Passports
A number of countries have begun to embed RFID devices in new biometric passports, to facilitate efficient machine reading of personal data. Security expert Bruce Schneier said of these proposals: "It's a clear threat to both privacy and personal safety. Quite simply, it's a bad idea." The RFID-enabled passport uniquely identifies its holder, and in the proposal currently under consideration, will also include a variety of other personal information. This could greatly simplify some of the abuses of RFID technology, and expand them to include abuses based on machine reading of data such as a person's nationality. For example, a mugger operating near an airport could target victims who have arrived from wealthy countries, or a terrorist could design a bomb which functioned when approached by persons from a particular country.
The US State Department initially rejected these concerns on the grounds that they believed the chips could only be read from a distance of 10 cm (4 in), but in the face of 2,400 critical comments from security professionals, and a clear demonstration that special equipment can read the test passports from 10 m (33 feet) away, the proposal was reviewed. RFID passports will start to be issued in mass distribution in October 2006.[17] In November 2005, the State Department stated that as of October 2006 all new US passports will contain RFID chips with some security features. The passports will be shielded to prevent skimming. The department will also implement Basic Access Control (BAC), which functions as a Personal Identification Number (PIN) in the form of characters printed on the passport data page. Before a passport's tag can be read, this PIN must be entered into an RFID reader. The BAC also enables the encryption of any communication between the chip and interrogator [18].
The Pakistan Passport Authority has started issuing passports with RFID tags.
The Norwegian Passport authority has also issued passports with RFID tags, and was criticized by the Norwegian Data Inspectorate Department because of their lack of implementing any security features. As of November 2005 only a handful of passports have been issued [19].
The Malaysian Passport Authority has started using passports with RFID tags since early 2000.
The New Zealand government introduced chipped passports on 4 November 2005 after trials with pilots from the United States in association with Australia. All new passports issued by New Zealand will contain these chips.
France is to start issuing biometric identity cards on 17 April 2006.
Driver's licenses
The US state of Virginia has considered putting RFID`S tag into driver's licenses ostensibly to make lookups faster for police officers and other government officials. The Virginia General Assembly also hopes that by including the tags, false identity documents would become much harder to obtain. The proposal was first introduced in the "Driver's License Modernization Act" of 2002, which was not enacted, but as of 2004 the concept was still under consideration.
The idea was prompted by the fact that some of the September 11 hijackers held fraudulent Virginia driver's licenses. However the American Civil Liberties Union has noted that in addition to being a risk to privacy and liberty, the RFID proposal would not have hindered the hijackers, since the false documents they carried were valid, officially issued documents obtained with other false identification. The weakness in the system is not failure to validate documents in the field, but failure to verify identity before issuing them.
Religious Reaction to RFID
There has been discussion by members of the Christian community, especially Christian anarchists, that RFID tagging could represent the mark of the beast mentioned specifically in the Book of Revelation (see Revelation 13:16). This subject is studied by those Christians interested in the fields of eschatology (last things) and dispensationalism. Previously, other forms of identification such as credit cards and UPC codes had been suggested as candidates for the mark.
While the exact Mark of the Beast used in the Left Behind series (an imaginative work of fiction based loosely on the Book of Revelation) was not fully explained, the implanted chip exhibited behavior similar to a RFID tag.
Vulnerabilities
The New York Times reported on new research showing how RFID tags could be "infected" with computer viruses. "RFID malware is a Pandora's box...," the Times quotes from the study available at www.rfidvirus.org.
The Wall Street Journal reported on the privacy implications of RFID technology in consumer cards and passports. The article refers to RFID Blocking Wallets which are "designed to shield radio chip bank card[s] from being read without [the consumer's] knowledge" as a method of ensuring security.
Security expert Bruce Schneier reports on a Weizmann Institute of Science study suggesting "so-called 'wallet phones' will be capable of attacking HF tags" through power analysis attack.
Wired Magazine reported that current encryption and security measures used by RFID devices are grievously inadequate. Currently, it is very easy to steal and/or modify the data contained on most RFID chips.
|
Home >> RFID FAQ 