Expert cracks biometric passport data

The security being developed for the government's ID cards and biometric passports programmes has been thrown into question after a Guardian reporter and a security expert took just 48 hours to access encrypted data on a biometric passport's RFID chip.

Cliff Saran, Managing Editor

Published: 21 Nov 2006 0:00

The security being developed for the government's ID cards and biometric passports programmes has been thrown into question after a Guardian reporter and a security expert took just 48 hours to access encrypted data on a biometric passport's RFID chip.

Although passports use military-grade encryption, Adam Laurie, technical director at The Bunker, said the information used to form the security key for the chip could be found using an online flight booking site and flight coupons, which are often discarded at airports.

With the information on the coupon a hacker could use an airline website to gain all the basic customer data held on an e-passport.

Laurie warned that, armed with the security key and a £100 RFID reader, criminals would be able to decrypt and clone passports.

Comment on this article: computer.weekly@rbi.co.uk

Read more on IT risk management

Election 2010: LibDems' IT-related manifesto policies The Liberal Democrats would start their term in office by scrapping ID cards, the Contactpoint child database and the next generation of biometric passports.

Change of plan on ID Cards biometrics database? The Identity and Passport Service may scrap plans to use the Customer Information System as the database for ID Cards biometrics.The CIS is run by the Department for Work and Pensions and is the ...

IBM to build database of UK fingerprints for passport service

The Identity and Passport Service (IPS) has contracted IBM to build a database to support the Government's switch to biometric passports.

IBM will...

ID Cards insider: scheme is "largest , most complex and sensitive undertaking in Government" When they were planning for ID Cards, executives at the Identity and Passport Service thought it a good idea to use the DWP's Oracle-based Customer Information System to store the biometrics part ...

How do RFID-blocking passport wallets work? RFID passports can provide quicker passage through customs, but may put sensitive data at risk. Learn about whether RFID-blocking passport wallets can keep personal credentials from being sniffed.

Identity and Passport Service nabs 9,382 passport fraudsters The Identity and Passport Service caught more than 9,000 fraudulent attempts to get a British passport,...

SearchCIO

Expert cracks biometric passport data

The security being developed for the government's ID cards and biometric passports programmes has been thrown into question after a Guardian reporter and a security expert took just 48 hours to access encrypted data on a biometric passport's RFID chip.

Read more on IT risk management

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

Shell, Halliburton, Unibap AB execs share real-world AI strategies

What's the difference between RPA and IPA?

The technological evolution of IT industry leaders: 2000 - 2020

SearchSecurity

DOJ takes action against Dridex malware group, Evil Corp

Session cookie mishap exposed HackerOne private reports

NSS Labs drops antitrust suit against AMTSO, Symantec and ESET

SearchNetworking

4 SD-WAN vendors integrate with AWS Transit Gateway

Assess the Wi-Fi 6 features available in Wave 1 and Wave 2

3 networking startups rearchitect routing

SearchDataCenter

Top 4 open source automation tools for admins

U.S. facility may have best data center PUE

Increase efficiency with data center temperature monitoring

SearchDataManagement

Amazon cloud database and data analytics expand

Vendors move away from open source database software licensing

Oracle looks to grow multi-model database features

Read more on IT risk management

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.