« Roadmap for SMB... | Main | Norwegian ePassports... »

U.S. ePassport Rule Passed

Filed in archive Tags and Readers by Anita Campbell on October 26, 2005

The latest big RFID news here in the U.S. this week concerns ePassports.

The United States Department of State yesterday issued final rules for RFID-chipped passports.

A proposed rule had been published in February 2005. What we saw between then and now is democracy in action. The State Department received 2,335 comments to the initial proposal, over 98% of which were negative.

The State Department's initial reaction to this response was not as smooth as we might expect, calling concerns "poppycock."

However, the comments indeed had an impact. After the comments, the State Department changed the technology it plans to use:

"...[T]he Department, in cooperation with the GPO, will include an anti-skimming material in the front cover and spine of the electronic passport that will mitigate the threat of skimming from distances beyond the ten centimeters prescribed by the ISO 14443 technology, as long as the passport book is closed or nearly closed.

The Department will also implement Basic access control (BAC) to
mitigate further any potential threat of skimming or eavesdropping. BAC recently has been adopted as a best practice by the ICAO New Technologies Working Group and will soon be formally added to the ICAO specifications. BAC utilizes a form of Personal Identification Number (PIN) that must be physically read in order to unlock the data on the chip. In this case, the PIN will be derived from the printed characters from the second line of data on the Machine-Readable Zone that is visibly printed on the passport data page. The BAC also results in the communication between the chip and the reader being encrypted, providing further protection."

Originally I read the rule to say that the data would be encrypted, but technically that is not the case. Rather, it is the "communication session" that is encrypted, due to the use of a PIN key.

The new ePassports become effective one year from now, in October 2006. Between now and then a pilot program will be rolled out in which diplomats will use the new ePassports, to determine how well the program works in practice.

Permalink: U.S. ePassport Rule Passed
Tags: RFID passport rfid rule technology epassport+rule rule+passed social+networking

Trackback: http://www.creative-weblogging.com/cgi-bin/mt-tb.pl/10597

Related Entries:

Fear of a Wireless Passport - 17 July 2006

RFID Passports are Here... But Hello Kitty Will Protect You! - 14 August 2006

How to Nuke an RFID Passport - 17 September 2006

Got an e-Passport? Grab a Hammer! - 27 December 2006

Vote for U.S. ePassport Rule Passed:

Currently 7.00/10
1
2
3
4
5
6
7
8
9
10

Rating: 7.0 out of 7 vote(s) cast.

Add your response to U.S. ePassport Rule Passed: Response from: Der Haken ... your post seems to answer my questions on 'remote scanning' possibilities. Do I get it right: There will be some sort of 'stealth coating' preventing the chip from being pinged or scanned remotely? Response from: Anita Campbell Yes, as I understand it, there will be a metal (foil perhaps?) lining in the passport cover. As long as the passport is closed, that material should prevent the RFID radio waves from being scanned remotely. For the few moments while the passport is open and being read by immigration / customs officials, the anti-skimming material would not help, of course. In that situation the Basic Access Code prevents eavesdropping devices from picking up any useful information. So it is really two different types of security measures being employed.
Name: *	Email: (will never be shown)*	URL:

(* marked fields are required)
Notify me if more comments appear?	Subscribe to The RFID Weblog newsletter? (Newsletters are sent out weekly).	Remember me
Security Code: * (Please help us to sort out spam.)

Please enter your comment here: (Sorry, no HTML is allowed - URLs will be made clickable automatically if you add http:// to your URL.)


We welcome your comments, however all comments are moderated. Offensive or off-topic comments will be deleted and not displayed.

CW Toolbar
RSS	\| See all blog subscribe options
Google	\| What is RSS?
Yahoo!
Addthis
Bloglines
Newsletter

Advertisement - Book yours here.

Check out our Sponsored Blogs!
The Mobile Technology Weblog

Advertisement -
Book yours here..

Contributors (Last 90 days)
Gautam Chhabra (37)
Creative Weblogging (1)
This site has 1055 entries and is powered by Creative Weblogging since February 2004.
Do you want to start or edit an existing blog for us and get paid? More info.
Do you want to advertise on this blog? We have great ideas!
Do you have tips for us? Send them!

Discover The RFID Weblog on your cell phone! Simply type the URL of your favorite blog in your mobile browser.

Advertise with us
Learn more about our advertising options, visit our shop or give Sonja a call at +1 (650) 331 8047.
NEW you can also chat with us.

Buy cheap phone cards
Electronics & Electrical Manufacturers
Adding Value to your RFID and Sensor Data Webcast, August 22nd - Register Now!
Would you like to have a new interactive marketing channel for your company? Learn more about Sponsored Blogs with Creative Weblogging. See how we helped istockphoto.com and others.
Do you have a blog with more than 50k page views from the US? Let us market your blog.

Advertisement
Book yours here.

Other blogs in the same channel in the Creative Weblogging Network

Advertisement -
Book yours here..

Disclaimer
Some of the contents of this site are protected Creative Weblogging Ltd. 2004-2008.

Advertisement - Book yours here..

Tell a friend about U.S. ePassport Rule Passed
Recipient email:*	Your email:*

(* Both email addresses are required for sending this article. They will never be shown or used for any marketing purposes)
Please enter a message which will be shown together with the article:

Security Code: (Please help us to sort out spam.)

U.S. ePassport Rule Passed

Filed in archive Tags and Readers by Anita Campbell on October 26, 2005

Related Entries:

Vote for U.S. ePassport Rule Passed:

Add your response to U.S. ePassport Rule Passed:

Tell a friend about U.S. ePassport Rule Passed

Check out our Sponsored Blogs!

Our Editors recommend

Contributors (Last 90 days)

Categories

Archives

Advertise with us

Most popular

Testimonials

Recent Comments

Other blogs in the same channel in the Creative Weblogging Network

Wireless & Mobile

Disclaimer

Find more recent entries from our other publications:

Tech Without Wires

The Wireless Weblog

Supplychainer

The Mobile Technology Weblog

The Smart PDA

The Dating Weblog