News, Culture & Society

Your e-passport could be compromised by digital attackers, finds new study

Electronic passports were designed for efficiency, but may pose a security threat.

A flaw has been uncovered that lets data thieves scan the passport ‘several feet away’ and track the person’s every movement.

Electronic passports came into being around 2004 and are documents that contain embedded computer chips that store basic information of the individual.

 

A flaw has been found that lets thieves scan the passport ‘several feet away’ and track the person’s every movement. E-passports (pictured) were released 2004 and are documents that contain embedded computer chips that store basic information of the individual

The newly discovered flaw can be found in all electronic passports from all over the world, leaving many to fear if they are being followed while at the airport. 

The standard, Civil Aviation Organization (ICAO)9303, allows e-passport readers at airports to scan the chip inside a passport and identify the holder.

The information stored on the chip is the same as that which is displayed on the data page of the passport. 

This includes your full name, date of birth, place of birth, date the passport was issued, expiration date, etc. 

This includes your full name, date of birth, place of birth, date the passport was issued, expiration date, etc. The chip also contains a biometric identifier in the form of a digital image of your passport photo. The technology was designed to make check-in more efficient

This includes your full name, date of birth, place of birth, date the passport was issued, expiration date, etc. The chip also contains a biometric identifier in the form of a digital image of your passport photo. The technology was designed to make check-in more efficient 

The chip also contains a biometric identifier in the form of a digital image of your passport photo.

It also has a unique identification number and digital signature as a protective measure. 

And although they were designed to ease the boarding process, this technology has been found to have a flaw that threatens the individual’s privacy.

Dr. Ross Horne, Prof. Sjouke Mauw, PhD candidate Zach Smith and Master student Ihor Filimonov at UNIVERSITY OF LUXEMBOURGtested the standard. 

They discovered a flaw which allows specific non-authorized equipment to access passport data. 

‘With the right device, you can scan passports in close vicinity and reidentify previously observed passport holders, keeping track of their movements’, Dr. Horne explains.

 ‘Thus, passport holders are not protected against having their movements traced by an unauthorized observer.’

Researchers have not clarified what device is capable of tracking cardholders, but did not that it is a device that most people could obtain.

This technology has the ability to identify an individual several meters away and then keep track of that passport — meaning they can follow the person everywhere they go.

Although the attacker is unable to gather all the information from the chip, this act is still a threat to security and privacy.  

‘As most passports today use the same standard, this security flaw potentially has global impact,’ continued Dr Horne.

In Europe, such a security breach likely violates requirements from the EU data protection framework. 

Governments have the responsibility to protect individual privacy and to ensure that official documents are bulletproof against such attacks, the researchers explained.

Both traditional and electronic passports could soon be a thing of the past, as the future could put a chip into your hand that lets you check in and board a flight.

In 2016, Vice president of digital for technology consulting at Soget, Andreas Sjöström, implanted  a near-field communication chip (NFC) in his hand before going to the airport to catch a flight.

Sjöström took viewers on a journey as he waved his hand over a scanner, allowing him to slide through airport security and right to his seat on the plane. 

Both traditional and electronic passports could soon be a thing of the past, as a chip in your hand could let you check in and board a flight. In 2016, Andreas Sjöström, implanted a near-field communication chip (NFC) in his hand before going to the airport to catch a flight

Both traditional and electronic passports could soon be a thing of the past, as a chip in your hand could let you check in and board a flight. In 2016, Andreas Sjöström, implanted a near-field communication chip (NFC) in his hand before going to the airport to catch a flight

‘I had an NFC chip implanted into my hand, just beneath the skin,’ Sjöström, vice president of digital for technology consulting at Sogeti, explained in the video. 

‘In this video I use the chip to pass through Stockholm Arlanda airport, through security, at the lounge, and finally through the gate to the aircraft.

The chip held his Scandinavian Airlines EuroBonus member ID, and since the airport has NFC readers all the way from security to the gate.

Sjöström didn’t need the traditional boarding pass, just a flick of his wrist to place the microchip on top of the scanner.

This type of cutting-edge technology has been used for digital payments, controlling mobile phones and unlocking doors, according to The Telegraph.

‘The point is you don’t need anything to be identified or recognized to go through a touch point,’ Massimo Pascotta, who works with innovation at SAS, explained in the video.

‘Whether it’s security or a lounge, it’s a breakthrough you didn’t need to care about carrying a boarding pass or device with you.’

The chip held this flyers' Scandinavian Airlines EuroBonus member ID, and since the airport has NFC readers all the way from security to the gate. Sjöström didn't need the traditional boarding pass, just a flick of his wrist to place the microchip on top of the scanner

The chip held this flyers’ Scandinavian Airlines EuroBonus member ID, and since the airport has NFC readers all the way from security to the gate. Sjöström didn’t need the traditional boarding pass, just a flick of his wrist to place the microchip on top of the scanner

The microchip used in this experiment was an xNT implant from Dangerous Things, which develops biohacking and citizen science equipment.

Amal Graafstra, CEO of Dangerous Things, told Mic the trial was part of Scandinavian Airlines’ aim to further innovate its customer experiences, which currently includes an NFC-readable sticker that holds a passenger’s details.

The microchip used in this experiment was an xNT implant from Dangerous Things, which develops biohacking and citizen science equipment. The kits come with microchips, surgical gloves and syringes that can be ordered directly through on the Dangerous Things website

The microchip used in this experiment was an xNT implant from Dangerous Things, which develops biohacking and citizen science equipment. The kits come with microchips, surgical gloves and syringes that can be ordered directly through on the Dangerous Things website

The kits come with microchips, surgical gloves and syringes that can be ordered directly through on the Dangerous Things website.

It also comes with detailed instructions on how to implant the chip into your hand.

Sjöström explained the process was painless and the only way to know the chip is in your skin is by rubbing your hand over it.

‘I didn’t have to pull out anything,’ he explained.

This type of cutting-edge technology has been used for digital payments, controlling mobile phones and unlocking doors. It comes with detailed instructions on how to implant the chip into your hand

This type of cutting-edge technology has been used for digital payments, controlling mobile phones and unlocking doors. It comes with detailed instructions on how to implant the chip into your hand

‘It gave me a new sensation, sort of a pre-notion of what it will be like in the future when we don’t have to reach out with physical objects to accomplish things.’

Sjöström suggested in the future, devices may be created that can be placed on top of the skin instead of inside it.

‘I’ve tried it with public transportation solutions, I’ve connected it to NFC-enabled door lock systems in offices,’ he added.

‘I’ve succeeded with some and not with others. But if no one experiments, no one will find this out.’

Read more at DailyMail.co.uk


Comments are closed.