Get Smart about Business Spending
- Related Stories
-
Homeland Security dismisses Real ID privacy worries
March 21, 2007 -
Researchers: E-passports pose security risk
August 5, 2006 -
Tech industry attacks state anti-RFID laws
April 19, 2006 -
New RFID travel cards could pose privacy threat
April 18, 2006
At a Monday workshop here, privacy advocates said they were puzzled that come summertime, the U.S. Department of State, in consultation with the Department of Homeland Security, still hopes to begin issuing so-called "passport cards" embedded with radio frequency identification (RFID) chips whose data can be skimmed by readers up to at least 20 feet away.
The technology, which is similar to the passes read by highway tollbooths, is already being used in other U.S. immigration documents and programs, but that doesn't make it any less troublesome, critics said at the first day of an identification workshop hosted by the Federal Trade Commission.
The decision to use such chips in the new passes nonetheless "should be reconsidered," said Neville Pattinson, a vice president with Gemalto North America, which makes microprocessor chips for so-called "smart cards" that are capable of more sophisticated privacy protections. Pattinson, who also serves on a committee that advises Homeland Security on data privacy and security issues, said the vast majority of some 4,000 public comments that have been submitted in relation to an ongoing rulemaking proceeding about the passes frowned upon the approach.
"Reckless" is the only way to describe the government's inclination to use a form of RFID designed by the Massachusetts Institute of Technology and industry partners "to track items in warehouses," said Ari Schwartz, deputy director of the Center for Democracy and Technology. "It was not created for tracking people, and now we're using it in this way that is a potentially very big risk."
The passport cards are billed as a response to widespread demand for a lower-cost passport alternative from people who live in border communities and, like all Americans, are expected to be required to begin showing passports at land and sea border crossings beginning next year. (Similar requirements for air travel took effect earlier this year.)
The document would be valid for a 10-year period and would require the same application process as a normal passport, but it would physically resemble a credit card rather than a traditional book-format passport.
The idea behind the longer-range read zone for the cards is to let information be extracted from all of the cards in a particular vehicle at once and displayed on a border patrol officer's computer screen before the cardholder's vehicle reaches the checkpoint. The government says this will speed up the screening process.
In their most recent draft rules issued in October (PDF), government officials said they're leaning against using a chip that could be read from only a few inches away because it would require vehicles to slow down and hold out cards one at a time for scanning. It was unclear when the final rules would be released.
Patty Cogswell, acting associate director for Homeland Security's Screening Coordination Office, downplayed the privacy risks. She said the government intends to issue the cards in a sleeve that would block data from being read off the chip. Beyond that, the data that would be read from an exposed card would only be a single number "that doesn't mean anything."
"It's not a number that can be generated from anything specific; it's truly a random number issued by our system," Cogswell said.
CDT's Schwartz said he wasn't consoled by the fact that the number would be randomly generated because it would ultimately be tied to an individual and used as an identifier.
"The only positive thing that could possibly be said about the pass cards is that it is a voluntary system," he said.
See more CNET content tagged:
passport, Ari Schwartz, RFID, Mexico, pass
Second, they should stay inactive until something specific is done - perhaps a pressure switch needs to be pressed.
Last, they should never broadcast anything without receiving a valid authentication code from the checkpoint (this is to reduce abuse by third parties).
THIS IS COMPLETELY AND TOTALLY NOT NECESSARY AND WILL
DO *NOTHING* TO INCREASE SECURITY!!!
9-11 happened because Bush wanted it to. It gave him a reason
to first invade Afghanistan, then his true target - Iraq. It made
the general population STUPID enough to think that their
liberties, guaranteed in the Constitution, were the root of the
problem.
In case you missed *that* point, yes the terrorists have already
"won". Bush has done everything in his power to ensure that.
If we keep along this same path laid out by the Bush
administration, the next government catchphrase will be an old
one ...
PAPERS PLEASE!!!
Aside from the obvious answer that Canada and Mexico are soverign nations, it might have something to do with how the current (Bush)administration apparently deems Canada and Mexico too much of a security risk to even negotiate civily with over this - much let alone "annexate", which brings us right back to the underlying reason that either basic passports or these RFID cards will be required by U.S. citizens to re-enter the country.
- RFID private issues
- by rfidabc August 28, 2007 1:34 AM PDT
- On the 30th of September this year, a new compliance directive will come into force from the Payment Card Industry (PCI) that will affect each and every business that accepts credit cards around the globe, including those here in Thailand. Among the directives is a requirement for merchants to secure their networks, both wired and wireless, and to audit their compliance at least once every three months.
- Reply to this comment
-
(7 Comments)See more: http://www.rfidglobal.org/news/2007_8/200708161459224670.html
http://www.rfidglobal.org
RFIDGlobal.org is an internationally oriented online platform for RFID companies and end users.