Use of RFID in ePassport and National ID Cards Coming Under Fire

Renee Boucher Ferguson

The separate initiatives put forth by the U.S. State Department and the U.S. Department of Homeland Security to utilize RFID in passports, identification cards and drivers licenses are coming under fire from various directions. At issue: Concerns that the radio frequency method of storing data on national electronic ID cards—the ePassport, PASScard, and electronic driver’s license—is neither secure nor private.

On Dec. 12, two Senators—a Democrat and a Republican—said they would propose legislation to repeal the Real ID Act of 2005 if the Department of Homeland Security does not change the act to include more personal privacy provisions and less of a financial burden on states, according to news reports.

The Real ID Act enacted by Congress last year mandates that every state overhaul its driver’s license ID card system by 2008.

The act requires real-time authentication for documents such as birth certificates and social security cards—which would require a massive electronic, interoperable network—and the creation of a national database to store the electronic data gathered at the state level.

Sen. Daniel Akaka, D-Hawaii, and Sen. John Sununu, R-N.H., said they take issue with the technology implications of the act.

Sen. Akaka pointed out that if the proposed national database were to be breached it would “provide one-stop access to virtually all information necessary to commit identity theft.”

Sen. Akaka pointed to a study by the National Governor’s Association that estimated states would have to come up with a total of about $11 billion each to implement the necessary infrastructure to verify information electronically. He will chair the Senate Homeland Security and Governmental Affairs subcommittee —the group that has jurisdiction over the relationship between the federal and state governments—next year.

On Dec. 6, the Emerging Applications and Technology Subcommittee, part of the Data Privacy and Integrity Committee that advises DHS, toned down its harsh criticisms of RFID (Radio Frequency Identification) technology used to identify individuals—referring to the ePassport and PASScard ID card—in a report released Dec. 13.

While the updated report suggested early considerations of privacy and security—versus the initial summer draft report that suggested RFID not be used at all—it still hinted that “RFID, standing alone, may not be best suited for purposes of identifying individuals.”

On Dec. 4, the Smart Card Alliance, an industry group that works to foster the adoption of sensor-based technology used in all types of industry and consumer applications, such as credit cards, cell phones, issued a statement urging the federal government to reconsider its use of vicinity-read RFID technology in the proposed PASScard ID card that would be used by US citizens crossing into nearby countries, including Canada, Mexico and the Caribbean.

“Our members, who include technology providers of both contactless smart card and RFID products, understand human identification security and agree that the vicinity-read RFID technology proposed for the passport card is the wrong technology to implement a secure identification card,” said Randy Vanderhoof, executive director of the Smart Card Alliance, in the report. “We urge the State Department and Department of Homeland Security to reconsider this decision in favor of more secure ‘proximity’ contactless smart card technology.”

The issue with vicinity-read RFID, and with other forms of identification that utilize RFID, is that information obtained in the RFID chip can be read from several feet away, according to the Smart Card Alliance. The distance concept factors into the DHS’ plans, which are to be able to read, for example, a carload of PASSport I.D. cards with a single wave of a reader.

Long range RFID tag technology, according to the Alliance and other industry watchers, should be used for tracking products, not people.

In its report the Alliance listed a number of concerns, including: a lack of security safeguards; the potential for tracking and citizen distrust; the duplication of required border infrastructure to accept this identity document technology in addition to ePassports; a reliance on central databases and real-time access to networks to read the data stored on cards; and potential operational issues with multiple vicinity-read RFID tags in vehicles.

At the same time, according to the Alliance, there is currently no standards review or open discussion of the DHS’s implementation approach.

Jarrod Agen, a spokesperson for the DHS, said the department is in the process of determining what alternative documents could be used to meet the Western Hemisphere Travel Initiative’s mandate that requires all US citizens traveling by land or sea between the US and Canada, Mexico, Bermuda, the Caribbean and Central and South America, to have a passport or alternative ID.

“The PASScard is one of the suggestions,” said Agen, in Washington.

In a speech at George Washington University on Dec. 14, Department of Homeland Security Secretary Michael Chertoff defended the department’s use of technology at border crossings and in national identification cards to protect citizens and weed out potential terrorists from entering the country.

Chertoff outlined a three-pronged approach that includes electronically collecting and analyzing personal information on people crossing US borders, electronic ID cards, and gathering biometric information from individuals using the cards—the RFID chips on the ePassports mandated last year have enough memory capacity for biometric indicators that could include face or iris scans in addition to 10 finger prints.

“We are continuing to push forward on secure documents,” said Chertoff. “[The initiatives] are all designed to make sure that our border inspectors, when they confront documents, are looking at documents that are secure, that are tamper-proof, and that are based on underlying reliable information.

To prevent skimming and eavesdropping of data from the ePassports—and likely the PASScard and electronic driver’s license as well—the government has added BAC (Basic Access Control) and a shielding material to the passport.

BAC requires that the characters from the printed machine-readable zone of the passport be read first to unlock the chip for reading, according to the State Department’s Web site.

“Thus, when an electronic passport is presented to an inspector, the inspector must scan the printed lines of data in order to be able to read the data on the chip,” the site said. The shielding material on the outside of the passport is meant to protect against unauthorized readings.

“We plan to implement features for RFID that would prevent any stealing of private information,” said Agen, referring to the ePassport. “The RFID chip will not store any personal information—it will simply store a coder or number used by a reader to call up information in a database. That is done in an effort to prevent skimming. And there are other [measures] that we wouldn’t discuss publicly yet.”

Agen said that when the technology is fully developed and deployed, the DHS will provide more specifics. “We don’t want to give out all the security features, so that people would try and find a way around them,” he said.

Despite mounting concerns, few believe there will be any changes to the ePassport initiative already underway.

Jim Harper, a director of information policy studies for the Cato Institute and co-author of the DHS advisory report, believes that while the State Department will eventually fail at its ePassport initiative, it will be some time before any real understanding—or action—sets in.

“For some reason State has been deeply committed to ePassport despite the fact that there is no benefit at all from the technology,” said Harper, in Washington. “It will take a relatively long time for them to fail at it. A program has to fail consistently over several years, or maybe many years, for a system to fail [within the State Department]. Rarely is there a, ‘oh, this doesn’t work, let’s move on.’ It will just fail for several years, and finally be abandoned.”

Harper points out two distinct reasons ePassport won’t work: speed, or the lack thereof, at border crossings and security issues.

“There have been some pushback and some privacy concerns, but on a global scale ePassports are going to move forward,” said Michael Liard, an analyst with ABI Research, in Oyster Bay, N.Y., who follows the RFID industry. “Use plans in Europe, Asia and the U.S. market are going to come on board. But you also have to appreciate that we’ve been talking about this for years.”

The State Department began issuing ePassports in August.