backtop

Science RFID US Passports Coming in August
Tuan Nguyen (Blog) - July 14, 2006 11:49 AM
Print E-mail del.icio.us 42 comment(s) - last by TomZ.. on Jul 17 at 12:07 AM

Nokia's 3220 can read RFID tags
Concerns over security is as high as ever

It appears as though the long-awaited RFID passports that the US government has been talking about is about to arrive. According to a report on CNNMoney, the US government will begin issuing RFID-enabled passports beginning this August. The new passports will have integrated radio frequency identification tags that will allow security officials at airports to verify the validity of the information printed on the passport.

DailyTech previously reported that the US government was conducting localized testing of the new passports earlier this year. Although the technology was originally designed to increase security and prevent counterfeits, many industry expects and analysts say that because of the nature of RFID technology, the new passports will be prone to "skimming". According to some reports, people with the right technology and malicious intent, will be able to read information off the passports just by being near an RFID passport holder.

Despite the fears, officials say that the new passports are highly secure and are based on proven technology used in a wide variety of scenarios. RFID chips and cards are used at many companies to authorize employee entry into restricted areas. The US State Department recently added several new features to the passports citing concerns from industry experts. Deputy Assistant Secretary of State for passport services Frank Moss says that concerns are overstated and "we wouldn't be issuing the passports to ourselves if we didn't think they're secure."

Still, concerns are there. Many believe that it will be easy for the new passports to be cracked. In a previous DailyTech report, the new RFID Dutch passport was cracked within 2 hours of being used. Some say that RFID reading devices are also easy to come by and are inexpensive. Nokia actually produces cell phones that are capable of reading RFID chips -- the Nokia 3220 is one of them.

Comments     Threshold


This article is over a month old, voting and posting comments is disabled
Trust us...we're from the government
By masher2 (blog) on 7/14/2006 12:09:42 PM , Rating: 3
Even assuming these passports are as secure as the government claims (which I think is an unwarranted assumption), this still means anyone with one of these is going to be walking around with a beacon in their pocket, screaming "I'm an American".

If I ever have to visit the Middle East again with one of these, I'll be wrapping the thing in tinfoil before I step outside the airport.




RE: Trust us...we're from the government
By Pythias on 7/14/2006 12:24:56 PM , Rating: 3
You go anywhere in the world, not just the middle east, and youre a target. Another shocker: It was that way even when a democrat was president!


RE: Trust us...we're from the government
By Goty on 7/14/2006 12:40:29 PM , Rating: 2
First of all, you pretty much scream, "I'm an American!" no matter where you go regardless, and anyone looking at your passport is probably going to notice anyways.

The whole security issue is blown entirely out of proportion, I think. RFID tags don't "transmit" any signal, they require and outside RF signal in order to be read, and even then you have to be fairly close in order to read it. Someone would have to be uncomfortably close in order to be any kind of a risk.


RE: Trust us...we're from the government
By OrSin on 7/14/2006 12:43:36 PM , Rating: 2
You really think people need to see a passport to pick out an American. WE stand out in most countries. Parts of the world hated us with democratic pres. Even more hated us with a Republican pres. But with this Bush everyone hates us. Maybe after he gets out of office I can vote republican again.


By masher2 (blog) on 7/14/2006 2:03:27 PM , Rating: 2
> " Parts of the world hated us with democratic pres...But with this Bush everyone hates us..."

Actually, during the Yugoslav war (under Clinton, if you recall) relations with Russia, Ukraine, China, and several other nations were far worse than during the Iraq war, or at present. Most people in the US forget that the UN didn't approve that military venture either...and after we invaded, there were thousands of Russians rioting in the streets for action to stop us. And after we bombed the Chinese embassy in Belgrade-- anti-US riots in China as well.


RE: Trust us...we're from the government
By masher2 (blog) on 7/14/2006 1:57:11 PM , Rating: 2
> "First of all, you pretty much scream, "I'm an American!" no matter where you go regardless"

On the contrary, I've lived or worked in several foreign nations, and visited dozens of others. Except in a few special cases, I'm never distinguished as a US citizen.

Believe it or not, Americans don't have a distinctive smell or physical appearance. Now, if your entire experience in foreign nations is in tourist areas, on a bus full of other Americans-- I can see how you might form that opinion.

> "anyone looking at your passport is probably going to notice anyways..."

The point is, you don't have to LOOK at an RFID passport to read it. Its a litle passive transmitting beacon. It transmits back a portion of a signal it receives.

> "you have to be fairly close in order to read it"

Ranges of 100 meters are trivial to implement. And even a 10 meter range is a risk factor, for someone moving often through large crowds in foreign nations.

If you remember, Bluetooth was supposed to be limited to a few meters also...and we've already seen Bluetooth attacks from several *miles* away.


RE: Trust us...we're from the government
By Goty on 7/14/2006 3:02:04 PM , Rating: 2
I understand your points, and agree with most of them, but I think you misinterpreted what I was trying to say. In response to your first point, I realize that not everyone is the "typical American traveler", but most are (hence the terminology).

I also realize that you don't have to look at an RFID tag to read it, I just meant that your passport being a way to identify your nationality isn't really something outrageous or revolutionary, and that someone would still pretty much have to obtain your passport in order to read the tag, which brings me to the last point.

You could design an RFID tag to only rebroadcast a small(er) amount of the signal it receives or even limit the maximum output of such a signal so that the effective rang would only be inches.


RE: Trust us...we're from the government
By masher2 (blog) on 7/14/2006 3:26:04 PM , Rating: 3
> "You could design an RFID tag to only rebroadcast a small(er) amount of the signal it receives or even limit the maximum output of such a signal so that the effective rang would only be inches. "

It doesn't work like this. The devices are passive; the power they transmit is based on the amount of power they receive. Even were the US to use an active RFID beacon (which they aren't) you're still up against the basic laws of physics. There is no way one can design a fixed range into an electromagnetic tranmission.


RE: Trust us...we're from the government
By Wwhat on 7/15/2006 5:54:31 AM , Rating: 2
I read on CNN I think it was long long ago when these issues came up that they were going to weave copper in the cover of the passport so that you must open it to have it read, I wonder what ever happened to that plan.


By TomZ on 7/15/2006 9:03:34 PM , Rating: 2
quote:
I read on CNN I think it was long long ago when these issues came up that they were going to weave copper in the cover of the passport so that you must open it to have it read, I wonder what ever happened to that plan.

That was an older approach considered by the government. In response to public outrage over security, the government decided to implement Basic Access Control instead:

Basic Access Control, or BAC, works this way: The data on a passport would be stored on an RFID chip in the passport's back folder, but the data would be locked and unavailable to any reader that doesn't know a secret key or password to unlock the data. To obtain the key, a passport officer would need to physically scan the machine-readable text that's printed on the passport page beneath the photo (this usually includes date of birth, passport number and expiration date). The reader would then hash the data to create a unique key that could be used to authenticate the reader and unlock the data on the RFID chip.

Full article at http://www.wired.com/news/privacy/0,1848,67333,00....


The facts speak for themselves
By crystal clear on 7/15/2006 6:57:50 AM , Rating: 1
For the last 40 years, the 2 most sought after item for
forgers/criminals/spy agencies/etc were the US dollar &
ofcourse the US passport.
Put in the best of technology into them,soon comes the so
called work around that forgers use to continue their
profession.The same applies to credit cards.
As for US passport holder in the middle east-the best solution is avoid those areas as far as possible.There are
plenty of US citizens of Arab origins/names that could go instead of you,without any problems whatsoever.
With the exception of Israel no Arab country is safe for
US citizens-with the exception of those of Arab origins/
names.
Thats the Facts so accept it.




RE: The facts speak for themselves
By Burning Bridges on 7/15/2006 9:36:02 AM , Rating: 2
*falls over laughing at the paranoia and sillyness*


By interl0per on 7/15/2006 7:34:40 PM , Rating: 2
well you may be laughing but i have quietly realized that i will probably never be leaving the North American continent again in my life.

rfid passports are a non issue to me that i may freely make light of.
have at it.


RE: The facts speak for themselves
By crystal clear on 7/15/2006 10:07:08 PM , Rating: 2
Oh How I wish you were in NY in the world trade centre
you would have got a taste of LIFE & DEATH (9/11).
Even there ,we had many who thought like you.Till.........

Burning Bodies & not BURNING BRIDGES.


RE: The facts speak for themselves
By Wwhat on 7/15/2006 10:26:31 PM , Rating: 2
ROFL


RE: The facts speak for themselves
By Wwhat on 7/15/2006 10:27:09 PM , Rating: 2
At your failed attempt at dramatics


Introducing.....
By AMDfreak on 7/14/2006 12:22:43 PM , Rating: 1
I am now introducing my new line of Tin Foil Passport Wallets. Pre-order now and get a matching hat!




RE: Introducing.....
By IMPoor on 7/14/2006 1:36:01 PM , Rating: 2
I know your being sarcastic but on a series note tin foil would most likely work since it is an electronic. But for a permanant solution I bet 5 seconds in the microwave would kill the device without harming your passport. There is probably several other methods also.


RE: Introducing.....
By Trisped on 7/14/2006 2:10:43 PM , Rating: 2
If you damage the RFID chip so it doesn't work then they probably won't accept your passport.

I thought there was even a rule that you couldn't put a shield on it so officials could check it without stopping you.


RE: Introducing.....
By TomZ on 7/14/2006 3:47:27 PM , Rating: 3
quote:
If you damage the RFID chip so it doesn't work then they probably won't accept your passport.

The failure of the RFID component doesn't necessarily have to render the passport invalid. This would only be a policy decision. For example, if my credit card's magnetic stripe stops working, the store will just type in the credit card number instead. I don't see why the same type of situation wouldn't apply for RFID passports.