Expert cracks biometric passport data
The security being developed for the government's ID cards and biometric passports programmes has been thrown into question after a Guardian reporter and a security expert took just 48 hours to access encrypted data on a biometric passport's RFID chip.
The security being developed for the government's ID cards and biometric passports programmes has been thrown into question after a Guardian reporter and a security expert took just 48 hours to access encrypted data on a biometric passport's RFID chip.
From forensic cyber to encryption: InfoSec17
Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.
Although passports use military-grade encryption, Adam Laurie, technical director at The Bunker, said the information used to form the security key for the chip could be found using an online flight booking site and flight coupons, which are often discarded at airports.
With the information on the coupon a hacker could use an airline website to gain all the basic customer data held on an e-passport.
Laurie warned that, armed with the security key and a £100 RFID reader, criminals would be able to decrypt and clone passports.
Comment on this article: computer.weekly@rbi.co.ukRead more on IT risk management
-
Why businesses must think like criminals to protect their data
-
Security Think Tank: Use awareness, education and controls to halt cryptojacking
-
Security Think Tank: Awareness is a good starting point to counter fileless malware
-
Security Think Tank: Human, procedural and technical response to fileless malware
Start the conversation
0 comments