by Roger Yu, USA TODAY
The U.S. passport is joining the digital age. After three years of research and
discussion, the State Department has finalized most of the technical and logistical
details of new, supposedly tamper-proof passports embedded with a "smart-card" chip.
A contactless smart chip and antenna is flexible enough to embed in the cover of
a standard passport booklet.
If current plans hold, they'll become standard issue for U.S. travelers as soon
Proponents say the chip, which will contain the holder's personal data and digital
photo, should allow speedier entry at borders for most travelers.
Because the chip's data can't be altered, proponents say, forging passports will
be virtually impossible. That, they say, gives authorities a potent new anti-terrorism
When swiped across an electronic reader, the chip in the passport wirelessly transmits
data to a customs officer's computer screen. The e-passport relies on radio frequency
identification technology (RFID).
May 2002: The Enhanced Border Security and Visa Entry Reform Act
requires the USA and other countries whose citizens don't need visas for entering
the USA to develop electronic passports.
The act sets a deadline of October 2004.
March 2004: The Bush administration asks Congress to delay the deadline to October
2006 to allow participating countries more time to address technical issues. Congress
April 2005: The State Department closes comment period, begins to firm up
plans for the new e-passport.
December 2005: State Department plans to test the new passport with diplomats
and select government officials.
February 2006: State Department expects to make e-passports available to
Source: The State Department
The new passport looks much like the traditional type. But the smart-card chip,
embedded in the back page, makes it slightly thicker. If the chip is broken or malfunctions,
the holder can continue to use the passport as a non-electronic passport, or buy
a new one.
Once the new version is available, it would take up to a year for all new passports
to be issued in the new format. Americans with valid traditional passports won't
have to replace them until they expire.
The new passport will cost $97, or $12 more than the traditional version.
Initially, U.S. diplomats will use the e-passport as a test, probably starting in
December, says Frank Moss, deputy assistant secretary of State. If successful, the
new passport will be available to the public next year, possibly as early as February,
The Sept. 11 terrorist attacks prompted calls for improved border security. The
new e-passport is perhaps the most visible aspect of the government's foray into
digital technology for border control.
The e-passport has raised concerns among critics who say it lacks adequate privacy
safeguards. Wireless transmission of data compromises security, and important personal
data could fall into the wrong hands, they say. With proper equipment, someone could
remotely intercept personal data, they say.
Wireless transmission could lead to what's called "skimming" or "eavesdropping,"
says Cedric Laurant of the Electronic Privacy Information Center, a Washington,
D.C.-based advocacy group.
In skimming, an intruder secretly uses a device to read the chip's data from as
far away as several feet.
The new U.S. electronic passport will look like its predecessor in size and shape,
although it will be slightly thicker. Photos of owners will still be included. How
the new electronic features will be used:
What happens at passport control
(1) The officer swipes the data page through a special reader to read the two lines
of printed characters on the bottom of the data page. This provides a key that's
unique to the passport and lets the process proceed.
(2) When the passport is held over the reader (no contact is necessary), a radio
field from the reader wakes up the chip, and the encrypted data are transferred
to the reader, allowing the officer to conduct a visual check.
(3) The officer holds your open passport over another reader, then checks a view
of you, with the photo in your passport, and all the data from your passport (including
your photo) on the monitor. The data on the monitor also verify that your passport
was issued by a legitimate authority, and that it has not been altered.
A chip is embedded into the back cover. It contains data that cannot be read without
the security key as shown in step 1 above.
A thin radio shield can be sandwiched between the front cover and the first page.
Whenever the passport is closed for instance, in your pocket or briefcase the digital
information in the chip cannot be read. The shield will not set off airport metal
Americans walking with their passports could be essentially broadcasting their
nationality and other personal information, Laurant says.
Eavesdropping could occur at border checkpoints if someone intercepts the information
as it's being transmitted from the chip to a reader.
Moss says those concern are outdated. The agency has made technical adjustments
to address them. The State Department has added a metallic anti-skimming material
to the passport's cover and spine. It limits retrieval of the data to within an
inch of the passport, Moss says.
