'The whole passport design is totally brain damaged,' Grunwald told wired.com. 'From my point of view all of these RFID passports are a huge waste of money. They're not increasing security at all.' Grunwald says it took just two weeks to figure out how to clone the passport chip, and cost him $200. He tested the attack on a new European Union German passport, but the method would work on any country's e-passport, since all of them will be adhering to the same ICAO standard. Authorities say the chip, which is digitally signed by the issuing country, will help them distinguish between official documents and forged ones. Since March, all passports issued in the UK have contained RFID chips with physical identification information.
I really have no idea why everyone thinks RFID is a technology that should be used with passports. The one advantage of RFID is that it is contactless and can be read from a distance. This requirement makes no sense for a passport. In all situations where someone would be using a passport, they are going to be interacting with a customs offical. By its every nature, this is a slow process. There is no need for a quick, distance-readable passport solution. There are many technologies that can meet the requirement of being machine readable and storing lots of data that cannot be modified. A digitally signed 2D barcode come to mind. A 2D barcode also has the added benefit of not triggering a bomb thats scanning for the emissions of American passports |