Advertisement
The State Department is nearing completion of its conversion program for the hotly debated RFID-based electronic passports, or e-passports, despite warnings from security experts that these passports could be accessed or tracked by the wrong individuals. In fact, some security experts feel that the technology contained in this type of passport could be used by terrorists to construct a bomb designed to target anyone of their choosing. There is also some concern that e-passports do not have enough security embedded to outlast a decade of hackers and the advancement of technology.

The government, however, does not agree. In August, the State Department began issuing e-passports containing radio frequency identification (RFID) chips out of its Denver and Washington, DC passport offices, with full production to begin by mid 2007. All U.S. passports are expected to include RFID chips containing personal biometric information by 2017.

For those who may not be totally familiar with this product, the e-passport is a contactless smartcard (meaning it doesn’t require contact with a scanner) with a secure microprocessor that employs a passive radio frequency to transmit data over an encrypted wireless link to a reader. The chip, which is embedded inside the cover of the passport, contains a duplicate copy of the passport photograph and the printed data found on the paper version.

Like everything else that is controversial, there are two ways to look at this issue. Let’s first consider the benefits of e-passports. According to Frank Moss, deputy assistant secretary for passport services, “e-passports have been successfully beta-tested. They improve overall security by making it more difficult to forge or alter documents. All personal information on a chip must match what appears on the printed portion and if one is stolen, the chip has a unique identifying number that can be tracked.”

Now let’s consider the negative aspects of e-passports. The government chose an RFID chip that does not require contact with a reader. The e-passport’s RFID chip can be read by a scanner, but it must be within four inches of the device. Sounds pretty secure, right? Or at least an improvement over what we have now. You would think so; however, a Dutch security firm recently demonstrated that they were able to intercept a data exchange between an e-passport and RFID reader and access the encrypted files containing fingerprints, photographs and other data. Not to mention the technological advancements in products such as RFID antennas that could possibly pick up the exchange of information. Even if I were a betting person, I wouldn’t place any money on the idea that e-passports will successfully survive their 10-year life expectancy without an improvement in functionality and technology to outwit hackers.

Although such test results do not give me a warm and fuzzy feeling, I still think the government is heading in the right direction. The fact that there are ways in which one can crack the information contained in e-passports does not constitute the type of security exposure that directly equates to eminent danger. What is more important is that electronic passport will be much more difficult to forge and thus will hopefully reduce the number of individuals misrepresenting themselves. If nothing else, the tracking device will certainly improve the number of suspects apprehended.

Advertisement
Advertisement