Embedded RFID and Everyday Things: A Case Study of the Security and Privacy Risks of the U.S. e-Passport

Privacy and Security

Article Snapshot

Author(s)

Jennifer King, Marci Meingast and Deirdre Mulligan

Source

IEEE International Conference on RFID, March 2007

Summary

This paper looks at how Radio Frequency Identification (RFID) tags affected the security of passports.

Policy Relevance

Adding RFID tags to objects raises security risks, and the Department of State should have consulted more experts and more opinions before adopting the proposal.

Main Points

  • RFID technology is used to tag ordinary objects with tiny transponders and store data. The data can include sensitive information about individuals. Wrongdoers can intercept the data if the objects are carried into public.

  • In 2002, the U.S. Department of State proposed an “electronic passport” program, to add RFID transponders to U.S. passports. The tags were added, beginning in 2006. But the privacy and security risks of adding the RFID tag were not fully addressed.

  • The passport tags could be read remotely, so eavesdroppers could scan them from a distance to obtain the holder’s birth date and digital photograph. Or an eavesdropper could scan hotel rooms for American citizens, facilitating theft, assaults, or other crimes.

  • Technology called a “Faraday cage” was added so the passport sends out data only when it is open, giving the holder some control over when the information is revealed. A light or sound could also be used to alert people that data is being sent.

Get The Article

Find the full article online

Search for Full Article

Share