Renew Your Passport Now!

If you have a passport, now is the time to renew it -- even if it's not set to expire anytime soon. If you don't have a passport and think you might need one, now is the time to get it. In many countries, including the United States, passports will soon be equipped with RFID chips. And you don't want one of these chips in your passport.

RFID stands for "radio-frequency identification." Passports with RFID chips store an electronic copy of the passport information: your name, a digitized picture, etc. And in the future, the chip might store fingerprints or digital visas from various countries.

By itself, this is no problem. But RFID chips don't have to be plugged in to a reader to operate. Like the chips used for automatic toll collection on roads or automatic fare collection on subways, these chips operate via proximity. The risk to you is the possibility of surreptitious access: Your passport information might be read without your knowledge or consent by a government trying to track your movements, a criminal trying to steal your identity or someone just curious about your citizenship.

At first the State Department belittled those risks, but in response to criticism from experts it has implemented some security features. Passports will come with a shielded cover, making it much harder to read the chip when the passport is closed. And there are now access-control and encryption mechanisms, making it much harder for an unauthorized reader to collect, understand and alter the data.

Although those measures help, they don't go far enough. The shielding does no good when the passport is open. Travel abroad and you'll notice how often you have to show your passport: at hotels, banks, Internet cafes. Anyone intent on harvesting passport data could set up a reader at one of those places. And although the State Department insists that the chip can be read only by a reader that is inches away, the chips have been read from many feet away.

The other security mechanisms are also vulnerable, and several security researchers have already discovered flaws. One found that he could identify individual chips via unique characteristics of the radio transmissions. Another successfully cloned a chip. The State Department called this a "meaningless stunt," pointing out that the researcher could not read or change the data. But the researcher spent only two weeks trying; the security of your passport has to be strong enough to last 10 years.

This is perhaps the greatest risk. The security mechanisms on your passport chip have to last the lifetime of your passport. It is as ridiculous to think that passport security will remain secure for that long as it would be to think that you won't see another security update for Microsoft Windows in that time. Improvements in antenna technology will certainly increase the distance at which they can be read and might even allow unauthorized readers to penetrate the shielding.

Whatever happens, if you have a passport with an RFID chip, you're stuck. Although popping your passport in the microwave will disable the chip, the shielding will cause all kinds of sparking. And although the United States has said that a nonworking chip will not invalidate a passport, it is unclear if one with a deliberately damaged chip will be honored.

The Colorado passport office is already issuing RFID passports, and the State Department expects all U.S. passport offices to be doing so by the end of the year. Many other countries are in the process of changing over. So get a passport before it's too late. With your new passport you can wait another 10 years for an RFID passport, when the technology will be more mature, when we will have a better understanding of the security risks and when there will be other technologies we can use to cut the risks. You don't want to be a guinea pig on this one.

This op ed appeared on Saturday in the Washington Post.

I've written about RFID passports many times before (that last link is an op-ed from The International Herald-Tribune), although last year I -- mistakenly -- withdrew my objections based on the security measures the State Department was taking. I've since realized that they won't be enough.

EDITED TO ADD (9/29): This op ed has appeared in about a dozen newspapers. The San Jose Mercury News published a rebuttal. Kind of lame, I think.

EDITED TO ADD (12/30): Here's how to disable a RFID passport.

Posted on September 18, 2006 at 6:06 AM • 144 Comments

Comments

daySeptember 18, 2006 7:02 AM

Too late for the UK. Just renewed my passport and received one with RFID. Of course, the UK Passport Service does not mention the dreaded RFID acronym anywhere on their site (www.passport.gov.uk) and I can find no information on whether or not a UK passport is shielded in a similar way to the US ones. I also have not received any response to my request for further information on this.

TobiasSeptember 18, 2006 7:14 AM

The problems of RFID passports was discussed last year on the 22C3, only for the german passport and the lecture was in german: http://events.ccc.de/congress/2005/fahrplan/...

One particular weakness of the german passport is the basic access control. The primary data on the passport is protected with a passphrase which is generated from machine-readable data on the front of the passport. An attacker can use this knowledge to reduce the keyspace a lot (the data is: passport ID (10^9, but not really random), date of birth (100*365 or less), date of expiry (10*365))...

But there was also a workshop to build an RFID-Killer which does not leave burn marks on your passport. See https://events.ccc.de/congress/2005/wiki/RFID-Zapper(EN) for details. All you need is a disposable camera and some copper wire...

ShuraSeptember 18, 2006 7:17 AM

Too late for Germany as well; RFID passports were introduced in November 2005 already, although if you get one before March 2007 now, it won't contain your fingerprints, at least.

Whether that really makes a big difference is another question, of course.

jMhSeptember 18, 2006 7:26 AM

Renewing the passport may be only temporary and yet uncertain solution. Countries that are promoting RFID-passports today may enact a law that you must have chip in your passport to be able to enter the country. Frying the chip sounds nice alternative :)

Noone SpecalSeptember 18, 2006 7:37 AM

Earlier someone said.. "Of course, the UK Passport Service does not mention the dreaded RFID acronym anywhere on their site (www.passport.gov.uk) and I can find no information on whether or not a UK passport is shielded in a similar way to the US ones."

Actually, there is a little bit of information..
http://www.google.co.uk/search?...

TimSeptember 18, 2006 7:45 AM

I'm about to renew my passport (in the UK); as I don't want my details to go into the UK Big Brother database. However it almost sounds like they're rolling it out a bit early.

I wonder if it would cause me problems travelling if I accidentally microwaved my passport...?

daySeptember 18, 2006 7:53 AM

@ Noone Specal

Thanks for the google link - the search form on passport.gov.uk itself did not turn this up. For much more information see the No2ID forum at http://forum.no2id.net/viewtopic.php?p=47792

I can't believe our government is issuing RFID passports without (up front) informing its citizens of the risks. Why is the complete story not provided in the FAQ on passport.gov.uk or, even better, expained in some of the literature that accompanies the new passport document when it arrives in the post?

Incidentally, I have read (somewhere can't find link) that a passport with unreadable chip could be considered an invalid document - regardless of how the chip came to be damaged (rules out microwaving ones own passport for self protection as suggested by some, rules in Denial Of Service attacks)

Dom De VittoSeptember 18, 2006 7:58 AM

Too late, in the uk this is already being rolled out. My kids renewed theirs, and one of them came back 'chipped'.

I'm tempted to see how it handles a little trip in the microwave :-)

All this is especially worrying, considering the Swedish (?) contactless/RFID passports have been have been hacked - with unauthorised readers able to pull name and other details from the passport "at range".

Something that seems to have missed people is that RFID, as so anyone with a big enough arial is going to start "pass-driving", and just like WEP, when a vulnerability IS found, they'll be able to steal identities on-masse.

gregSeptember 18, 2006 8:09 AM

I have one. NZ issued early and i had to pay twice as much for it.

As much as its a problem and would like a contact chip system (like the US will go for that), I really don't think stealing Identities is gunna work en mass anymore than it does already. Here in Austria they want to *see* the passport. Not scan it and i think most places will be like this.

Sure i have "sheild" in my bag, but i'm not gunna worry. Hell sometimes i even use my Visa card at shops with click clacks--They could be ripping me off!!........there are bigger fish to fry than RFID passports.

PonderSeptember 18, 2006 8:14 AM

Too late for the Netherlands too. There is quite a row about getting the picture right. The new passport comes with new guidelines for the picture, confusing the heck out of civil servants and frustrating both requesters and photographers. E.g: no smiling, fully frontal picture, no reflection in glasses etc. One person actually got his phoographs turned down because it showed the carrying-cords of his glasses (no doubt making him indistinguishable from your average villain).

AnonymousSeptember 18, 2006 9:06 AM

The facial photo requirement is undoubtedly for easing the work of Facial Recognition. They can't take 4-5 pictures of the same person, so they need the best picture possible.

The passports themselves (NZ at least) are likely quite secure in terms of the data encryption.

Carlo GrazianiSeptember 18, 2006 9:07 AM

A microwave can't be the only way this thing can be damaged.

What about subjecting the chip area to a few hundred PSI, using an embossing device (like a notary stamp, fitted with a blank stamp, natch)?

What about connecting a 9V battery across the area in question?

What about baking the passport? Paper can stand up to higher temperatures than silicon...

How about covering the chip with a drop of some kind of metallized adhesive compound, like an iron filings suspension in white-out, or some kind of metal-color paint?

How big is this chip, anyway? Where is it located? What's a good DIY diagnostic of whether it's still alive?

