The U.S. State Department has begun issuing e-passports. These passports have radio frequency identification (RFID) chips embedded in the rear cover of the document. AFP reports that all previously issued passports will remain valid until they expire. Limited production of the e-passports began on December 30, 2005, with a pilot program issuing diplomatic and official passports, according to a State Department media note dated February 17, 2006.
|Full-featured accounting software at an easy-to-afford price.
The RFID chips in the new passports contain electronic versions of the same information printed in the passport itself, according to AFP. In the future, biometric items such as fingerprints may be contained on the chips as well, but currently information on the chips is limited to:
- Date of birth
- Place of birth
- Date of passport issuance
- Date of passport expiration
- Passport number
- Photographic image of the passport bearer.
The Department reported that they began phasing-in the issuance of these electronic passports in order to allow better international travel for U.S. citizens. Enhanced border security was also stated as a reason in deciding to issue these controversial passports.
The Department also reports that an anti-skimming device is integrated into the front cover of the passport, as well as the use of basic access control (BAC) technology to stop possible unauthorized reading of the information in the passport. AFP reports that these features make it more difficult to forge or even alter these official documents, as the information is verifiable with the information printed in the passport.
Concerns of remote reading and other eavesdropping activities voiced by privacy groups have fallen on deaf government ears, for the most part. A German computer security expert showed conference attendees earlier this month how to crack the RFID chip in the new passports and clone the official documents.
State Department spokesman Sean McCormack defended the anti-skimming features in the front cover and spine of the passports, saying that remote scanning was not possible when the front cover is closed. A unique encryption key is also necessary to read the chip electronically. Each embedded RFID chip has an individual identification number that allows the tracking of any cloned or copied passports, in addition to other security features.
CNN Money reports that although the passports were issued to reduce human error on the part of immigration officials, safeguard against possible counterfeiting of the documents and speed the processing of visitors, the information is still available using radio receivers.
Israeli researchers at the University of Tel Aviv created a briefcase-sized skimmer using $110 worth of electronic hobbyist kits, in May 2006. Its 15-inch antenna had a read range of under a few feet. Back in 2005, a Cambridge researcher built a skimmer that that could access an RFID chip’s information up to 160 feet away, according to CNN Money. Also in 2005, Dutch security researchers cracked the encryption on a mocked up RFID passport in two hours, using a desktop computer.
Futurist Bruce Sterling told CNN Money, “Basically, you’ve given everyone a little radio-frequency doodad that silently declares ’Hey, I’m a foreigner. If nobody bothers to listen, great. If people figure out they can listen to passport IDs, there will be a lot of strange and inventive ways to exploit that for criminal purposes.”
Security technologist Bruce Schneider continues in the same thought in CNN Money, "The basic problem with RFID is surreptitious access to ID. The odds are zero that RFID passport technology won’t be hackable.” Schneider is an author and chief technology officer at the consultancy Counterpane Internet Security.
The State Department maintains all security concerns have been overstated. “We wouldn’t be issuing the passports to ourselves if we didn’t think they’re secure. We’re our own test population,” according to Deputy Assistant Secretary of State for Passport Services Frank Moss, speaking to CNN Money.