Mobile Tech

Questions Surround ePassport Despite New Regulations

The U.S. government has finalized plans to implant RFID tags in all newly issued or renewed passports beginning October 2006. The State Department issued new regulations earlier this week, despite concerns from privacy advocates that the chips will pose threats on several different fronts, including the ability to track citizens’ movements via the chip in their passports.

Other privacy concerns include the fear that identity thieves could intercept the information stored on the tags because they are non-contact chips, and the potential of terrorists to be able to recognize U.S. citizens abroad via the chips’ signal.

Addressing the Majority’s Concerns

Of the 2,335 comments received by the State Department during the planning process, 98.5 percent were negative, with most focused on security and privacy. But one proponent of the plan said that she believes privacy worries have been addressed.

“As a result of raising such concerns, the government re-examined the technology it was proposing, looked around at other available technologies, including an international standard called ‘basic access control,’ and then made a number of adjustments to its plans about the type of technology intended for the passports,” Anita Campbell, editor of RFID Weblog, told TechNewsWorld.

Basic Access Control (BAC) requires a password or other secret key to unlock the data stored within. The only way to access the data is to open the passport and physically scan the information printed under the photo, although whether the encryption is secure enough is also a matter of debate.

Scanning Under Control

The chip in the ePassport will be embedded in its back cover and sealed off by an anti-skimming film, which is supposed to eliminate the ability to scan the chip when the passport is not open.

“As with all things privacy related, reasonable precautions should be taken, and then common sense has to prevail,” Campbell said. “I’m not sure anything in the world can be guaranteed to be 100 percent secure — even non-RFID passports have insecurities. They can be lost, forged, have their bar codes read, etc.”

A pilot program encompassing federal employees who have Official or Diplomatic passports and travel on government business is scheduled to begin in December. EPassports will adhere to international standards developed by the International Civil Aviation Organization.

The State Department’s regulations also require that any foreigners who don’t need visas to enter the United States must instead have RFID passports.

Campbell said that the RFID industry has plenty of time to ramp up production.

“Chip and tag prices have dropped recently, indicating no shortage of supply,” she added.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Technewsworld Channels