J.D. AbolinsSeptember 18, 2006 9:07 AM

While shielding may be a *bit* of help, Bruce Schneier is right about the shielding doing no good when the passport is open.

Maybe an RF shield bag with a peephole ("RFID Burka"?) for the hotel clerk and other non-border control people can look at the printed info could lessen the RF disclosure problems. But that's likely to be cumbersome.

One less cumbersome approach for RFID devices that need to be read only once in a while, say, at border crossings, would be an on/off switch or a contact that the person would have to press to make the RFID readable. After all, the overseas hotel clerk just has to see the printed info, not scan the RFID.

(If the passport readers do ever become widespread for businesses, it will introduce new twists in the RF disclosure concerns. Such issues are likely to arise once drivers licences move to using RFIDs.)

Oh, for telling if your passport is "chipped", see Edward Hasbrouck's posting at http://www.hasbrouck.org/blog/archives/... . Also there are RIFD passport info link off of his home page, www.hasbrouck.org

Finally, for those interested in the history of passports, there's a fascinating book I've been reading: "The Passport: The History of Man's Most Travelled Document" by Martin Lloyd, ISBN 0750940352. One of the more interesting chapters deals with the case of William Joyce who was tried and executed for his WW2 "Lord Haw Haw" propaganda broadcasts. The death penalty hinged upon his passport and what it said about allegiances and nationality.

BobSeptember 18, 2006 9:30 AM

When are the new e-passports supposed to start shipping in the US? Expedited passports in the US are ETA 2 weeks.

Dmitry BurovSeptember 18, 2006 9:30 AM

Maybe idea with a cradle-plugable passport-shielding can help with it?

When you don't trust an area you're in (airport, for example), you can plug your passport (hided in shielding) to a cradle of customs serviceman instead of open it and make vulnerable to distant reading.

jmrSeptember 18, 2006 9:52 AM

Dmitry, I don't trust -any- area. Simply removing the RFID aspect of the passport removes the remote-read security vulnerabilities entirely. But RFID doesn't mean "can't be read electronically". Just use a contact based reader instead of RFID. If credit card conglomerates can figure out how to make swipe systems work globally on billions of transactions a week, surely the US Govt can too?

Of course, there are still other vulnerabilities. It used to be that copying the data on an ID was a process that took effort. Therefore, while you may have been required to show ID, and have some items copied from it, you would both know that is was happening and could prevent the actual copy operation from succeeding. Now, it becomes cheap to copy all the data off the ID and store it in a database, possibly to sell to other parties, without much in the way of control of the identified party if he/she agrees to allow electronics to read the ID.

ReprintSeptember 18, 2006 10:15 AM

How about you scan in the Passport pages with your face plus the front and back cover - print yourself out a 4,page mini-passport, laminate and use it as ID - keeping your real passport secured somewhere else when you travel. Just show it at hotels, credit card, walking around, etc. For border crossings pull out the real credit card.

AlanSeptember 18, 2006 10:22 AM

If you renew now, what is the risk that they send you an RFID-plagued passport? That could happen either due to delayed processing or early deployment. If you have 5+ years left on your current passport you might be better off hanging on to it.

anonymousfeelingsSeptember 18, 2006 10:48 AM

hi
thanx for such a knowledge enhancing article....but was still wondering whether i had logged on to a blog in a spritiual site or a scientific one....!!!!
Sciene wen fiction is much more interesting....i'll anyways try to understand dis technological part too....

LisaSeptember 18, 2006 10:51 AM

From the US passport agency website:

"Previously issued passports that are still valid can be used for travel."

So a pre-RFID passport will be valid until it has to be renewed.

"If the chip fails, the passport remains a valid travel document until its expiration date. The bearer will continue to processed by the port-of-entry officer as if he/she had a passport without a chip."

So if you fry the RFID in one way or another, the passport is still valid. I assume that if you manage to deface the passport in the process, it will be invalidated.

Personally, my passport has three years, and I'm a little worried about trying to renew it and getting a tagged one instead. They don't have a specific rollout date on the website other than Colorado in August and everyone else "by the end of the year".

gregSeptember 18, 2006 10:55 AM

My passport has a thick (1mm+) hard plastic page at the back with a note on the fact that a RFID passport should be treated like anyother electronic device. Its quite inflexable....

It also arrived with a letter describing RFID passports and why they should be a good thing.

jmcohenSeptember 18, 2006 11:09 AM

They keep saying a deactivated passport will still be valid for travel, but I'm not seeing any mention of whether this will require me to jump through extra hoops at the airport. If I fry my passport, does this mean I can look forward to 10 years of "special" treatment at every time I fly?

Fazal MajidSeptember 18, 2006 11:22 AM

I am sure the terrorists are already salivating at the idea of making bombs with RFID triggers that blow up only when an American comes in range.

Erik NSeptember 18, 2006 11:39 AM

Regarding the RFID passport in Europe, from this article:

http://europa.eu.int/idabc/en/document/4792/194

"Since the European Commission adopted a Decision establishing these technical specifications on 28 February 2005, the deadline for Member States to implement the digitised facial image in their passports is 28 August 2006, and the deadline for the inclusion of fingerprints is 28 February 2008."

So, for EU the next cutting date is 28 Feb 2008 to avoid having your fingerprint there too.

Reding on,

"Data stored on the German e-passport chips will be encrypted using the RSA public-key cryptosystem. According to the suppliers, it is estimated that a billion standard PCs operating in parallel would have to keep computing for about a million years if hackers wanted to attempt to access data encrypted with this system simply by trial and error."

They cleverly fail to specify the lenght of the key, AFAIK 2048 bit capable RFID chips have just hit the market. However, I think it is likely they are based on 1024? Secondly, there is no info on how access is controled or keys are managed.

In Germany chips are suplied by Infenion and Phillips, in Scandinavia by Gemplus, according to the article.

Fred F.September 18, 2006 11:39 AM

It may be possible to make a small area denial tool? Maybe a noise generator in the frequencies the RFID works. Make it small enough so that it can be put in between the pages and have a contact sensor so that when it is opened (the passport) it turns on making the reading that much difficult. It would be an active countermeasure to compliment the passive (shielding) measure that is there.

This makes me question why they decided to go half way with the shielding so that any time the passport itself is opened the RFID is exposed. If they go through the trouble of adding shielding why not seggregate the digital from the analog? That is put the shielding around the RFID itself instead of the whole outside of a closed passport so that to read the RFID you have to break the shield. Something like a another flip tab over the RFID so that you open the passport and can look at stamps, pictures, dates, etc but to read the RFID you have to open this other folded cover. Like trifold passport.

Ohhh well, until something bad happens we will have to live with it.

Matt SaylerSeptember 18, 2006 11:46 AM

"I am sure the terrorists are already salivating at the idea of making bombs with RFID triggers that blow up only when an American comes in range."
I can't tell if this is a troll or not..

>KSeptember 18, 2006 12:17 PM

Bureaucratic, myopic authoritarians behaving like bureacratic, myopic authoritarians.

Will this make us more or less safe? If more safe, is the loss of freedom worth it? People get the leadership they deserve, and sheep get slaughtered.

YannSeptember 18, 2006 12:38 PM

Personnally, I don't have an issue with the government reading the info on the chip: after all they are the one who put it there in the first place. The issue I have is who else can read it.

There are bags made to protect picture films againts X-ray, these could probably block the signal.

ArclightSeptember 18, 2006 12:41 PM

A stun gun is probably a better way to disable the RFID chip than the microwave. Think of it as "ESD on steroids."

Works great on faulty components that the vendor won't replace because they work intermittently.

ProhiasSeptember 18, 2006 12:57 PM

Does anyone know what happens (in any of the countries where the chips have already been issued) if the chip is non functional?

yomamaSeptember 18, 2006 1:44 PM

@Bruce: Did you even read the WIRED article about the guy who cloned the german passport? Have you even looked at the ICAO specs? Of course you haven't you're much too busy a man.

You would have me believe that the private key to generate a 3072 bit RSA/DSA digital signature can be cracked in 10 years?

You don't seem to understand that a reader can not access the information on the chip unless someone INPUTS INFORMATION PRINTED ON THE PASSPORT (usually done by just swiping the machine readable OCR section) to set up a key with the passport to diffie-helman a new session key for transmitting the information. The WIRED article about the german cloning of the passport made very clear in a very round about way that you can't access the information on the passport without physically controlling the passport...if you physically controll the passport, what's the point? You could just make a photocopy.

