Modern passports—as well as several other ID and travel documents—are so called electronic Machine Readable Travel Documents (eMRTD). These are documents that conform to Doc 9303, a specification published by the International Civil Aviation Organization (ICAO). An important part of eMRTDs, is the inclusion of a contactless integrated circuit (IC), capable of storing data and executing cryptographic security protocols. This means that eMRTDs can be digitally inspected—using NFC. Today, this is done using custom-built terminals. As these tend to be expensive and unwieldy, the Norwegian National Police Directorate (POD) is considering the use of modern Android smartphones for this task. This immediately raises concerns of security. In particular, there is a serious concern about the security of the private keys required for extracting biometric data—such as fingerprints—from the eMRTDs. To address this concern, we have investigated several design concepts that aim to ensure the security of these private keys. Among the evaluated designs, we concluded that a serverbacked solution is the superior option. Using the Android device as a proxy, a server can perform the actual inspection of the eMRTD, running all required security protocols, and reading the relevant data. Through this approach, the private keys do not ever need to leave the server, thereby greatly improving our ability to protect them. Additionally, we have proposed a multitude of security mechanisms to increase the overall security of such a solution. To evaluate the proposed design, we have implemented a proof-of-concept. Through this, we demonstrated the viability of the proposed solution, as well as showing how such a solution can be realized from a technical perspective. Based on our discussions and the results of our implementation, we conclude that our proposed solution is practically viable, and provides strong protection for the private keys. Additionally, we argue that this solution provides a strong basis for employing strong security mechanisms for the system as a whole. Lastly, we draw a conditional conclusion that our proposed solution can be recommended for a practical deployment by national authorities, with a high degree of confidence.