How Safe are RFIDs with Passports – Non Encrypted Information could be available for identify theft
Posted Feb 03 2009 12:08am
This is an interesting video questioning the use of RFID technology for passports. One thing that appears beneficial from the video is that the hacker appears to be a “white hat” hacker, in other words bringing about an awareness. With healthcare and identifying individuals with RFID this just raises a few questions. The passports supposedly are in a case which is supposed to prevent the ID information from being stolen, but when you watch the video it leaves a few questions as you see him in action.
RFID technology is great for tracking equipment in hospitals and other places, but again after watching the video there are a few questions raised here about using RFID for identity, and it didn’t cost him that much to build the technology. He also talks about how it can be matched to a credit card once the unique identification number is acquired. Last year I had another post about a hacker getting credit card information with a device he bought on E-bay for $8.00. It does present some questions as to the concept of widely using RFID to track individuals. We all certainly welcome the convenience, but want to be sure our privacy is protected too. BD
Using inexpensive off-the-shelf components, an information security expert has built a mobile platform that can clone large numbers of the unique electronic identifiers used in US passport cards and next generation drivers licenses.
The $250 proof-of-concept device - which researcher Chris Paget built in his spare time - operates out of his vehicle and contains everything needed to sniff and then clone RFID, or radio frequency identification, tags. During a recent 20-minute drive in downtown San Francisco, it successfully copied the RFID tags of two passport cards without the knowledge of their owners.
He plans to release the software's source code during a demonstration at the Shmoocon hacker convention to be held later this month in Washington.