And of course there's the matter of it being a *contactless smart card* not just an RFID. RFIDs spit numbers at you, smartcards, as anyone with a GSM phone should know, hold encryption keys for supporting encryption. Why aren't you punditing about how GSM phones are so rediculously insecure because they use wireless?

The only point I agree on is that the passports need a mechanism to keep them closed, like a button. I plan on using a rubber band as my high tech solution!

Mark AreSeptember 18, 2006 1:51 PM

Paraben's Passport StrongHold Bags use our patent pending design & faraday technology to block wireless signals to protect your personal information from being read by would-be identity thieves or other people who wish to invade your privacy. These bags are perfect for storing anything using RFID chips so no one can steal the information from your chip.

TimeSeptember 18, 2006 2:15 PM

I'm thinking a hammer will be a good solution rather than a microwave at fixing this concern.

Bruce SchneierSeptember 18, 2006 2:23 PM

"You would have me believe that the private key to generate a 3072 bit RSA/DSA digital signature can be cracked in 10 years?"

You're kidding, right?

Lots and lots of RSA/DSA implementations have been broken. None of them have been broken by cracking the underlying cryptography.

A secure system is much, much more than the cryptographic mathematics, and is only as secure as the weakest link. The odds that the RSA/DSA math is the weakest link in this system is pretty low.

Hadi HaririSeptember 18, 2006 2:47 PM

What happens when the US and other countries force you into having RFID passport to enter the country? Sure, they'll say it's valid now, but let's see when it become mainstream.

J.D. AbolinsSeptember 18, 2006 3:39 PM

@Fazal Majid re: devices with RFID triggers that activate only when an American comes in range.

Term or acronym for an IED that responds to a particular type of RFID? RF-IED is already taken for a broader category of RF signal trigger devices. I did come across a reference to "RFID IED" that might be a usable acronym set.

A bit of a discussion about that at http://www.emergentchaos.com/archives/2006/08/...

By the way, it does not have to be a chipped passport that can carry such a possibility. Any RF device that could be used to distinguish a target from a non-target might do. RFIDs unintentionally or intentionally could become "IFF" (Identify Friend or Foe) tokens.

BDSeptember 18, 2006 4:27 PM

>>>"My passport has a thick (1mm+) >>hard plastic page at the back with a >>note on the fact that a RFID passport >>should be treated like anyother >>electronic device. Its quite >>inflexable....

>>It also arrived with a letter describing >>RFID passports and why they should >>be a good thing."

Greg - I am assuming that you are talking about a US passport. At what location did you get your passport renewed at? Did you send it in by mail?

John HenrySeptember 18, 2006 5:00 PM

I do some work with RFID in packaging. Or, as they are sometimes called "Electronic barcodes". They tend to be very sensitive to a lot of different things which is one of their great problems.

I am not an electronics or antenna engineer so I do not know the answer to this but:

It sould seem to me that a clear plastic cover could be made to go just over the front and back covers of the passport. Sort of like a book jacket. The plastic would be conductive but clear. This should prevent reading of the RFID signal no matter how close one gets or how powerful the transmitter/receiver. Since it is clear, any hotel or the like could readily read it visibly. At a border, the cover could be slipped off for it to be read electronically.

I think there are plenty of workarounds to this, though I am glad I just renewed my passport and got a non-electronic version. One less thing to worry about.

On the whole, RFID scares in general remind me of all the hoopla over bar codes when they were first becoming popular 15-20 years ago. "THE MARK OF THE BEAST!!!!" "THE GOV"T WILL MAKE US ALL TATTOO BARCODES ON OUR FOREHEADS!!!" and so on.

Never happened and I think that the privacy problems of RFID are blown out of proportion. Not that there are not some concerns, there are. Just that they are blown up bigger than need be.

Nor am I saying that overstating it is necessarily a bad thing. It may be necessary to get action on the legitimate concerns.

John Henry CPP

Erik V. OlsonSeptember 18, 2006 6:24 PM

I don't know the RFID chips -- haven't played with them. But I suspect that if they were energized while wet, they wouldn't be happy.

If C&I asks, tell 'em you got rained on.

ljlSeptember 18, 2006 6:33 PM

Well, I got a passport holder from http://www.dfirwear.com/, and when I put my RFID badge from work inside, it won't read. Problem is, it doesn't have a zipper to hold it shut like my old one.

I actually planning on starting to make shielded cloth wallets for people who want to protect their chipped credit cards and such from skimming. Trifold, velcro close, with shielding material from http://www.lessemf.com/

I haven't found a good wallet pattern yet - they're all too big, too silly (duct tape??!! Yuck!) or too girly - so I'll probably draft my own. After I've made and tested a few, I'll post the pattern and instructions. Then I'll work on passport cases. I anyone knows any cheap, but high power, readers for testing shielding, let me know...

BwooceSeptember 18, 2006 11:26 PM

I think Bruce is too optimistic. If you follow the parallel case of Machine-Readable passports you'll see that the Visa-Waiver countries were "forced" to machine-readable passports. Actually not forced, just told that you need a real visa (travel to consulate, line up, interview, pay, etc) to enter the US.

The same thing will happen with these passports, although the US may not do it to it's own citizens. If the US and EU require "RFID" then it will be ~impossible to travel anywhere by air without one.

I don't disagree with the raised bar mechanism, but I do find the NZ Govt's approach -- double the price and halve the validity period -- rather unjust. 4x the price for the same purpose...

KristianSeptember 19, 2006 1:24 AM

This is already a lost game for anyone travelling to the US. You won't get a visa or be able to use the visa waiver program unless you have a "machine readable passport", including an RFID chip. There's still a reason to get a new passport right now, though: Most current passports don't contain any biometric information other than a photograph, but this will change soon (in Norway, biometric passports have been temporarily postponed due to privacy concerns).

no hat requiredSeptember 19, 2006 1:36 AM

""You would have me believe that the private key to generate a 3072 bit RSA/DSA digital signature can be cracked in 10 years?"

You're kidding, right?

Lots and lots of RSA/DSA implementations have been broken. None of them have been broken by cracking the underlying cryptography.

A secure system is much, much more than the cryptographic mathematics, and is only as secure as the weakest link. The odds that the RSA/DSA math is the weakest link in this system is pretty low."

So where is the weakest link in this system?

Given that the crypography is carried out in a secure location on a completely closed location and never accessible by the public, it seems unlikely that the generation of the digital certificate is a weak point. Certainly, no-one is going to be able to attack the system that generates the signed data, because they simply don't have access to it.

Given that the data is protected by this cryptography, the chip isn't the weak point since it is just a carrier for the data and its certificate.

You've admitted that the basic mathematics of the cryptography is sound.

So where's the weak point in the system?

How would you (or anyone) attack it?


yasonSeptember 19, 2006 2:25 AM

I don't get the RFID hype anyway. _Why_ does it have to be RFID, what do they think is wrong with a good old smartcard style contact-chip, if it's the eletronic passport that they want?

IVLIANVSSeptember 19, 2006 2:59 AM

Not too late for Switzerland!!! You have until October 26th...

The new RFID Passport costs 250 CHF instead of 120CHF for the old one!!!!

Erik NSeptember 19, 2006 3:06 AM

@no hat:

The weak link - I assume among others - is the random generator.

These chips can generate keys on the card , which is good in that the private key will be well protected unless you tamper the chip, (see http://www.cl.cam.ac.uk/Research/Security/tamper/).

But I am not convinced that the entropy for generating good random numbers is high enough. And as I understand it, a fundamental requirement for the security of the cryptographic keys is good random source.

OK, I don't have documentation for the opposite, my doubt is founded on the limited capacity of the chip.

Since these passports are issued by government and used by government, government may opt for generating keys externally - either to get stronger keys to protect you, or to always have a backdoor - who knows.

MOASeptember 19, 2006 3:56 AM

"...Travel abroad and you'll notice how often you have to show your passport..."

Wouldn't an ID card solve the problem ;-)

Clive RobinsonSeptember 19, 2006 4:11 AM

@no hat

> So where's the weak point in the system?
> How would you (or anyone) attack it?

The first weak point is that the RFID is detectable without a reader and without having to go into any of the reader protocols, so it fails a very basic security problem "token present not present" without the token holders knowledge.

The attack from this, You are a crook and with a 10USD device you identify a victim with a pasport on them. There is a high probability they are a tourist/business person and therefore are likley to have money or other valubales on them so you mug/kill them.

It's plain it's simple and unfortunatly for you as the victim at minimum it will ruin your day if not the whole of your life and those of your nearest and dearest...

