Electronic passport (e-passport)
Globally, almost exclusively only e-passports, ie electronic passports with RFID chip according to ICAO (International Civil Aviation Organization) are issued.
The RFID technology used in e-passports facilitates travel (no visa requirement in specific countries) and simplifies controls at border crossings (automated identity verification).
Structure of the e-passport
New e-passports are equipped with an RFID chip (transponder). The international indicator for electronically readable data on the front cover signals an RFID chip inside:
Icon: RFID chip in e-passports.
The RFID chip is often embedded in the cover of the e-passport.
Example: E-Pass 10 Structure of the e-passport (source: www.bundesdruckerei.de)
E-passports follow the ISO standard ISO / IEC 14443. This is a series of standards for contactless smart cards.
The RFID frequency for e-passports is 13.56 MHz.
On the RFID chip (contactless radio chip) personal and biometric data of the passport holder are stored electronically, such as
- first / last name;
- date of birth;
- hometown, place of origin;
- nationality / citizenship;
- facial image;
The data which are stored include also document data, such as:
- date of issue / date of issuance of document;
- date of validity expiry, expiry date;
- ID number;
- type of identity document;
- official additions.
Security and privacy
The protection of privacy is in accordance with article 13 of the Swiss Federal Constitution, a fundamental right.
Each person is entitled to protection from misuse of their personal data (art. 13, para. 2). This holds also for other countries.
With RFID technology increases the risk of electronic data theft and identity fraud (virtual passport loss).
How safe are the RFID technology and encryption mechanisms used in electronic passports at the moment and in especially in the future permanently?
The correspondent authorities of each countries confirm that the e-passport is secure. Each issuer has taken precautions.
Encryption technologies should exclude unauthorized access. Data protection and information security are ensured in accordance with their information through electronic signatures and keys.
The following security mechanisms are used:
- Basic Access Control (BAC);
- Extended Access Control (EAC);
- passive and active authentication (passive / active authentication);
- Random ID.
Thus, e-passports are undoubtedly better protected against misuse (counterfeit) than the previous generations of passports, but they are never completely protected against access by electronic means (theft protection).
Therefore and nevertheless, the Federal Office of Communications (OFCOM) recommends using a RFID protection sleeve (measurement report fedpol (11.2008)); as a precaution.
Measurement report OFCOM Switzerland.pdf
For each technology there is a residual risk. Each technology is also subject to a technological progress.
In the long run no encryption mechanism is secure. Therefore, IT and security experts warn of the false sense of security.
Despite safety measures and safety mechanisms from authorities of each country it is not completely ruled out that:
- the data of the passport be read unnoticedly at a distance without contact and then.
- be cloned and copied without the passport holder knowing about this procedure.
- the data will be misused and harm is done under the identity of the passport holder.
- movement and behavior profiles are traced.
- encrypted data doesn’t mean that this data can not yet be deciphered as a result of technological progress; after all, e-passports are valid for several years. It's just a matter of time until a seemingly secure encryption technology is out of date and is cracked.
With RFID shielding products for your electronic, biometric passport your data stored on the RFID chip is secure against unauthorized access.