The Economist: The problems of high-tech passports

[David Farber <dave () farber net>]

------ Forwarded Message
From: <bob () bobrosenberg com>
Date: Fri, 18 Feb 2005 17:24:31 -0700
To: <dave () farber net>
Subject: The Economist: The problems of high-tech passports

Dave

Perhaps for IP.

IPer's are already aware of the potential problems with RFID's in Passports,
but
IMHO this from "The Economist" is worth a read.
--

Cordially,

Bob Rosenberg, Principal
R.G. Rosenberg & Assoc.
Public Policy Consulting & Advocacy and
eACE - eLearning Advocacy Civic Entrepreneur
P.O. Box 33023
Phoenix, AZ  85067-3023
LandLine:  (602)274-3012
Mobile:  (602)206-2856
bob () bobrosenberg com
www.bobrosenberg.com

**********************************************

PLEASE NOTE:  No trees were destroyed in the sending of this contaminant
free
message.  However, a significant number of electrons were somewhat
perturbed.

**********************************************

 The problems of high-tech passports
High-tech passports are not working
Feb 17th 2005
http://www.economist.com/science/displayStory.cfm?story_id=3666171

 Border controls

New-look passports
Feb 17th 2005
From The Economist print edition

High-tech passports are not working

IN OLDEN days (before the first world war, that is) the traveller simply
pulled
his boots on and went. The idea that he might need a piece of paper to prove
to
foreigners who he was would not have crossed his mind. Alas, things have
changed. In the name of security (spies then, terrorists now), travellers
have
to put up with all sorts of inconvenience when they cross borders. The
purpose
of that inconvenience is to prove that the passport's bearer is who he says
he
is.

The original technology for doing this was photography. It proved adequate
for
many years. But apparently it is no longer enough. At America's insistence,
passports are about to get their biggest overhaul since they were
introduced.
They are to be fitted with computer chips that have been loaded with digital
photographs of the bearer (so that the process of comparing the face on the
passport with the face on the person can be automated), digitised
fingerprints
and even scans of the bearer's irises, which are as unique to people as
their
fingerprints.

A sensible precaution in a dangerous world, perhaps. But there is cause for
concern. For one thing, the data on these chips will be readable remotely,
without the bearer knowing. And‹again at America's insistence‹those data
will
not be encrypted, so anybody with a suitable reader, be they official,
commercial, criminal or terrorist, will be able to check a passport holder's
details. To make matters worse, biometric technology‹as systems capable of
recognising fingerprints, irises and faces are known‹is still less than
reliable, and so when it is supposed to work, at airports for example, it
may
not. Finally, its introduction has been terribly rushed, risking further
mishaps. The United Sates want the thing to start running by October, at
least
in those countries for whose nationals it does not demand visas.

Your non-papers, please

In theory, the technology is straightforward. In 2003, the International
Civil
Aviation Organisation (ICAO), a UN agency, issued technical specifications
for
passports to contain a paper-thin integrated circuit‹basically, a tiny
computer. This computer has no internal power supply, but when a specially
designed reader sends out a radio signal, a tiny antenna draws power from
the
wave and uses it to wake the computer up. The computer then broadcasts back
the
data that are stored in it.

The idea, therefore, is similar to that of the radio-frequency
identification
(RFID) tags that are coming into use by retailers, to identify their stock,
and
mass-transit systems, to charge their passengers. Dig deeper, though, and
problems start to surface. One is interoperability. In mass-transit RFID
cards,
the chips and readers are designed and sold as a package, and even in the
case
of retailing they are carefully designed to be interoperable. In the case of
passports, they will merely be designed to a vague common standard. Each
country will pick its own manufacturers, in the hope that its chips will be
readable by other people's machines, and vice versa.

That may not happen in practice. In a trial conducted in December at
Baltimore
International Airport, three of the passport readers could manage to read
the
chips accurately only 58%, 43% and 31% of the time, according to
confidential
figures reported in Card Technology magazine, which covers the chip-embedded
card industry. (An official at America's Department of Homeland Security
confirmed that ³there were problems².)

A second difficulty is the reliability of biometric technology.
Facial-recognition systems work only if the photograph is taken with proper
lighting and an especially bland expression on the face. Even then, the
error
rate for facial-recognition software has proved to be as high as 10% in
tests.
If that were translated into reality, one person in ten would need to be
pulled
aside for extra screening. Fingerprint and iris-recognition technology have
significant error rates, too. So, despite the belief that biometrics will
make
crossing a border more efficient and secure, it could well have the opposite
effect, as false alarms become the norm.

The third, and scariest problem, however, is one that is deliberately built
into
the technology, rather than being an accident of its present inefficiency.
This
is the remote-readability of the chip, combined with the lack of encryption
of
the data held on it. Passport chips are deliberately designed for
clandestine
remote reading. The ICAO specification refers quite openly to the idea of a
³walk-through² inspection with the person concerned ³possibly being unaware
of
the operation². The lack of encryption is also deliberate‹both to promote
international interoperability and to encourage airlines, hotels and banks
to
join in. Big Brother, then, really will be watching you. And others, too,
may
be tempted to set up clandestine ³walk-through inspections where the person
is
possibly unaware of the operation². Criminals will have a useful tool for
identity theft. Terrorists will be able to know the nationality of those
they
attack.

Belatedly, the authorities have recognised this problem, and are trying to
do
something about it. The irony is that this involves eliminating the remote
readability that was envisaged to be such a crucial feature of the system in
the first place.

One approach is to imprison the chip in a Faraday cage. This is a
contraption
for blocking radio waves which is named after one of the 19th-century
pioneers
of electrical technology. It consists of a box made of closely spaced metal
bars. In practice, an aluminium sheath would be woven into the cover of the
passport. This would stop energy from the reader reaching the chip while the
passport is closed.

Another approach, which has just been endorsed by the European Union, is an
electronic lock on the chip. The passport would then have to be swiped
through
a special reader in order to unlock the chip so that it could be read. How
the
European approach will interoperate with other countries' passport controls
still needs to be worked out. Those countries may need special equipment or
software to read an EU passport, which undermines the ideal of a global,
interoperable standard.

Sceptics might suggest that these last-minute countermeasures call into
doubt
the reason for a radio-chip device in the first place. Frank Moss, of
America's
State Department, disagrees. As he puts it, ³I don't think it questions the
standard. I think what it does is it requires us to come up with measures
that
mitigate the risks.² However, a number of executives at the firms who are
trying to build the devices appear to disagree. They acknowledge the
difficulties caused by choosing radio-frequency chips instead of a system
where
direct contact must be made with the reader. But as one of them, who
preferred
not to be named, put it: ³We simply supply all the technology‹the choice is
not
up to us. If it's good enough for the US, it's good enough for us.²

Whether it actually is good enough for the United States, or for any other
country, remains to be seen. So far, only Belgium has met America's
deadline.
It introduced passports based on the new technology in November. However,
hints
from the American government suggest that the October deadline may be
allowed to
slip again (it has already been put back once) since the Americans
themselves
will not be ready by then. It is awkward to hold foreigners to higher
standards
than you impose on yourself. Perhaps it is time to go back to the drawing
board.



------ End of Forwarded Message


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/