A secondary attack which improves on the first is that all the chips have different charecteristics that can again be found without having to have a reader. So now you can identify which country the pasport is from and when it was likley to have been issued. So as a crook or a terrorist you can be selective about your target. The result a higher probability you will become dead.

A third attack I can think off which is currently pure speculation on my part, but a reasonable assumption based on many years working in the high volume electronics manufacturing world wide,

As a chip / passport manufacture how do you check a chip / passport is functioning correctly befor it leves your manufacture/assembly area to the customer (ie Quality Control / Final Test)....

What is the betting there is some quite simple system involved that is only secret by obscurity, and once known will reveal even more information???

Of course now I mention it I suspect a reasurch bod will check it out. If you are such a person please feel free to do it, preferably as soon as possible and get the results out in the public domain as quickly as possible.

All RFID docs from people in favour of them that descuss the security of RFIDs, either never mention that just knowing that they are present (in a persons pocket) is an attack, or they say it has no value.

Remember just about every security system that crooks are interested in has this kind of vulnerability and they nearly always exploit it. When people stop thinking about loss of their personal information and start thinking "is this thing going to get me mugged or killed for my cash/credit cards, then you might start to see real arguments about the security of RFID's in stuff people carry around such as Credit Cards / Passports / National ID cards / etc....

Clive RobinsonSeptember 19, 2006 6:50 AM

@Erik V. Olson

"But I suspect that if they were energized while wet, they wouldn't be happy."

They are a sealed unit so they would not care (apart from the RF absorbtion effects of water).

If you think just how sweaty an unfit tourist climbing up a hill or monument for the view can get you will realise why the RFID chips are sealed against not just water but other potentially corosive chemicals...


@yason

"what do they think is wrong with a good old smartcard style contact-chip"

Appart from human sweat, dead skin cells all kinds of foods with sugar in, static from cheap synthetic cloathing, sand and other abrasive grit from the environment etc, there is the secondary issue of contact wear, and speed of operation.

Usually when you stick a smart card based credit or visa card into a machine you are not to worried by the 1 to 5min (for the older systems) it takes, as you are purchasing an item. You do tend however to notice it one heck of a lot more if you are at the end of a six or seven person que where cash normally takes 10-15 secs ;).

If you look at the average person at a check out it takes them something like 15 seconds of handeling to get the card in and out of the reader, so around 25 secs in a passport que.

RFIDs typicaly take as little as three secs to be read and checked and they just require the person to put their hand out. This means around 5-7 secs of handeling say 10 secs per person. Also as the RFID readers have no moving parts or contacts tend to be a lot lot less maintanence than smart card readers and quite a bit less in price.

Why is the difference between 10 secs and 1 to 5 mins so important. Imagine an International airport where there is an aircraft every 60 secs for 14 hours a day. Each aircraft holds on average 200 passangers. So you get around 170,000 pasangers a day.

Now if the smart card takes 5 mins to process (as some do in some retail outlets due to poor reliability and operator training) and you have 200 passengers arriving every minute at your airport that means you need a thousand machines just to keep up with them...

Now assume that the machines are designed for high wear-n-tear, and that they need to be cleaned by a technician for an hour once a day, and need preventative maintanence for 1 day in 30 (which would be quite good fo this type of system) oh and they have a life expectancy of two years. This means you actually need around 1200 machines plus. Say they cost 2000USD each with the maintanence staff say about 2million USD per year.

Now assume that your passport officer is on 30K USD a year, only works 8 hours five days a week and gets two months off a year (nearly true if you include sickness and holiday for some European Countries). All of which means you need around 3400 passport officers at a minimum cost of around 100Million USD (double or tripple this with other adminastrative costs).

Then there is the floor space required for the machines the operator booth, the waiting lines for the passangers and the fast access paths for security staff. This is a lot of real estate say around 400,000 SqFt. Also the staff and administration need space as well say another 100,000 SqFt. of space.

An RFID reader on the other hand requires no more cleaning than a desk and is usually good for a year on the preventative maintanence and five years on the replacment time it usually costs around 200USD (hand held). As it only takes around 3 secs to read you are only going to need around 10 secs/passenger so 40 readers would do the job. So you only need between 1/5 and 1/25 of the staff, floor space and machines.

To put this in perspective Europes busiest airport is London Heathrow which currently handles around 70million passangers a year (avarage 200,000/day) across four terminals. This is expected to rise to well over 100million with terminal Five and third Runway giving peaks of 350,000/day, more if night time flying is allowed (which the current UK Gov is very keen to do).

Back in 1997 (the only year I can find all the figures for) Heathrow had 720 Immigration officers (about half do passport checking) and around 50million passangers. When you work it out for days worked etc it gives a mean of 30 secs per passport check at London Heathrow assuming no other activities by the passport control officers.

However If you traveled quite a bit (before 9/11) and looked at the passport control que it used to take around 15 secs per passanger on a slow day with experianced well trained passport control officers and mainly business travelers it was often quite a bit less (it's amazing what you notice when you are waiting,waiting waiting ;).

My personal best was to be wizzed by at a slow run speed in a wheel chair in July 2000 for a flight to Sweeden, and I doubt that the officer had time to focus on my outstretched had let alone the passport it contained.

However since 9/11 the time appears to have gone up to around 20 secs for European flights and more for International. Even this is still a lot better than the 25secs-1min required for a smart card.

You can see why the five or ten secs for a low maintanence RFID system that can be operated by somebody with very little training is so desirable to the Airport operators, oh and you the passenger ;)

On top of all of this the system needs to be paid for either out of taxation or by the airport landing fees, either way you as the passenger/taxpay pick up the bill. which do you prefer 10 sec RFID or upto 5min SMart Card it's your money you take the choice...

GregSeptember 19, 2006 6:55 AM

@BD

No a New Zealand passport. Got it in Jan as i need a passport thats current for at least X years to get a residents permit in Austria.

Case in point the passport has not been read by a machine yet.

AnonymousSeptember 19, 2006 7:29 AM

I bet there is or will be technology to direct a focused signal at a person and measure if there is response from an RFID chip, from some hundred yards away.

Will make it pretty easy to aim a gun, camera, or directional microphone at someone carrying an RFID chip. The passport is often carried in a pocket near the heart, so it would be easy to shoot you in the heart.

If there are more chips, because manufacturers put them in clothes and other products, one can measure your whole silhouette, and the relative movements could allow to recognize and record your behaviour and possibly your identity.

Also, those probably unencrypted chips could allow estimating how rich you are, and in connection with supermarket sales records could reveal your identity too. So you enter a building and are either welcome or thrown out, depending on your choice of clothes. And one always knows your name.

Of course the government will operate a network of readers that monitor all chips, shielded or not, as they move through the city. Imagine Hitler, Hussein, Bush or your employer had a database knowing where each and any person is and moves at any time, who meets who etc. Real scary.

ShellySeptember 19, 2006 7:42 AM

not related to the security measures... here's a cool site for making passport photos if you're into Bruce's advise: www.ePassportPhoto.com

Clive RobinsonSeptember 19, 2006 10:47 AM

@Anonymous

"Will make it pretty easy to aim a gun, camera, or directional microphone at someone carrying an RFID chip."

The current batch of RFIDs for passports work at 13.5MHz which has a wavelength of 22meters.

So no you would not realy be able to use it to point a gun at sombody from 100meters and kill them (a certain kill needs to be within 10cm).

With regard to,

"If there are more chips, because manufacturers put them in clothes and other products, one can measure your whole silhouette, and the relative movements could allow to recognize and record your behaviour and possibly your identity. "

Yes it only needs about 10 RFIDs to give positive identification to better than that claimed of DNA (I had the same thought some time ago and did the maths based on a few simple assumptions).

See the postings I made to this blog on February 5, 2005

http://www.schneier.com/blog/archives/2005/02/...

and on Nov 7 2005,

http://www.schneier.com/blog/archives/2005/11/...

DBHSeptember 19, 2006 3:58 PM

Cheap bags here: Transparent too, so you could 'show' a passport without opening it to a scanner.
www.esdproduct.com/metal-in_esd_bags.html

Same thing EZPass uses to keep the tag from reading accidentally. In frequencies of interest, seems to provide about 40dB isolation, or reduction in read distance with any given technology of 100.

RogerSeptember 19, 2006 7:35 PM

@Paul:
> How can I tell if my passport has the chip?

