'Uncloneable' biometric passports pass the test

Take that, skimmers

By Nick Heath, 22 September 2008 11:15

NEWS

Europe has moved closer to the rollout of full biometric passports after key systems were shown to work.

The UK was one of 27 countries that took part in the tests of RFID chips and passport readers for second generation ePassports.

silicon.com's A to Z of Biometrics

Click on the links below to find out everything you'll need to know about biometric security.

A is for Accuracy
B is for Behavioural biometric
C is for Cash machine
D is for Database
E is for Ear
F is for Facial recognition
G is for Gummi bears
H is for Hand geometry
I is for Iris
J is for Juan Vucetich
K is for Keystroke dynamics
L is for Liveness testing
M is for Mobile phones
N is for Network security
O is for Oxford
P is for Palm
Q is for Queues
R is for Registration
S is for Signature verification
T is for Twins
U is for Universality
V is for Voice verification
W is for Walk
X is for X-ray
Y is for Young
Z is for Zurich Airport

The tests demonstrated that it was possible for different EU countries to produce the ePassports to the same standard and that the ePassports could be recognised by passport authentication systems in multiple countries.

Of the 27 countries, 12 completed the first round of tests and demonstrated their second generation ePassports could be recognised by authentication systems in more than one country.

The second generation ePassports, due to be introduced in the UK in 2011/12, will be fitted with a RFID chip containing fingerprint scans and personal details, which will feature security measures to guard the data against cloning or tampering.

First generation ePassports, introduced in the UK in 2006, typically hold only facial photo scans and ID information from the paper passport on a RFID chip.

Second generation ePassport chips feature increased protection by requiring the passport reader to authenticate itself, reducing the chance of 'skimming' - the practice of an unauthorised reader extracting personal information from the chip. Chip readers will have to be authorised by the ePassport issuer up to one month beforehand to gain access to the ePassport chip.

The communication between the chip and the reader is more strongly encrypted on second generation ePassports compared to the encryption on first generation ones.

Bob Carter of the Identity and Passport Service and chairman of the Brussels Interoperability Group, said in a statement: "The rigorous testing in Prague was a critical step in the European deployment of second generation ePassports."

A spokeswoman for the Home Office said that additional protection on second generation chips would "prevent the chip data from being cloned".

The tests were run by digital security company Entrust.

Comments

There are 6 comments. Join the discussion

  1. 1. Karen Challinor

    "reducing the chance of 'skimming'"

    not "eliminate"

    and as a holder of a first generation epassport which will not need renewal for several years, along with a large proportion of the passport holding population, could someone explain how vulnerable my passport is ? and how much the version 2 will cost ? and what civil rights I have to give up in order to have one ?

  2. 2. Drew Stephenson

    Karen, the easy answers are:
    very
    more
    the rest of them.

    Hope this helps ;¬)

  3. 3. James Button

    The word 'Uncloneable' denotes faulty thinking.
    If 1 can be produced by technological means, then 2 can be produced.
    And we 'all know' that government buy in the technology, so there's enough information available via patent offices etc to reproduce the technology.
    And we also 'all know' that criminal minds ae far better at applying technologythat the government wants to accept, or allow-for.

    Then again, how soon until you need your 'passport' to access Digital Rights (CSS) protected media?
    Or did you already get your copy of De-CSS ?

  4. 4. Roger Huffadine

    OK - so I ask dim questions - how can a reader be authenticated by a passport chip that hasn't been scanned for say 12 months? If it is possible for this to happen then logically the skimming window is still open - once the algorithm of the passport is understood it is possible to skim.
    In simpler terms how does the passport know that the skimmer is not authenticated?

  5. 5. anonymous

    Joke...give a £50k prize o the hacker community to have a go and I bet before the weekend it will be cracked. Common sense dictates if the Pentagon, NASA, MI6, NSA, DRM, VISA, SIMs, coins and currency notes can all be cracked and manipulated...then a little chip will stand no chance.

    And thats even before organised crime gets involved... Please stop this nonsense.

    If passport applicants were more rigourously checked when issued...more would be achieved, at infinitely less cost.

    UK TaxPayer

  6. 6. Simon

    "prevent the chip data from being cloned"

    Presumably this will be "impossible" in the same way that Enigma was uncrackable, and CSS was uncrackable, and ACSS was uncrackable, ...

    Given that keys will need to be distributed to thousands of machines around the world, there's going to be plenty of opportunities for them to be "mislaid" - like, err, well almost every database the government seems to touch !

Post your comment

In order to post a comment you need to be registered and logged in.

Log in or create your silicon.com account below

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy.

Questions about membership? Find the answers in the Membership FAQ