Search: Home Bugtraq Vulnerabilities Mailing Lists Jobs Tools Beta Programs
    Digg this story   Add to  
U.S. deploys first e-Passport readers
Published: 2006-09-27

The U.S. Department of Homeland Security (DHS) has deployed its first e-Passport readers into production, despite criticism from privacy advocates and security experts concerned about the technology.

In a statement released today, the DHS said that it had completed deployment of the first U.S. e-Passports at the San Francisco International Airport. The move is the first in a series of deployments required to meet the October 26, 2006 congressional deadline requiring all U.S. ports of
entry to compare and authenticate data in e-Passports.

The American e-Passport movement has been criticized by security and privacy experts concerned about identity theft, the tracking and surveillance of individuals, and cloning of the passports for nefarious purposes.

New U.S. e-Passports contain a 64 kbit RFID chip with personal information about the passport holder. DHS officials claim that the passports must be held within ten centimeters of a reader to have their data read, a limitation widely disputed by RFID experts, who use high power antennas to read RFID data up to 50 feet away.

It is believed that the e-Passports can also be cloned. In August of this year, security researcher Lukas Grunwald demonstrated the cloning of a European Union e-Passport at the Black Hat and DEFCON security conferences in Las Vegas. The EU passport uses similar RFID technology to the American passport. Proponents of the e-Passport have responded to the cloning issue by claiming the Black Hat and DEFCON demonstrations did not actually break the security of the information on the chip.

In 2004, the American Civil Liberties union raised alarm over the proposed use of e-Passports, citing an erosion of civil liberties in the United States and the ease at which the data may be stolen, manipulated, or used for other purposes.

The U.S. completed a live test of the e-Passports in April 2006.

Posted by: Kelly Martin
    Digg this story   Add to  
Comments Mode:


Privacy Statement
Copyright 2009, SecurityFocus