With all members of the European Union required to comply by this month (Aug 2006), several countries are issuing ICAO-standard electronic passports. Other countries outside of the EU, including the United States and many of its trading partners, are participating as well, although possibly at a slightly later date.
As such, there's an increasing interest in protecting these RFID-enabled e-passports, as well as contactless "smartcard" payment cards, from eavesdropping and other security concerns. To that end, a number of solutions have been devised. Most of them work on the principle of the Faraday Cage, which shields cards from unauthorized readers.
But, Marisa Torrieri of Contactless News asks, is the eavesdropping threat real? She paints a spy-vs-spy scenario whereby someone intercepts RFID data from a government worker's access card, then has the ability to "replay" the information to gain access somewhere.
It's done with an undertone of amusement, but she then quotes Walt Augustinowicz, founder of Identity Stronghold, who calls this the "leech- and- ghost theory" and says that it is possible. Of course, his company makes protective sleeves for smartcards, joining the growing number of manufacturers who do.
I'm not going to weigh in whether I believe it or not. My science-related background says it's possible. But my common sense suggests that no RFID chip manufacturer nor smartcard maker worth their salt would go to market with such a serious flaw - especially not for passports.
Then again, hundreds if not thousands of consumer products are released for use with shortcomings, sometimes creating an aftermarket. And like some aftermarket accessories, you just feel safer/ better using it.
--
Did you enjoy this post?
« VDC: Increasing Market For RFID Transponders | Main | Gen2 RFID Chip Market Heating Up »