State Department proposes $20 RFID passport cards

This week the U.S. State Department proposed the introduction of wallet-sized passport cards for Americans who travel frequently to Canada, Mexico and the Caribbean, which would cost less than a regular passport and allow frequent travelers to cross the border more quickly at land and sea crossings. But privacy groups are worried about the use of RFID chips in the passport cards.

The proposed passport cards would be the size of a credit card, cost $20 for adults plus a $25 “execution fee,” and be valid for 10 years, the same as a regular passport. They would only be valid for land and sea travel between the U.S. and Mexico, Canada, the Caribbean and Bermuda, according to the State Department.

As part of the Western Hemisphere Travel Initiative, Congress has required that all U.S. citizens traveling by land have passports by January 1, 2009. A regular passport costs $95.

The UHF vicinity technology would allow reader equipment to link to the card from a distance of about 32 feet, in contrast to the HF proximity technology that functions within three feet. Proponents of both the technologies tout their current or future security benefits, while some privacy activists have questioned or denounced the use of RF technology of any kind for secure credentials.

“Using free read RFID technology is a bad idea,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “Unlike electronic passports, which have built-in security features, a free read of a unique reference number at long distances opens possibilities to identify or even track U.S. citizens.” — Government Computer News

That’s easy: Just have your rogue RFID reader sitting out somewhere and see who passes by. Then see who passes by at some other location. It would be fairly easy to use other data to match up the random numbers on the RFID cards to real people without ever needing access to the government’s database.

Dan Caprio, president of the Progress and Freedom Foundation, said he wants to see the details of the request for information but expects to offer comments. “We would oppose any sort of technology mandate pitting one portion of the industry against another,” Caprio said. “Mandates are not productive, not good for innovation.” — National Journal’s Technology Daily

Homeland Security Secretary Michael Chertoff urged Latin American countries to go along with the proposal, saying that we must all “come to grips” with the idea that international travel and trade need increased security, and encouraging businesses to go along with security measures as good for them. “The ultimate vision at the end of the day is not only to protect the United States but to protect the world,” he said.

Production of the passport cards is expected to begin next summer, State Department deputy assistant secretary for passport services Frank Moss said.

The government is seeking comments on the proposed regulations. (PDF) “We’re encouraging comments as part of the rulemaking process because we know this has to be a dialogue,” Moss said. Please do comment: go to www.regulations.gov and search for DOS-2006-0329-0001. Comments must be received by December 18.

One thought on “State Department proposes $20 RFID passport cards

  • March 3, 2010 at 6:59 pm
    Permalink

    RFID enabled cards and passports have been indisputably proven unsecure. Even with the most innovative encryption, data can be skimmed (read stolen) from these devices. The best way to secure data stored on a RFID enabled card or passport is to prevent unauthorized access to it in the first place. Focusing on this objective, we developed ‘Dead Bolt’ integrated contactless RFID security technology.

    Our patent pending security solution is built directly into RFID enabled cards or passports at the time of manufacture. This solution integrates novel piezo driven circuitry into the card or passport, disabling the receive/transmit functions of the RFID circuit. To allow the card or passport integrated with our technology to receive and transmit, a simple and intuitive pressure is applied. This activates our circuitry which, in turn, allows the RFID circuit to function normally; however, this condition is momentary. The time in which our circuitry allows the RFID circuit to send and receive is predetermined by the issuing vendor’s requirements – the unit shown in our demonstration videos is arbitrarily set for 200 milliseconds. At the end of this predetermined “read/transmit window” our circuitry resets, again disabling the card or passport.

    ‘Dead Bolt’ is thinner than the embedded RFID chip itself and gives no outward appearance of its existence, allowing for practically unlimited applications. It is impossible to access data stored on RFID enabled cards and passports that integrate ‘Dead Bolt’ technology until or unless the user intentionally initiates the read process.

    For more information and to see demonstration videos of ‘Dead Bolt’, go to http://www.spiveytechnologies.com and http://www.youtube.com/spiveytechnologies.

Comments are closed.