EUIST

EUIST

Just another ComMetrics – social media monitoring, best metrics, marketing metrics weblog

e-passports cracked 3 – Budapest Declaration raises concerns about e-passports, privacy and citizens’ rights

November 22nd, 2006 · No Comments ·

Previously we posted:

e-passports cracked 1 – safety is non-existent
e-passports cracked 2 – German, Dutch and UK citizens beware and take care

After having read the above, we would not be surprised if the reader would raise a question similar to:

_since RFID chip (click on Login as a guest to get free access) technology and large databases are likely to fail us, why use RFID e-passports?

That is not so clear. For instance, the U.S. wants to keep such electronic data from its border entry points for 50 years! [will the technology be still readable/usable – what about technological obsolescence?(click on Login as a guest to get free access)].

EU funded research shows that current technologies make it simply impossible to find MRTD that is both reliable and dependable. Moreover, such technology is neither secure nor does it protect citizens’ privacy adequately as this report indicates:

EU – [FIDIS – Future of Identity in the Information Society » Deliverables » Period 2 [2005/2006]] D3.6: Study on ID Documents

Even the summarized findings from the group’s analysis of passports with RFID and biometrics — Machine Readable Travel Documents or MRTDs make the reader pause and reflect. The researchers have put down their concerns about MRTDs in Europe and how their implementation is based on technology that was never meant to be used this way here:

Budapest Declaration on Machine Readable Travel Documents (MRTDs)
RFID technology originally was designed to be completely open and not secure, this is the problem.
_PS1.

FIDIS (the Future of Identity in the Information Society) is a Network of Excellence supported by the European Union under the 6th Framework Programme for Research and Technological Development within the Information Society Technologies (IST) priority in the Action Line: “Towards a global dependability and security framework.”

_PS2.

e-passports are issued for 5 and up to 10 years. So why should it not be possible for someone to hack the RFID chip. Or read it from 5 cm’s away learn a travellers or tourist’s identity without the person’s knowledge? And yes as the previous posting showed, e-passports from several countries have already been hacked:

e-passports cracked 2 – German, Dutch and UK citizens beware and take care
_PS3.

We need to point out though that e-passport data can only be ‘unlocked’ and accessed with a unique key code that is printed on the passport itself. Accordingly, a hacker would therefore need physical access to the passport. Only if this were the case could the content be read. Nonetheless, as shown here, pocket thiefs will deliver:

FOLLOW UP to this story will be:

e-passports cracked 4 – will more biometrics make a difference?



|

→ No CommentsTags: documents · fidis · mrtds · passport · passports · readable · rfid · travel