Chipped passports will have a special logo on the front cover, which looks like this:
http://travel.state.gov/images/e_ppt_logo.jpg
This logo will appear at the centre base of the front page, and is metallic gold in colour. Its purpose is to enable border guards to readily identify chipped passports, so that they can quickly distinguish between unchipped passports and those in which the chip has been disabled.

> I have renewed mine in June 2006.

Depends what country you are in. Several countries were already issuing them by them (Thailand, Australia and NZ started in 2005), others have not yet started.

piSeptember 19, 2006 7:54 PM

> Given that the crypography is carried out in a
> secure location on a completely closed
> location and never accessible by the public,

Please correct me, but isn't the passport intendet to be used at border controls?
Have you ever been at a border control where your passport was checked?

> Certainly, no-one is going to be able to attack
> the system that generates the signed data,
> because they simply don't have access to it.

Why should 'they'? The attacker will just fake a passport like he has done before. Then tell the officer that the RFID got broken while on holiday...bad luck...


MRZ...BAC...one second per online-MRZ-guess...all true. Still, we already have a problem in the BAC-protocol:

http://www.prosec.rub.de/docu/epass.pdf

Seems they got the 3DES-Mode wrong, allowing the attacker to brute-force the MRZ using a sniffed clear/cipher-text pair.

After we got the MRZ, we can establish BAC with the RFID and get all the info that we can also read on the passport. -> global traceability.

Consider also: It may already be helpful to test for certain known people in an area. All you need is their MRZ.

ddaSeptember 20, 2006 7:48 AM

I am getting a new passport in France, the "biometric" one that the US insists now on for French citizen – and other citizens from visa-waiver member countries – in order to be reinstated in the visa waiver program. And I need to go to the US soon. It's all good to say get a machine readable passport before the RFID ones become standard, but we fuhreenas are stuck with them anyway, at least if we want to visit your country...

I happen to have one of these old passports where all details were *written down* not typed – I got it in the 21st century, yessir, around 2001/2 – and with one of those I just can't enter the US, even if I asked for a visa – which is a costly and quite invasive procedure; as a self-employed person I should give the following to the consulate:

"A statement on your own letterhead in addition to independent evidence of self-employment, such as a detailed letter from the bank which handles your business account or a letter from your accounting firm. Such letters should specify your company's name, when your account was opened, the recent balance, and your approximate annual turnover."
http://www.amb-usa.fr/consul/niv/procedure/...

So I am stuck with the RFID passport, and its insane rules for the photographs – no glasses, at all, no hair covering the ears [I am bald, zoowie], no smile, etc... The cost is the same as the former machine readable one, 60€, so at least we're not ripped off, and it takes apparently 2 weeks to get it, which is way too long, but what's the alternative?

So I guess I need a better solution to shield the chip – I don't think destructing it would help my case at the border....

oW/VAgeSeptember 20, 2006 8:05 AM

"...although last year I -- mistakenly -- withdrew my objections based on the security measures the State Department was taking."

FACT: Bruce Schneier doesn't make mistakes; he lured the State Department into a false sense of security.

oW/VAgeSeptember 20, 2006 8:10 AM

"...although last year I -- mistakenly -- withdrew my objections based on the security measures the State Department was taking."

FACT: Bruce Schneier doesn't make mistakes; he lured the State Department into a false sense of security.

Dave BellSeptember 20, 2006 12:29 PM

And just how many terrorists have had to enter the USA without a passport issued by a government?

TopazSeptember 20, 2006 12:40 PM

The Problem from a German (EU) perspective is, that in order to travel to the United States without applying for a Visa, a RFID enabled passport is required.

Germany is issuing RFID passports since this spring and I thought about getting one of the last without this chip. But applying for a visa each time I visit the US is just to much hassle. For that reason I applied for a new one now as, for the time being, only the photo and address is stored. In the future it is planned that a fingerprint will also be required.

detroitSeptember 20, 2006 2:55 PM

I called the US Passport Office today. They told me that ALL US passports are now e-passports. There are no old style ones being issued.

ambroseSeptember 21, 2006 12:23 AM

My son has an RFID passport, I just picked it up a couple of days ago.

It's pretty obvious where the chip is, because there are a bunch of pages stuck together in the middle, marked "DO NOT STAMP THIS PAGE/NE PAS TAMPONNER CETTE PAGE".

So, we know where it is, and we know it's vulnerable. So, as others have said, there will be quite a few which break, which means people will make forged ones and just advise the buyers to say "I accidentally ran it over with my suitcase". You could also take your chip out and play with it, try to hack it, and just report your passport lost, stolen, burnt.

no hat requiredSeptember 21, 2006 9:48 PM

"Please correct me, but isn't the passport intendet to be used at border controls?
Have you ever been at a border control where your passport was checked?"

Yes I have. And at that border, they extract the information on the chip and check the validity of that digitally-signed information with the keys held on their system. No processing is carried out on the chip. The cryptography is generated on a secure system. It is verified on a secure system.

You could replace the whole passport chip with a stack of laser-printed text and scan it in with an flatbed scanner and OCR it in at the border and there would still be no security risk of data tampering.

"Why should 'they'? The attacker will just fake a passport like he has done before. Then tell the officer that the RFID got broken while on holiday...bad luck..."

And then the passport holder is processed in eactly the same way that millions of travellers are processed each day right now. With the added benefit of the extra scrutiny of the immigration officer because of the broken chip. And fake passports do not withstand this extra scrutiny.


"Seems they got the 3DES-Mode wrong, allowing the attacker to brute-force the MRZ using a sniffed clear/cipher-text pair."

Spot the magic word in this sentence? They cracked it because they sniffed a passport that was being read by an authorised reader. That is, a reader where the holder has voluntarily offered it up for reading. Where is such a transation going to happen in real life? At a border control point. I think most immigration officials would notice someone standing around with a large antenna (necessary to beat the 10cm reading distance) in an immigration booth.

BryanSeptember 22, 2006 9:32 AM

Too late for Texas. All Texas Drivers licenses will be chipped in 2007. I renewed mine yesterday. Earlier there was a comment about ICAO standards. I am an airline pilot. We are regulated by the FAA. This has always been the gold standard. Earlier this year we were required to have an addition added to our license....to meet ICAO standards. What? Interesting thought about the big picture. Google search "security prosperity partnership 2005". Scary stuff.

PetrSeptember 22, 2006 4:38 PM

a mate of mine just got a passport with a rfid "element" in it. The object in question is a chip with a coppet thread for an antena, evidenty the power of the radiowaves output from the "evil detector" acts as as enough of a power source for the chip\transmiter to spread your precious persoal data to the waiting terrorist.

hummm dissabling it posses quite an interesting problem for a amateur tekie like me. its on the back of the photo card so any heat (generated by microwaving or application of a soldering iron to the chip in question) will show through on the bit that the under paid arse in a blue uniform looks at.

i recon in my finite wisdom... hitting it with a block of wood hard enough to mess up the chip (or get two fine tipped pinns stick them across the terminals of the chip and apply any greater than about 6 volts)


petr ...RATM

DarioSeptember 24, 2006 1:59 PM

If the problem with RFID devices on passports is the possibility to read the information contained in the card at a distance, without the awareness of the passport holder, then, why not include some sort of "switch" that has to be activated/pressed for the RFID chip to work? The chip will only work if the holder is pressing at some part of the passport...

ddaSeptember 25, 2006 6:31 AM

More about the RFID passport in France: I went last week to give all the required documents, and was fingerprinted – left index finger only. This makes it the second country to have my fingerprints on file [South Korea has *three* sets of them, as all residents are fingerprinted in full when applying for a resident card].

RyanSeptember 25, 2006 6:59 PM

Adding technology to passports will always introduce vulnerabilities. The biggest problem with RFID is the fact that it can be read at a distance. I see no need to use RFID to store information, as all of this information required could be stored in a series of databases for each locality.
If the requirement is to keep the data WITH the passport, I can imagine many other ways to do so without adding the insecurity of radio frequencies.
I therefore suspect that this is part of a 'creep effect' acceptance of RFID and that there are further plans for it once everyone accepts it (i.e. surveillance of citizens combined with data mining).

mdsSeptember 26, 2006 9:18 AM

"I called the US Passport Office today. They told me that ALL US passports are now e-passports. There are no old style ones being issued."
--detroit

Indeed. From the Federal Register, 10/25/2005:

"By October 2006, all U.S. passports, with the exception of a small number of emergency passports issued by U.S. embassies or consulates, will contain RFID tags."

So given that even expedited passport renewals can take ~2 weeks, it is already too late.

