Use of cheap RFID chips make new U.S. passports vulnerable
Americans can now apply for the U.S. Passport Card, which is also known as the Pass Card; the RFID chips are cheap Class One Generation Two models, which are vulnerable to cloning
Researchers say it is relatively easy to clone RFID tags held in new U.S. border passports and enhanced drivers’ licenses (EDLs). A joint research paper from staff at the University of Washington and Web security firm RSA shows how the RFID chips can be cloned from distances of up to 50 meters. They also found that key anti-cloning techniques recommended by the DHS had not been used in the tags.
Since the beginning of 2008 Americans have been able to apply for the U.S. Passport Card, which is also known as the Pass Card. Containing a readable RFID chip, the card is intended to offer greater security and speed up border crossings for holders. Computerweekly reports that the researchers have found, however, that the RFID chips are cheap Class One Generation Two models. Any cost benefit obtained is countered by their vulnerability to cloning, says the report. The chips are easier to clone because they do not use unique tag identifier codes, as recommended by the DHS, but generic manufacturer’s codes instead.