Thursday, August 07, 2008

E-Passports Can Be Hacked and Cloned in Minutes [E-passport]

Source: http://feeds.feedburner.com/~r/gizmodo/full/~3/357844752/e+passports-can-be-hacked-and-cloned-in-minutes

Tests conducted for the UK's Times Online have concluded that the new high-tech e-passports being distributed around the world can be hacked and cloned within minutes. A computer researcher proved it by cloning the chips in two British passports and then implanting digital images of Osama bin Laden and a suicide bomber. Both passports passed as genuine by UN approved passport reader software. The entire process took less than an hour.

Initially, the assumption was that cloned chips would be spotted because their key codes would not match those stored in an international database. However, only 10 of the 45 countries participating in the e-passport program have signed up to for the Public Key Directory (PKD) code system, and only five are currently using it. On top of all that, the research also suggests that biometric data could also be manipulated and implemented into fake passports.

At this point, there has been no evidence to suggest that an e-passport has been successfully cloned and passed off as genuine in a real life situation—but it is bound to happen unless every country buys into the PKD. Even then, I still have my doubts about long term security. We all know that its only a matter of time before someone figures out how to manipulate the system. [Times Online]