RFID Lowdown: E-Passports

July 27, 2006

E-Passports - Q&A

Several concerned pals have asked me, questions regarding the security of tagged passports. So much so, that riding the surge of concerns I made the first post – "Tagged passports…” Since the last post - "Are RFID passports safe...", everyone wants to know more of Faraday cases and passports.

Rfbase, my informed reader, is back with more information and yet again I'm making a post based on his comments. To clarify one point, I wasn't referring to "hacking" faraday cases when I said, "get past the faraday cage" in my last post. I was merely playing devil's advocate for the general public who had these questions...

Questions: What happens when I take the passport out of the case? Do I have to buy a faraday case for my passport? What about the cost? Will the passport come with the case?

Answers: Chances are that you will be getting the passport with a built-in Faraday case. Then you may ask how will the reader read it. It looks like the E-passport can be read when it is opened and will block all reading when kept shut. Costs - not much information is coming out about the whole thing.

Sparring with RFbase has anyway allowed me to get a whole lot of information out to our readers. It also makes me wonder why the Department of Homeland Security is not speaking out to people about the security features.

The DHS site says: “If you were issued a passport on or after October 26, 2006, and it is not an e-Passport, you will need to obtain a visa. If your passport does not have this feature, you can still travel without a visa if you:

1. Were issued a valid passport before October 26, 2005, with a machine-readable zone, or 2. You have “e-Passport,” which includes an integrated computer chip capable of storing biographic information from the data page, a digitized photograph, and other biometric information.”

It is obvious that despite the concerns of the public not much information is out there about the security features of E-Passports. In fact, Rfbase has been doing a better job at informing the public by sending me his comments. Lastly, as far as hacking the encrypted reading goes nothing's foolproof forever!

--
Did you enjoy this post?

July 27, 2006 in Implementation | Permalink