Today’s passports in the U.S. contain a chip called an RFID tag.  These tags have been used for years for inventory control in warehouses, and for other purposes.  RFID tags can be ready wirelessly by a device to track the ID chip.

The U.S. government is also pushing State driver’s licenses to contain the chip, so that IDs can be quickly verified without the need to actually scan the device through a barcode reader.  Many anti-terrorism “experts” are quick to praise the idea, but there’s a big problem: the RFID system doesn’t work properly.  It’s insecure.

In the U.S., if there’s a bad law that is passed, one of the few ways to challenge the law is to take a big risk and break it.  Once you break the law and are charged, you can take steps to challenge the law (and maybe end up in jail if you fail).  Hero hacker Chris Paget did just that, producing an inexpensive ($250) RFID cloning device that he will attempt to sell on eBay.

Chris Paget is an RFID hacker.  In 2007, he was prepared to show a demonstration of the weakness of RFIDs in terms of security by presenting the demonstration at Black Hat DC Training conference.  Paget is the director of research and development at Seattle-based IOActive.  Before his demonstration, Irvine, California-based HID Corp, a maker of RFID badges, sent Paget a cease and desist letter informing Paget that his tools were covered under a patent owned by HID Corp.  Paget immediately pulled his demonstration from the conference under pressure of the patent laws.

The device is a teaching tool,” Paget said in an interview with SearchSecurity.com. “The whole point was to educate people to make better risk decisions when deploying RFID.”  His reason for doing the demonstration was to show employers that RFID badges are insecure, and could cause huge security risks for the company if their employees only go by the verification tool.

The device Paget is offering is a proof-of-concept device that he made on his own time away from his employer.  Paget was able to build the system through parts bought on eBay.  The device consists of a Motorola-manufactured Symbol XR400 RFID reader and a Motorola AN400 patch antenna.  The antenna is mounted to the side of his Volvo XC90.  The XR400 RFID reader is connected via an ethernet cable to Paget’s Dell 710m notebook running a Windows-based application that continuously prompts the RFID reader.  Paget wrote the application so the RFID reader will continuously scan for tags in the area.  The software then logs the serial number each time one is detected.

Paget recently demonstrated the device on video during a 20-minute drive in downtown San Francisco.  He was able to successfully copied the RFID tags of two passport cards without the knowledge of their owners.  The U.S. government is creating a new mini-passport ID card called the EDL that includes the RFID chip to allow U.S. citizens to more easily travel between the US and Mexico, Canada, the Caribbean, and Bermuda.   EDLs are currently offered by Washington and New York states and are the size of a credit card.  750,000 citizens applied for the EDL, all of whom could be victims of RFID-theft and identity fraud.

Using the right device and antenna, someone attempting identity theft could theoretically scan all RFIDs within a mile radius.  This allows an identity thief to just drive around, picking up RFID tags without a chance of getting caught.  Duplicating fake IDs can cost as little as $20.

Chris Paget is a hero, pushing government to open their eyes to their ridiculously low security by informing the public in the best way he knows how: through eBay.  Hopefully the mainstream press will pick up on this, so other Americans will realize that government security measures may actually mean less security.  A lazy security official who just scans IDs wirelessly may not take the time to verify that the holder is the actual person.  It will be interesting to see what the response is to his new inexpensive device.

For those who want to protect themselves right now, a company called Travelon sells a wallet called the RFID-blocking Passport Case.  This $17 wallet is made of nylon, holds up to 4 cards (one in a windowed display), and should block all RFID scanners.  The dimensions are 5.5″ x 3.75″ x 2″ and it can be purchased online at many luggage and travel sites.  If you’d like to protect yourself from identity theft, snag one of these immediately.  Not only are passports and future driver’s licenses likely to contain easily-copied RFID chips, some credit cards already contain them.

One of the downsides to RFID ID’s is that you’ll never know when even officials are scanning you.  Traveling in and out of government buildings may register a visit, and the RFIDs are visible from great distances (up to a mile, as said earlier), so your presence may be tracked more easily.  Even the non-conspiracy-thinking reader should think twice about protecting their data unless it’s mandated to show it.

Related posts:

1. freedomSLUT