The State Department is also considering adding a layer of protection by encrypting
the information so it can be read only by authorized devices, Moss says.
Bernard Bailey, CEO of software developer Viisage, which is working with the State
Department, says e-passport's technology is sound. It will improve national security
while safeguarding traveler privacy, he says.
Bill Connors, executive director of corporate-travel advocate the National Business
Travel Association, says the government has adequately addressed the privacy concerns
of his organization.
"We feel that the passports are much more secure now," Connors says.
The e-passport initiative has its roots in legislation passed by Congress in May
2002 to improve border security. It called for 27 countries whose citizens don't
need visas for entry into the USA to convert to electronic passports by October
2004. Congress has since delayed the deadline until October 2006.
The International Civil Aviation Organization, an international agency, created
the technical specifications for e-passports worldwide, and that has helped to enhance
international cooperation, says Paul Beverly of smart-card-maker Axalto.
All e-passports will have the same underlying technology and will work with other
countries' readers, Beverly says.
If the U.S. meets its target dates for the e-passport introduction, it will be one
of the first countries to use it, he says.
Beverly says he's consulted with 20 governments about the chip technology and hasn't
witnessed backlash from U.S. demands for a system of electronic passports.
"There were some concerns about the very aggressive schedule, but that objection
has largely gone away," he says.
Security State Department Unveils Trial Of Electronic Passports
by Danielle Belopotosky
The State Department on Friday announced it has started issuing electronic passports
on a trial basis.
Diplomats received the first e-passports containing
radio frequency "contactless chips" and face recognition technology in late December.
The e-passport contains a chip, which is embedded into the cover of the document
and includes a digital image of the traveler, as well as their name, date and place
of birth, gender, passport number and dates of passport issuance and expiration.
Contactless chips "interact intelligently via RF with
a contactless reader," according to the Smart Card Alliance's Web site. The chips
used in the e-passports can be read "at a close distance," according to the department.
But privacy advocates have raised concerns over the
possibility of someone in close proximity to the passport-holder who could use a
chip reader to "skim," or steal, personal information from passports.
"The dangers of 'skimming' already have been the subject
of serious public concern," the American Civil Liberties Union wrote in April 2005
comments to State over its proposal to use radio frequency identification chips
Low-frequency RFID chips be read from up to 20 feet,
but the department has maintained e-passports would include chips that only can
be read from "approximately four inches" away from the source.
To eschew concerns over privacy and safety, the department
said the front covers of e-passports have a built-in anti-skimming device. It is
akin to "wrapping them in tin foil to prevent the radio frequency signal from getting
through," said Jay Stanley, communications director at the ACLU's Technology and
The e-passports also are equipped with an encryption
feature to prevent the interception of information by a third party, or what the
department calls eavesdropping.
"It is certainly an improvement" over State's initial
e-passport proposal, Stanley said. But the use of radio frequency technologies still
creates a potential problem of security and identity theft. Questions remain over
whether the chips still can be read without other people's knowledge and if the
technology can be used as unique identifier even if it is encrypted, he said.
Another concern is how much the new passports will
cost the consumer. The estimated cost for the government to produce e-passports
would increase from the current $2.40 to more than $10 each, according to documents
obtained by the ACLU. The figures were disclosed during a speech by Frank Moss,
State's deputy assistant secretary for passport services.
Applicant fees for new paper-based passports currently
total $97 each. When e-passports are issued to all later this year, the passport
fees for first time applicants will remain the same, according to the State Department.
The United States began testing e-passports at the
San Francisco International Airport for citizens of Australia and New Zealand, as
well as airline crew members from Singapore. The tests aim to determine whether
the e-passport systems comply with standards developed by the International Civil
The nationwide rollout of e-passports is slated for
the end of 2006. But, "the devil is in the details," said Stanley. The implementation
still "needs to be scrutinized by the tech community."
AP Business Writer
by Dan Caterinicchia
August 12, 2006
WASHINGTON (AP) -- Despite ongoing privacy concerns and legal disputes involving
companies bidding on the project, the U.S. State Department plans to begin issuing
smart chip-embedded passports to Americans as planned Monday.
