- New U.S. passports will soon be read remotely at borders
around the world, thanks to embedded chips that will broadcast on command
an individual's name, address and digital photo to a computerized
reader.
-
- The State Department hopes the addition of the chips,
which employ radio frequency identification, or RFID, technology, will
make passports more secure and harder to forge, according to spokeswoman
Kelly Shannon.
-
- "The reason we are doing this is that it simply
makes passports more secure," Shannon said. "It's yet another
layer beyond the security features we currently use to ensure the bearer
is the person who was issued the passport originally."
-
- But civil libertarians and some technologists say the
chips are actually a boon to identity thieves, stalkers and commercial
data collectors, since anyone with the proper reader can download a
person's
biographical information and photo from several feet away.
-
- "Even if they wanted to store this info in a chip,
why have a chip that can be read remotely?" asked Barry Steinhardt,
who directs the American Civil Liberty Union's Technology and Liberty
program.
"Why not require the passport be brought in contact with a reader
so that the passport holder would know it had been captured? Americans
in the know will be wrapping their passports in aluminum foil."
-
- Last week, four companies received contracts from the
government to deliver prototype chips and readers immediately for
evaluation.
-
- Diplomats and State Department employees will be issued
the new passports as early as January, while other citizens applying for
new passports will get the new version starting in the spring. Countries
around the world are also in the process of including the tags in their
passports, in part due to U.S. government requirements that some nations
must add biometric identification in order for their citizens to visit
without a visa.
-
- Current passports (which are already readable by machines
that decipher text on the photo page) will remain valid until they expire,
according to a State Department spokeswoman.
-
- The RFID passport works like a high-tech version of the
children's game "Marco Polo." A reader speaks out the equivalent
of "Marco" on a designated frequency. The chip then channels
that radio energy and echoes back with an answer.
-
- But instead of simply saying "Polo," the 64
Kb chip will say the passport holder's name, address, date and place of
birth, and send along a digital photograph.
-
- While none of the information on the chip is encrypted,
the chip does also broadcast a digital signature that verifies the chip
itself was created by the government. Security experts said the U.S.
government
decided not to encrypt the data because of the risks involved in sharing
the method of decryption with other countries.
-
- RFID technology has been around for more than 60 years,
but has only recently become cheap enough to be adopted widely. E-Z Pass
prepay toll systems across the country run on RFIDs, pets and livestock
around the world have RFID implants, and businesses such as Wal-Mart plan
to use the tags to track their inventory.
-
- But Electronic Frontier Foundation attorney Lee Tien
argues that RFID chips in passports are a "privacy horror" and
would be even if the data was encrypted.
-
- "If 180 countries have access to the technology
for reading this thing, whether or not it is encrypted, from a security
standpoint, that is a very leaky system," Tien said. "Strictly
from a technology standpoint, any reader system, even with security, that
was so widely deployed and accessible to so many people worldwide will
be subject to some very interesting compromises."
-
- Travel privacy expert Edward Hasbrouck argues that
identity
thieves are not the only ones with an interest in recording the data
remotely.
Commercial travel companies, including hotels, will capture the data to
create commercial dossiers when people check into hotels or exchange
currency
in order to up-sell their customers, he argues.
-
- While there are no laws in the United States prohibiting
anyone from snooping on someone's passport data, Roy Want, an RFID expert
who works as a principal engineer for Intel Research, thinks that the
possibility
of identity theft is overblown.
-
- "It is actually quite hard to read RFID at a
distance,"
said Want.
-
- A person's keys, bag and body interfere with the radio
waves, and the type of RFID chip being used requires readers equipped with
very large -- and obvious -- coils to capture the data, according to
Want.
-
- Still, he concedes that a determined snooper could create
a snooping system.
-
- "In principle someone could rig up a reader, perhaps
in a doorway you are forcing people to go through. You could read some
of these tags some of the time," Want said.
-
- But Want thinks that overall the chips will help cut
down on passport fraud.
-
- "The problem with security is there is always a
possibility of attack," Want said. "RFIDs are not going to solve
the problem of passport forgery, but people who know about printing are
not going to learn about RFIDs."
-
- © Copyright 2004, Lycos, Inc. All Rights
Reserved.
-
- http://wired.com/news/privacy/
- 0,1848,65412,00.html?tw=wn_tophead_1
|