BDSeptember 27, 2006 2:39 PM

MDS-

I called the US Passport Office several times and I was told that the e-passports are only being issued in Colorado for now. I took Bruce's advice from his article and renewed my passport. It came back as a non-RFID passport.

Thanks for the advice Bruce.

MeestoSeptember 30, 2006 1:00 PM

Is there a way to sniff out RFID chips? I am curious what else that I carry might have them without my knowledge.

AnonymousOctober 8, 2006 10:26 AM

Well, let's see now, hummmm, I've come across a site where people are afraid of letting others know who they are? Yes, it must be a group of illegals, or better yet, a group of terrorists that cannot afford to let their identity be known, or they won't be able to destroy the universe!
What, my friends, have you done wrong? If the answer is nothing, then what the hell is your problem?? An RFID doesn't take any identity away from you, it only HELPS our country identify possibly those who want to hurt us or our fellow countrymen.
Take a chill pill!

detroitOctober 10, 2006 12:53 PM

Well, a friend of mine got a new US passport yesterday. With no chip!! So I am taking the gamble and renewing mine today.. expires in less than a year anyway.

AnonymousOctober 13, 2006 6:42 AM

Anyone got any ideas.....I needed a new passport as mine was dog-eared (but still seems OK for getting in and out of UK - I told them I'd lost it)......used the fast track process two weeks ago (but because of the strike have yet to receive my new passport and keep getting shunted around the passport service)...I have kept the old one (naughty I know but I have no faith in bureaucracy)...so it has probably been cancelled by now.....do you think it's worth trying to use it if the new one doesn't turn up? (I have spent about 30 hours chasing the passport service on this and all they will say is that they are "overloaded")

thanks

J. BernOctober 15, 2006 3:58 PM

> The San Jose Mercury News published a rebuttal. Kind of lame, I think.

Plain lying, I'd say. Unless the U.S. have taken BAC considerably beyond the ICAO specs, *mutual* auth isn't going to happen before the advent of *E*AC.

I could probably go on with the other pet peeves of mine in the ePassport arena, from "what good does a proven cryptalgorithm do when BAC limits your auth key to the entropy of the MRZ, which is 56 bits at best and not much of a secret in the first place" to "what's the reason to use radio signals instead of better-to-shield and easily-spotted-by-human-eyes visible light (LEDs and phototransistors) again", but I've pretty much lost faith into the theory that anyone who matters might be listening. :-C

Tom M.October 16, 2006 3:40 PM

I both read the article by Mr. Schneier on Sept. 18th. I applied by mail for a renewed passport on the same day. First I went to the local post office to renew my passport, but they charged a higher fee than the State Department charges for the by-mail renewal. The new passport arrived by mail on Oct. 14th without the RFID chip.

Subrata SircarOctober 16, 2006 7:45 PM

Huh. The one piece of this that I agree with is that the security measures on the passports have to last at least ten years, since upgrading an "installed base" is very difficult.

BTW, people who want a specific document aren't going to go to high-tech lengths. Why crack the passport when it's easier and cheaper to crack the person carrying it?

Harvesting data is probably the most likely downside, and that's going to be a problem. Anyone have a guess as to how easy it will be to build a "duly authorized government computer" that can read the passport from two yards away ... like, say, under the floor of the hotel desk?

Subrata SircarOctober 16, 2006 7:46 PM

Oh, and btw, my passport's good for seven more years. I feel fairly comfortable waiting and seeing what happens.

Jamie HardtOctober 23, 2006 5:39 PM

Would it be possible to disable an RFID passport by running it thru a degausser, like we use to erase videocassettes? The microwave idea doesn't seem like a good one, but there must be some way to put enough energy through the chip to render it safe without starting a fire.

Real names aren't requiredOctober 25, 2006 11:11 AM

This RFID thing sounds inevitable, so why bother with the early renewal... it's gonna happen anyway.

Bruce SchneierOctober 25, 2006 11:50 AM

"This RFID thing sounds inevitable, so why bother with the early renewal... it's gonna happen anyway."

The point of renewing early was to renew before the RFID chips became standard.

NewyorkstateofmindOctober 25, 2006 3:39 PM

This thread is specifically addressed to Rebecca (10/17/2006), or anyone else interested in the current likelihood of being able to get a US Passport without RFID encryption, i.e., an old-fashioned passport: I just renewed my US Passport via the expedited process--you have to pay to the State Dept. $127 for this, $67 + $60--by which you are essentially guaranteed--note the caveat essentially--we are dealing with the Govt. now remember--a two-week delivery timeframe for your renewal. Only the Colorado issuing branch of US Passports is currently issuing RFID-enabled passports, to the best of my knowledge--which believe me is limited, but is based on a conversation with a phone rep at the State Dept. National Passport Center phone line. I can say only that I will get in the next few days my Passport with the old technology--although there is not a guarantee of course, and certainly don't try to make a formal request for such a passport on the State Dept Website--in their FAQ's they not surprisingly confirm for you that no requests for the old techonoly will be granted; only acting now to get one before all their offices convert to the RFID technology will get you a "paper-only" passport. My best bet for getting the old-style passport is my having ordered it by expedited processing on 10/19. It appears that the State Dept intends on having all US Passports issued with RFID-encryption by the end of 2006. So if you move now, you may just be able to squeak out getting a "paper-only" passport. Go to any US Post Office facility, get their forms for expedited processing of your passport application, having ideally filled out the initial forms online (go to the travel.state.gov website, and follow the links to renew your passport). Pay the Post Office $28 for express mailing both ways--FYI, online alternatives to the Post Office for doing this will cost a lot more money, and from what I can tell, delay your processing. Also FYI, you don't need to have a reason on your passport renewal form to renew early; you don't even need to say you are planning a trip somewhere. Just get it renewed now if you want a shot at avoiding the RFID Brave New World.

NewyorkstateofmindOctober 27, 2006 12:38 AM

Update to yesterday's post: Received in the mail today my new passport (via expedited processing), total renewal time 7 days, having express mailed my old passport last Thursday. My new passport was not RFID enabled, and in terms of appearance looks very much like the one I have had for the last 8 years, except that on the photo page my photo has been digitally embedded in the paper, replacing the old system by which the photo sent in with the passport application is actually affixed to the paper, this a seemingly worthwhile change as it should reduce the possibility of someone fraudalently swapping out photos on the photo page. So for those of you who are still interested in getting your passports renewed without RFID technology, there is still some window of time to do so.

RebeccaOctober 30, 2006 12:33 AM

Thanks for the info. I'm glad everything worked out for you. I had already sent in my passport for renewal (non-expedited) prior to your 10/25 post, and according to the tracking info the passoport office received it on 10/26/06. So I guess I'll find out in a couple of weeks if I was in time or not. I'll post again when I get the new passport.

NewyorkstateofmindOctober 30, 2006 2:00 PM

For anyone interested in checking the status of US Passport applications (Rebecca, etc.), I found the best sources were online (travel.state.gov) through one of the renewal links (shows if application is processing o.k., and eventually that in final stages of processing). Also, the National Passport Center toll-free phone number enables you to possibly get more specific info. on a particular application. I just woudn't mention your name and application in connection with the RFID technology. Also, you can call that number anonymously, and they might be able to tell you if any processing centers other than Denver are currently issuing RFID passports.

J.SmytheNovember 1, 2006 2:25 AM

My old passport was due to expire mid-October anyway, so I mailed in the renewal at the end of September after reading a couple of unsettling articles about the RFID chip. I requested regular handling and paid the standard renewal fee, no expedited fees and no express delivery. I just received my new passport today from Portsmouth, New Hampshire, no chip. I guess I just slipped in under the wire.

jjNovember 1, 2006 6:25 PM

I sent a mail in renewal with expedited service on 10/23, and just received the passport today. And got no chip. Mine also came from New Hampshire.

Incidently I was hoping to use the old one if the new had a chip, but the woman at state's toll free number explained that the old one is invalidated, even if you report it lost or stolen. The original also returned with two holes punched in the front.

Please post if you do get a chip and the process that led to it so that people know to renew or wait out the last few years of their passport.

NewyorkstateofmindNovember 2, 2006 9:09 AM

Congrats to J. Smythe and JJ for getting chip-free passports before the RFID regime takes hold of all new passports. We'll have to change the singular New Hampshire motto from "Live free or die," to "Live RFID-free or cry."

phreddNovember 3, 2006 5:19 PM

Just got my passport today. Old one was expiring in January and I had been aware of the coming of the chips, so I hoped to get in under the wire. I did, thankfully. Also came from NH.