Not even the foiled terror plot that heightened security checks at airports nationwide
threatens to delay the rollout, the agency said. Any hitches in getting the technology
to work properly could add even longer waits to travelers already facing lengthy
security lines at airports.
The new U.S. passports will include a chip that contains all the data contained
in the paper version -- name, birthdate, gender, for example -- and can be read
by electronic scanners at equipped airports. The State Department says they will
speed up going through customs and help enhance border security.
Citizens who get new passports can expect to pay a lot more. New ones issued under
this program will cost $97, which includes a $12 security surcharge added last year.
Not all new passports will contain the technology until it's fully rolled out --
a process expected to take a year. Existing passports without the electronic chips
will remain valid until their normal expiration date.
Privacy groups continue to raise concerns about the security of the electronic information
and a German computer security expert earlier this month demonstrated in Las Vegas
how personal information stored on the documents could be copied and transferred
to another device.
But electronic cloning does not constitute a threat because the information on the
chips, including the photograph, is encrypted and cannot be changed, according to
the Smart Card Alliance, a New Jersey-based not-for-profit made up of government
agencies and industry players.
"It's no different than someone stealing your passport and trying to use it," Randy
Vanderhoof, executive director of the alliance, said in a statement. "No one else
can use it because your photo is on the chip and they're not you."
Yet the ability to clone the information on the chips may not be the sole threat,
privacy advocates argue. A major concern is that hackers could pick up the electronic
signal when the passport is being scanned, said Sherwin Siy, staff counsel at the
Washington-based Electronic Privacy Information Center, a leading privacy group.
"Many of the advantages the industry is touting are eliminated by security concerns,"
After testing the passports in a pilot project over the past year, the government
insists they're safe.
Numerous companies competed the last two years to provide the technology. One winner
was San Jose-based Infineon Technologies North America Corp., a subsidiary of Germany's
Infineon AG. Another was French firm Gemalto, which earlier this month announced
that it had received its first production order from the Government Printing Office.
It is producing the passports for the State Department, using the Infineon technology.
The rollout that begins Monday will use technology built up during the pilot project.
Neville Pattinson, director of technology and government affairs for Gemalto in
Austin, Texas, would not discuss financial terms of the contract. He acknowledged
the economic potential is massive, noting that the State Department issued 10 million
passports in 2005 and expects that to increase to 13 million this year.
State to issue notice on passport cards
by Dibya Sarkar
Published on Oct. 19, 2006
State Department officials will be issuing a Notice of Proposed Rule Making next
week that lays out the architecture of a smart card that would be used under the
Western Hemisphere Travel Initiative (WHTI).
Frank Moss, the department's deputy assistant secretary for passport services,
said the intent is to create wallet-sized, secure People Access Security Services
(PASS) cards - also known as passport cards - that would include radio frequency
vicinity-read technology. He said such read technology is being used in other programs,
such as Nexus, a joint U.S./Canadian traveler program to simplify border crossings
for frequent travelers between the two countries.
The only data written on the PASS card would be a pointer number that would refer
an agent to a cardholder's personal data in a database, he said. Rather than using
a passport, American citizens, who frequently travel to Canada, Mexico, South America,
the Caribbean and Bermuda, could use the card to verify their identities and citizenship.
Under the proposal, a first-time adult applicant would pay $45 for a PASS card,
which would be renewable every 10 years for $20, Moss said. For children, he said,
the cost would be less but he didn't specify the price. Children must renew their
cards every five years.
Moss, who was speaking at an Information Technology Association of America conference
on identity management in McLean, Va., said State is seeking comments on this proposal
until Dec. 18. He said the department hopes to issue a final rule early next year.
He said State hoped to start production of PASS cards by summer 2007.
Congressional lawmakers approved this summer an amendment that requires the technology
implemented for the PASS cards meet certain security standards. The amendment also
delayed implementation of the WHTI for 17 months, until June 1, 2009.
Controversy exists about whether the joint State/Homeland Security Department program
should use contactless smart card technology that requires readers to read cards
from a short distance or radio frequency identification technology, which can read
cards from farther away.