Electronic passports - a security problem
An article in the latest Economist highlights a problem with the biometric passports that the USA has been insisting be implemented by October 2005.
I was aware that the new passports would carry data such as digital photographs or finger prints of the owner, which could be read out a chip integrated into the passport, but not that the technology to be used would be radio-frequency identification (RFID) tags containing unencrypted data which can be read out over a distance of several meters.
The original idea, apparently, was that using unencrypted data would make international interoperability easier, and encourage airlines, hotels and car rental companies to also scan the data – thus making it easy to track the movement of suspect persons. Belatedly, the authorities have realised this may not be a very good idea – terrorists and criminals can also read the data, making it easy to target specific nationalities if they wish and increasing the ease of identity theft. Right now, confusion reigns, as the various national authorities scramble to come up with (different national) solutions to this problem.
As the Economist says: Perhaps it is time to go back to the drawing board. (Luckily, my passport doesn’t run out until 2009, so they have plenty of time to fix the little glitches resulting from an over-hasty implementation.)