Have chip, will travel
The Economist reports on the new US PASS card, which uses RFID technology less secure than that in ICAO passports:
Speedy they may be, but chipped ID cards are horrendously insecure. When prompted, they broadcast their unique identifier in plain text, without any form of encryption or authentication, to anyone who is listening. And because they are designed to be interrogated from distances of ten metres or more, they are a doddle to intercept. Making matters worse, they rely on the same RFID tags used by retailers, and can therefore be “locked” or “killed” remotely by wireless commands. The scope for identity theft, chaos or worse is unlimited.
Bizarrely, you can enter America on one of these pieces of plastic. What on earth were the authorities thinking? Embarrassed officials are now appealing to people carrying such ID cards to keep them safely tucked away in metal sheaths. Truth be told, shielding them merely reduces the range from which they can be read. The current record is 65 metres.
Meanwhile, the British government is scrambling to avert a similar fiasco. Earlier this month, the Home Office announced a change of heart, saying its proposed national ID card scheme would not now be compulsory. It also deferred ordering equipment for making the cards until autumn 2010—after the next election.
Britain’s opposition parties have gone further, promising to scrap the hated ID card system altogether, along with the central database that would hold comprehensive files on everyone in the land. With a change of government expected next year, Britons may yet be spared the insanities Americans are now having to put up with.
