation for third-country nationals exempt from visa requirements, enabling consideration of whether their presence on the territory of the Member States does not pose or will not pose a security, illegal immigration or a high epidemic risk. A travel authorisation constitutes a decision indicating that there are no factual indications or reasonable grounds to consider that the presence of a person on the territory of Member States poses such risks. Thus, a travel authorisation will not require more information or place a heavier burden on applicants than a visa does. Holding a valid travel authorisation will be a new entry condition for the territory of Member States.
The development of ETIAS remains untouched by the COVID-19 pandemic. The eu‑LISA Management Board adopted the Tender Specifications in September 2020 and the contract will be in place in the coming months. The go-live of ETIAS is planned in the end of 2022.

ECRIS-TCN will allow the central authority of a Member State to promptly and efficiently find out whether and which other Member States store criminal records information on a third-country national or stateless person, so that the existing ECRIS communication channels can be used to request criminal records information from the relevant Member States. Once it becomes operational, the system will facilitate the access of judges, prosecutors and other relevant judicial authorities to comprehensive information on an individual’s criminal history, no matter in which Member State that person was convicted in the past.
Efficient exchange of criminal records information is instrumental in combating cross-border crime. The system will contribute to implementing the principle of mutual recognition of sentences and judicial decisions in a common area of justice and security where people move freely - i.e. the Schengen Area. ECRIS-TCN is scheduled to be ready in conjunction with the roll-out of the components required to implement interoperability.
Despite the COVID-19 pandemic, the development of ECRIS-TCN is on track. At central level, the preparation phase is nearing completion and the procurement phase will commence in 2021. eu‑LISA successfully took over the ECRIS RI management from the European Commission in April 2020. ECRIS-TCN technical specifications (TTS) are in finalisation. The go-live of ECRIS-TCN is at the end of 2022.

eu-LISA is in charge of the development of new interoperable architecture for information management in the Justice and Home Affairs area. Interoperability between information systems will allow the systems to complement each other, help facilitate the correct identification of persons and contribute to fighting identity fraud. The regulations establish the following interoperability components:
- A European search portal, which would allow competent authorities to search multiple information systems simultaneously, using both biographical and biometric data;
- A shared biometric matching service, which would enable the searching and comparing of biometric data (fingerprints and facial images) from several systems;
- A common identity repository, which would contain biographical and biometric data of third-country nationals available in several EU information systems;
- A multiple-identity detector, which checks whether the biographical identity data contained in the search exists in other systems, to enable the detection of multiple identities linked to the same set of biometric data.
eu-LISA continues with the implementation of EES, ETIAS and the new interoperability architecture at the highest possible pace, having as an overall objective to achieve full implementation of the new interoperability architecture by the end of 2023.
The development of interoperability components has not suffered any major impact from the COVID-19 pandemic. The formal review of technical specifications was finalised.
The tender documentation preparation is ongoing and the contract is to be concluded in the first quarter of 2021. Work is ongoing with all interoperability components and relevant technical specifications (TTS): European Search Portal (ESP), Shared Biometric Matching Service (sBMS), Common Identity Repository (CIR), Multiple-Identity Detector (MID), Central Repository for Reporting and Statistics (CRRS).
The interoperability architecture should be fully operational by the end of 2023.
Digital criminal justice and eu-LISA
eu-LISA took over the maintenance of the ECRIS Reference Infrastructure, the application for ECRIS system, in April 2020 and, in parallel, is developing ECRIS-TCN. While the ECRIS is a decentralised system, ECRIS-TCN will be the first centralised IT system in the judicial domain that eu LISA has the mandate to develop and operate. As proposed by the European Commission on 2 December 2020, e-CODEX (e-Justice Communication via Online Data Exchange), an IT tool for cross-border cooperation, will be entrusted to the Agency as of 1 July 2023. eu LISA stands ready to take over the responsibility for maintaining e-CODEX. The Agency has the required technical expertise to ensure efficient management of the IT infrastructure behind e-CODEX, as well as sufficient experience in managing a variety of governance structures, enabling the full involvement of Member States and the European Commission.