RebeccaNovember 21, 2006 11:07 PM

Follow up on my 10/30/06 post -- I just received my renewed passport today and it had no RFID chip! My passport also came from Portsmouth, New Hampshire.

The passport office had received my renewal application on 10/26/06 and I had requested the standard (non-expedited) processing.

By the way, my old passport was returned with two holes punched in the front, and one of the two passport pictures that I had sent with the renewal application was also returned. The photo on the new passport is digitally printed on the paper instead of being attached via lamination (as on my old passport).

NewyorkstateofmindNovember 24, 2006 12:27 PM

Good to see Rebecca got her passport sans RFID technology. Maybe it will be even into next year before the Feds can rework all their passport processing facilities to spit out only chipped passports.

KNovember 27, 2006 3:31 PM

Sent my passport in at a post office passport branch using express mail (~$15 each way), expedited ($67+60) on Friday Nov 17th. I was able to use the "renew a recent passport by mail" option, which sent it to the Philadelphia office. Got it back by Nov 25th, no RFID. Consider that this included two days off for all government offices, and truly I have a reason for Thanksgiving!

jcauchyNovember 28, 2006 1:00 AM

2 adult passport renewals (with expedite fee) were FedEx'd from No/Cal to the DE address on the app. They were returned from NH without RFID, received 3rd week 11/06. Two kids passport apps (also with expedite fee, actually one renewal which is treated as a new app) were sent out from the USPS in No/Cal and returned from San Francisco with RFID, received 11/27/06. Earlier poster said they located the chip in some pages marked "do not stamp". No such format here, still trying to locate chip, possibly under inside back or inside front cover. The pages themselves have landscape images with quotes from famous Americans and the Declaration of Independence.

hammockDecember 1, 2006 1:23 AM

applied for passport at PO 11-10-06.
received passport 11-29-06 - no RFID
Thanks for the tip!

HammockDecember 1, 2006 1:40 PM

oops! forgot to mention it was the San Francisco office. I didn't expedite it. Must have lucked out.

European expatDecember 7, 2006 2:16 PM

Issued end of November 2006 without RFID. No markings as to origin. When did US passports start using Spanish legends? My passport from 1997 was only in French and English.

Cheers,

Expat

J.SmytheDecember 16, 2006 3:38 AM

Addendum to my earlier posting: I also requested a larger 48-page passport with my renewal application. It obviously didn't slow the processing down, and I figure it can't hurt. I'm going to have this passport for 10 years, and I am suspicious of what might happen if I had to send it in during that time to have extra pages added. Food for thought.

NewyorkstateofmindDecember 17, 2006 12:29 PM

Smart move J. Smythe. Good information for those who may still be able to get a passport from non-RFID issuing offices. I don't travel overseas much at this point. But were this to change, I did notice on this renewal much more so than ever before how relatively few pages are in a standard passport. And now that one (as of sometime next month) will have to show a passport simply to travel back and forth from Canada or Mexico, if the showing also involves getting stamped as well...then of course we'd all end up with passport renewal requests yet again in the next several years. Anyone know if the Canada/Mexico passport checks are going to involve the stamping of passports? not just the presenting of them.

bobDecember 19, 2006 6:48 PM

Just got two passports, from the New Orleans office, without RFID as far as I can tell - at least there's no "e-Passport" logo, no "Do Not Stamp" pages, and no other apparent thickness that could be a chip. Applications went out from a suburban Atlanta address about 7 November.

andrewJanuary 4, 2007 11:24 PM

My non-expedited renewal application was received at the Philadelphia, PA address 2006-11-17; my new passport was issued 2006-12-23 and mailed from Portsmouth, NH. No RFID.

trollJanuary 8, 2007 1:51 PM

the best way to shield your chips is with an egg and two slices of bread and butter

WHHGJanuary 13, 2007 5:58 PM

This is January 13, 2007. I have just received a new USA passport with 10 year validity and there is no sign of a chip anywhere. Lots of embossed holograms, but no chip. Location is near Philadelphia, PA, USA.

WHHGJanuary 13, 2007 6:01 PM

Just received a new US passport on Jan. 13, 2007, no sign of a chip, plenty of holograms on the main page.

Jobless in PittsburghJanuary 21, 2007 12:39 PM

Received my new U.S. passport in Pennsylvania on 19 January 2007, from 31 Rochester Avenue, Portsmouth, NH 03801-2900. My previous passport had expired in November 2004. I requested expedited processing and sent the application, 2 new photos, old passport, and check for $127.00 to National Passport Processing, PO Box 13349, Philadelphia PA 19101-3349, by U.S. Priority Mail on 5 January 2007. Thus, an exactly 2-week turnaround. There is no Electronic Passport logo on the front cover, nor is there any normal-size RFID chip-plus-antenna embedded in any of the pages--the pages are translucent and reveal a watermark of an eagle with open beak and raised wings, standing on a US flag and clutching arrows and olive branch, when backlit. The inside back cover does carry a white strip near the bottom with 11 5-stripe barcodes, each separated by whitespace. The white strip is approximately 0.77 cm tall by 5.88 cm wide. This strip has a slight "3D" feel to it when I run my finger over it: something in or under the strip has perceptible and variable depth. The bar code stripes are "ragged," not cleanly printed. A 4800-dpi scan reveals randomly oriented red and blue fibers in the white strip. A 9-digit number printed in black, directly on the inside back cover, appears below the barcode strip. There seems to be no simple correspondence between the bar codes and the printed digits. A number of small, (approximately 2 mm), semitransparent, highly variably reflective, regular hexagonal "tiles" are scattered on both front and back covers near the sewn binding: 7 on the front inside cover and 4 on the back inside cover. When scanned, these tiles do not show any recognizable detail. They look similar to the "holograms" that Microsoft, for example, has used for denoting "genuineness" in the past. As WHHG noted, there are also clearly recognizable "holograms" in the plastic lamination over the front page. Careful separation of the cover layers near their edges does not reveal any metallic layer.

JSmytheJanuary 23, 2007 3:21 PM

Jobless in Pittsburgh: I think you can safely assume your passport does not have an RFID chip. Mind the peeling back of the cover, though. Mutilated passports can be deemed invalid, and then you'd be in the soup.

NewyorkstateofmindJanuary 24, 2007 12:19 AM

JSmythe is right on re Pittsburgh Jobless passport situation. Definitely sounds as if no RFID. The Barcode technology you reference, PJ, has been around for awhile; it's embedded in my 1988 passport on the last page just as you describe it.

eduardoFebruary 5, 2007 12:45 PM

I apply for a passport 5 months ago, and no one has contact me about something being wrong with my application, there information center only tells me IT'S IN PROCESS, but that i know. what sould i do ?

ChrisFebruary 6, 2007 6:59 PM

Just recieved my renewed passport today and does not have RFID chip. I wonder if they are doing that with the new passports for now, and eventually will begin doing it to the renewed passports.

NewyorkstateofmindFebruary 16, 2007 11:22 PM

Re Chris Feb 6

Some Passport offices are still not on board yet with the RFID campaign (good news, I must say), while others have been "chipping" since last fall. This is all reminds of a rollout of a new product line by a tech or cell phone or other company with "new product lines" coming out every other month: The latest "rollout" is advertised months in advance, yet sometimes takes many additional months to finally hit the shelves. This is one rollout I'd like to see delayed indefinitely.

kellyMarch 5, 2007 10:38 PM

I submitted my passport renewal application exactly two weeks ago and requested expedited service. New passport arrived today; there is no e-passport/RFID chip logo on the front cover, and I can't locate a chip in the passport (based on my highly scientific method of bending the cover in fifty directions).
Questions: is my passport definitely chip-free if the front logo is missing (what's to stop our dear gov't from omitting the logo but still embedding the chip?)?
I also found it extremely odd that two photos were required with the application, but one photo was returned to me (stapled inside my previous, now-cancelled passport). Anyone know what's up with that?

FYI, I am in Northern California.

AdnanMarch 7, 2007 12:40 AM

my british passport expired in 2003, kindly tell me the procedure for renewing it.
FYI : i am living in Pakistan.

coasterman00March 8, 2007 8:28 PM

I submitted my passport renewal around the end of January and received it today with no RFID! Woo!

pleasenochipMarch 8, 2007 11:43 PM

I am waiting to get my passport. I sent it expedited to the Philadelphia office on February 20th. I checked the status and the passport is on its way back to me. I will let you know if it is chipped or not. Fingers crossed!

