Just another ComMetrics – social media monitoring, best metrics, marketing metrics weblog

e-passports cracked 1 – safety is non-existent

November 20th, 2006 · No Comments ·

We have raised privacy issues regarding RFID since early 2003 with such postings as:

RFID Tags – Privacy Threat
Benetton and Privacy – Out the Window?
RFID – Car Keys & Gas Pump Pay Tags – Beware of Thiefs
Spotlight on Privacy, Security and Identity Cards – UK and France – Vive la Difference – RFID YES but

Most of us when getting a new passport become the ‘lucky’ owners of an identification document that besides many other things has our facial biometrics stored on an RFID chip (click on Login as a guest to get free access).
Usually, only some parts of the information will be stored on an identity card itself. For storage an RFID chip is being used as is the case in most so-called biometric passports. Accordingly, a full set of information will only be stored on the register itself. Just as with a passport, it will be cancelled immediately [if lost or stolen] and no-one else will be able to use a person’s biometric information – at least in theory.

1) RFID – U.S. Government Accountability Office (GAO) – RFID Misuse – Warning and researchers have demonstrated that with the help of a power analysis RFID’s integrity is challenged to say the least as this story shows:

Research that matters – power analysis of RFID tags – hacking RFID successfully

Moreover, security of RFID technology implemented in MRTDs is questionable as we showed here:

Research that matters – proof of concept – FIRST self-replicating RFID virus

2) Generally, governmental legislation in the U.S. or Europe stipulates that biometric information in passports or identity cards can be linked to other databases. However, the security of such a scheme must be put into doubt. In fact, it will be a tempting target for hackers who could attack the interface between the various databases.

a) can meaningful control be maintained over who has access and who that data is then shared with. An example might be a Zurich police officer scanning a Belgian tourist’s e-passport for identification purposes. If the person’s identity has to be checked further, where is the additional information coming from – will it be coming from the Belgian National ID card registry? A possibility since both, Belgium and Switzerland are members of the Schengen area.

Most legislation in Europe allows such information to be shared with police and security services where it is necessary in the public interest for the prevention and detection of crime. Schengen means that this can be done with those being part of this agreement.

b) Will access to such information be automated, rather than being granted on a case by case basis?

In practice it would have to be automated to save time and resources, would it not? Hence, whatever method a Schengen member country uses to decide before giving information to a police officer doing her rounds and wanting to check a suspect’s identity, will trigger the inquiry in Germany or The Netherlands (Schengen signatories).

Various reports raise issues about sharing such data across databases and countries. For instance:

The Use of RFID for Human Identification A DRAFT REPORT from DHS Emerging Applications and Technology Subcommittee to the Full Data Privacy and Integrity Advisory Committee Version 1.0

But for other applications related to human beings, RFID appears to offer little benefit when compared to the consequences it brings for privacy and data integrity. Instead, it increases risks to personal privacy and security, with no commensurate benefit for performance or national security. Most difficult and troubling is the situation in which RFID is ostensibly used for tracking objects (medicine containers, for example), but can be in fact used for monitoring human behavior. These types of uses are still being explored and remain difficult to predict. (page 1 of the above draft report from the DHS Subcommittee)

Incidentally, this report never made it out of draft stage so far and one wonders if it ever will. The report is 14 pages long and neither does it mince words nor do the issues raised by the authors fail to make one pause and reflect on what is being said.

To illustrate the challenges we face with RFID and e-passports further, when U.S. customs agents begin reading the new PASS cards at the border, the travel data will be stored for up to 50 years (why so long, is this supposed to improve national security, how do we protect citizens against governmental abuse of such information are all questions that have not been addressed so far).

Data will be shared within Homeland Security and be made available to law enforcement groups across the country as well as internationally, according to DHS’ own privacy assessment.

FOLLOW UP to this story will be:

e-passports cracked 2 – German, Dutch and UK citizens beware and take care

e-passports cracked 3 – Budapest Declaration raises concerns about e-passports, privacy and citizens rights
e-passports cracked 4 – will more biometrics make a difference


→ No CommentsTags: biometric · biometrics · cancelled · databases · parts · passport · stolen · stored