Malta’s Entry/Exit System (EES): interoperability and data security for Schengen border management
SOFTWARE
The Client
MPF and border control
The Malta Police Force (MPF) is responsible for law enforcement in Malta and comprises approximately 2,500 people. MPF’s ICT Department operates in a highly integrated European environment, working with EU infrastructures and agencies (eu-LISA, Interpol, Europol, Frontex) and with other Schengen Member States to support border control, migration flow management, and international police cooperation.
Meeting the technical requirements of the new European Entry/Exit System (EES) is a complex integration challenge, connecting national infrastructures with EU central databases. To address this, the Malta Police Force (MPF) launched a digital transformation programme aimed at ensuring maximum interoperability and secure data exchange across the border-management chain.
In this context, GPI played a key role as technology partner, delivering the full development lifecycle of the middleware and upgrading the software interfaces used for border checks. Building on existing Schengen-related systems, the team managed the complexity of the transition while keeping operational disruption to a minimum.
The outcome is an integrated ecosystem — live at Malta International Airport since 12 October 2025 — ensuring end-to-end digital traceability of entries and exits and aligning Malta with the most stringent protocols of the EU Smart Borders package.
The needs
digitalisation, security and interoperability
The Entry/Exit System (EES) addresses concrete operational needs: security, flow management and the modernisation of border checks across the Schengen area.
Before EES, checks relied on stamping passports of non-EU travellers — an analogue process with significant limitations:
- it did not allow automatic tracking of stays and made it difficult to identify overstayers (travellers exceeding the permitted 90-day period);
- it provided no shared, centralised picture, as each Member State recorded entries and exits independently;
- it increased the workload for officers, who had to carry out checks across non-integrated systems.
EES is designed to meet three main requirements.
1) Digitalisation and automation
A single electronic register for non-EU travellers entering or exiting the Schengen area.
The system automatically records:
- identity data;
- biometric data (fingerprints and facial image);
- date and place of entry and exit;
- refusals of entry, where applicable.
2) Security and flow control
Real-time checks to:
- verify whether a person has exceeded the permitted stay;
- reliably identify persons of interest through biometrics shared across Member States;
- prevent identity fraud and the use of falsified documents;
- support investigations into cross-border threats.
3) European interoperability
EES operates within the EU ecosystem coordinated by eu-LISA and interfaces with:
- SIS – Schengen Information System for information sharing, security and border management;
- VIS – Visa Information System for short-stay visa data exchange;
- EURODAC – a biometric database supporting asylum-related procedures;
- SIRENE – the operational bureaux supporting supplementary information exchange linked to SIS alerts.
GPI has been working with Malta Police Force for years on the evolution of systems linked to the Schengen area. A cornerstone of this partnership is the management of SIS II – Europe’s leading safety database – and its updates.
The challenge
Technical complexity and EU-wide synchronisation
The ESB middleware, on which EES is deployed, is the strategic infrastructure ensuring reliability, security and data protection for exchanges between Malta’s national system and the EU central system.
EES complexity was driven by the need to coordinate 29 Schengen Member States, all bound to rigid development, testing and deployment timelines.
Key challenges included:
- maintaining stable, synchronised test environments;
- meeting EU-wide constraints for coordinated production readiness;
- managing functional changes issued monthly from the central system.
These factors required three years of work, during which GPI ensured continuous support and operational continuity.
The solution
Software architecture and systems integration
Within the EES programme, GPI developed and integrated the software solutions required by the institutional bodies involved in migration flow management.
Specifically, GPI delivered web services and applications supporting:
- Border control: registration management and digital verification of entry/exit events;
- Contact Access Points: real-time monitoring and verification of cross-border movements for law enforcement authorities;
- Immigration authorities: traveller identity checks.
The system is compliant with Regulation (EU) 2017/2226 in terms of security, interoperability and data protection. It is integrated with the Biometric Matching Service and EU databases to enable:
- electronic registration of non-EU travellers;
- biometric verification;
- faster, more accurate checks aligned with the EU regulatory framework.
Following the go-live on 12 October 2025, the EES system was progressively activated at Malta International Airport; the integration is expected to be completed by April 2026, in alignment with the roadmaps of other Member States.
Benefits
Process optimisation and end-to-end traceability
Putting EES into production is a strategic step towards digital, secure and integrated borders, consistent with the EU Smart Borders vision. For Malta, this means:
- handling the growing tourist and migration flows transiting through Malta International Airport (MIA);
- integrating MPF’s local systems with EU infrastructures (SIS, SIRENE, VIS);
- ensuring biometric data is processed in line with GDPR and Schengen rules.
In the first ten days after go-live, the system successfully processed more than 10,500 passports of non-EU travellers.
Future roadmap
ETIAS evolution and the ESP portal
This operational milestone reinforced MPF’s trust in GPI for the implementation of ETIAS (European Travel Information and Authorisation System), a strategic project awarded in 2023. ETIAS will be a key component for managing visa-exempt non-EU travellers, developed with a focus on full interoperability across border-control systems.
In parallel, GPI is supporting Maltese Police in EU initiatives focused on data centralisation. A major programme is the implementation of the ESP (European Search Portal): the future unified access gateway to EU systems. ESP will aggregate biographic and biometric data to counter identity fraud, further strengthening security across the European area.