AnonymousMarch 13, 2007 12:34 AM

Good to hear from several of you that even well into March now no-chip passports are being issued. Just to recap the framework for how the chipping regime appears to be proceeding: btw, I have no inside information; only what I've gleaned from multiple calls last year to the National Passport Center toll-free number (see one of my Fall 2006 posts above). In any case, offices around the country renew passports, to some extent coordinated geographically with where the passport holder lives, and where the renewal is mailed to. Some of these offices as recently as late last summer were chipping some of their passport renewals. At this point, months later, there are still offices that are not chipping some--and possibly not any--of their renewals.

Reading through the posts above of where people have renewed, and whether their renewals have been chipped, seems as scientific a method as any in deciding on where to try to arrange a renewal, given our limited information on this, absent an inside contact.

RE Kelly's comment from March 5:
I do believe you can say definitively that your passport is not chipped. The Feds, a la Big Brother in 1984, don't need to engage in subterfuge to impose their abusive agendas. They simply use doublespeak and "favorable legislation" which they've arranged through Congress, or regulatory rulings when they feel the need to bypass Congress, to do what they can then tell us in "our best interest" anyway. There has certainly been no meaningful public backlash about passport chipping. It wouldn't surprise me if 80% or more of the public is unaware of it, and of those who are aware, maybe 5 to 10% of that cohort has real concerns about it. I'd love to see data that my surmise on this is wrong, because then it would mean the US public is less soporific than I thought.

Bottom Line: the Feds don't need to lie about chipping. Americans are largely yawning about what they either don't know about, or care even less about. Your passport is unchipped, based on what you've described.

As for the two photos, I imagine the Feds are stapling a new photo to the old Passport to provide yet one more assurance that someone won't try to use an old passport in place of the new one. My passport renewal last fall also came with one of my new photos stapled to my old passport. Of course one could just rip out the new photo. It's held in place only by a staple. I'm just thankful that the new passport I will have to use is indeed chip-free.

Clive RobinsonMarch 13, 2007 1:42 PM

@Anonymous,

"I imagine the Feds are stapling a new photo to the old Passport to provide yet one more assurance that someone won't try to use an old passport in place of the new one."

Could be a simpler explination for the photo stapled to the old passport.

For instance an inbound person gets the form the old passport and two photos. They check the photos are identical and attaches one to the form and one two the old passport (to stop the pesky little things going missing). A staple is probably the easiest way to do this quickly and reliably for the old passport.

I suspect that they (or somebody further down the chain) would also compare the old photo with the new to see if they where recognisably the same person. Then if they have doubts that they are of the same person then they can pass the old passport up the chain to somebody else as the photo is not going to slip out.

They don't need to send the form and other photo(it will just pile up on their desk with the other orphaned applications) as the old pasport info will be sufficient to track the new application.

If on the other hand all things are well then they issue you a new passport and post your new and old passports back to you, do they care about taking out a staple, only if it is going to slow down their time...

I could well be wrong but sometimes Occams razor / lex parsimoniae does apply to a Bureaucratic monolith / nightmare such as a passport agency.

kelMarch 16, 2007 6:45 PM

Imho, the reason they require 2 photos is so there's a "spare" in case something goes wrong in putting the passport together; I have no idea if this is really the case. My spouse and I recently renewed our passports (received last week), and our old passports came back with the spare photo attached and 2 holes punched in the back cover. Also, no RFID chip; ours were sent to the renewal address in Philadelphia and processed out of Portsmouth, NH. We sent in new passport apps for our kids in Oct. 2006; those also came back with no RFID chip and were processed in Charleston, SC. From what I understand, the NH and SC processing centers are handling the "overflow" of apps. They probably are just so busy processing requests they haven't yet been able to switch over to the new technology; this could be true of other passport agencies as well. We live in MT, so I'm kind of surprised our apps would be processed so far afield, but I'm glad we (so far) missed out on the RFID chip.

naveedMarch 21, 2007 3:12 AM

my british passport has been expired in 1958.please kindly tell me the procedure for renewing the passport.i am from pakistan(peshawar)

jonbonApril 1, 2007 8:31 PM

I am Living as a permanent resident in Colorado, originally from England! I want to visit My Family in England! but My British passport has Expired! in March 2007! Could You help Me to find out how to get My British passport renewed while in Colorado please! URGENT!!!

Thanks: Jonbon!

Bruce SchneierApril 2, 2007 9:26 AM

"I am Living as a permanent resident in Colorado, originally from England! I want to visit My Family in England! but My British passport has Expired! in March 2007! Could You help Me to find out how to get My British passport renewed while in Colorado please! URGENT!!!"

I'm just taking a guess here, but maybe you should contact your embassy.

JSmytheMay 20, 2007 8:03 AM

I just read a report that even with expedited service, it can take up to 3 weeks to get a passport these days. Even at the passport processing offices it can take the better part of a day, and that's assuming there are no complications. I am VERY glad I went ahead and renewed my passport last fall, even though I had no immediate plans to travel.

Worried weaselAugust 6, 2007 7:00 PM

I just had my passport renewed because I will be visiting US and did not want their paranoia to hold me up while travelling with a non-chipped, though still viable one. Now I have read the blog I wish I had kept the old one which would still have been legal. I only found this site when curious after I received the chip and antenna passport and wondered when did Uk residents agree to being tracked like homing pigeons? Surely the antenna has this potential in the future if not now. If I live in a house that cannot receive mobile phone signals so will it also block the antenna? I don't get up to mischief but I hate the big brother aspect.

craven moreheadSeptember 4, 2007 1:09 AM

There's way too much concern about these RFID chips. Not enough information is stored on the chip to be concerned about - only a digital picture, date and place of birth, dates of validity, and office that produced the passport.

People, your credit report, that gets probed by multiple companies wanting to issue you a pre-approved credit card, reveals more identity information than a passport chip. Every time you receive a pre-approved credit card applications, your credit report was probed. Check your credit report and you'll be astonished at how many times your financial information is accessed.

"Opting out" is the only way to stop these credit probes. When did you "opt-in" - whenever you applied for credit.

Furthermore, passport RFID tracking is limited to the scanner location just like the old bar code scan system - they aren't transponders that can be interogated at long range. RFID chips simply verify digitally the information displayed on the information page of your passport - another layer of a security - just like the watermarks and holograms used on your passport.

Ranjeet KheraNovember 13, 2007 3:36 AM

Am I able to take my son's completed british passport form/documents to the British Embassy for renewal on his behalf?

minnesotadonFebruary 11, 2008 9:12 AM

If you're REALLY worried about RFID, just make up a little envelope out of aluminum foil and keep the passport in it. Then the passport can only be accessed electronically when you take it out of the envelope to go through customs.

Eric DallimoreApril 10, 2008 11:14 AM

I've seen friends going to the extreme to "destroy" the chip inside their passports. One has taken a hard metal object and crushed every inch of the passport in hopes of destroying the chip. Another, soaked it in water. I have no idea if either works, but I like their enthusiasm.

Eric DallimoreApril 10, 2008 11:14 AM

I've seen friends going to the extreme to "destroy" the chip inside their passports. One has taken a hard metal object and crushed every inch of the passport in hopes of destroying the chip. Another, soaked it in water. I have no idea if either works, but I like their enthusiasm.

AVTProApril 29, 2008 1:37 PM

Is there anyway to still get a passport that is not RFID. Else I'm can't leave the country without one?

GiuseppeMay 17, 2008 7:07 PM

Are there any security concerns about using a service like www.ePassportPhoto.com?

I'm referring to their warehousing photos, not the "usual" issues with secure payment processing.

ShleyJuly 17, 2008 5:41 AM

The whole concept of this chip terrifies me. It really does. I feel like I'm being invaded and forced into something that I'm not at all comfortable with. There has to be something that can be done. Aren't our rights being seriously violated here?? So considering this was posted in 2006, and it's now 2008, and I have no passport currently. That means that if I ever want to leave this terrible corrupt country, they will still be keeping track of me via this DAMN chip! I don't know where I would go anyway, I feel like it's not safe anywhere....I'm disgusted

Jean Philippe Jude MednarAugust 14, 2009 10:53 AM

Sirs,Madams,
I'm Haitian.I live in Ecuador.could your Company please help me get a French Passport?
if yes,what is your Payment methods please?

Leave a comment

Allowed HTML: <a href="URL"> • <em> <cite> <i> • <strong> <b> • <sub> <sup> • <ul> <ol> <li> • <blockquote> <pre>

Photo of Bruce Schneier by Per Ervland.

Schneier on Security is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc..