With the original incarnation
slammed over security concerns, a new breed of RFID-enabled passports received the U.S. State Department’s stamp of approval
last Monday. The new passports are set to launch this spring for U.S. citizens
entering the United States through land and sea checkpoints.
Readable at up to 20 feet, the
next-generation design is supposed to help increase passports’ security and
reduce the omnipresent lines found at entry points around the country.
Compared to the previous generation of RFID passport – dubbed
“e-Passports” – the new generation of RFID passports contain security features
that are far more protected, with many of its developments based on the 4,000+
responses received by the State Department on a public request for comment in
December 2006. New security features include:
While many critics continue to
express privacy concerns, the new security features are sufficient to pacify at
least some of the passport’s vocal critics. “At the moment, the security
protections in U.S. passports are pretty good,” said Ari Juels, Chief Scientist
and Director of Massachusetts-based RSA Laboratories, in a December 14 statement to the Los Angeles
The new passport design will use
“vicinity read” RFID technology, as opposed to the previous generation
“proximity read” technology, which need to be swiped at a scanner and were only
readable from a few inches.
However, while the new passports are
a definite improvement, critics stress that they are far from perfect. Critics
have particularly attacked the new passports’ increased range, which many claim
will help facilitate identity theft. In one example, mobile security company Flexilis
found the passport’s metallic shielding inadequate, allowing for the passport’s
transmitter to be read even when it is closed.
To demonstrate this, Flexilis posted
video demonstrating a proof of concept where a trashcan armed with
an explosive charge detonates as a dummy equipped with the “shielded” passport
passes by. The threat, it says, is that terrorists could use the passports’
increased range to selectively identify Americans in foreign lands, possibly
taking action against them that may include bodily harm.
Despite the new passports’ flaws –
which the Los Angeles Times says are nothing to lose sleep over – most
everyone agrees that the changes are a much-needed improvement over the
current RFID passport, which gained pariah status among security circles
for notoriously weak security features.
quote: A “randomized unique identification” system that produces a different ID each time the chip is accessed