Archive for the ‘passport’ Category

hello e-passports, goodbye privacy

October 26, 2007

There has been a lot of controversy surrounding the security (or lack thereof) of electronic passports or passports issued with a so-called security chip or RFID. What exactly is it?

According to good ol’ trusty Wikipedia:

An RFID (Radio Frequency Identification) tag is an object that can be applied to or incorporated into a product, animal, or person for the purpose of identification using radiowaves.

Most RFID tags contain at least two parts. One is an integrated circuit for storing and processing information. The second is an antenna for receiving and transmitting the signal.

RFID tags come in three general varieties: passive, active, or semi-passive (also known as battery-assisted). Passive tags require no internal power source. They are only active when a reader is nearby to power them. Semi-passive and active tags require a power source, usually a small battery.

RFID tags are being used in passports issued by many countries. The first RFID passports (“E-passport”) were issued by Malaysia in 1998. In addition to information also contained on the visual data page of the passport, Malaysian e-passports record the travel history (time, date, and place) of entries and exits from the country.

RFID tags are included in new U.S. passports, beginning in 2006. The chips will store the same information that is printed within the passport and will also include a digital picture of the owner. The passports will incorporate a thin metal lining to make it more difficult for unauthorized readers to “skim” information when the passport is closed.

A primary security concern surrounding technology is the illicit tracking of RFID tags. Tags which are world-readable pose a risk to both personal location privacy and corporate/military security.