The new RFID passports that are designed to catch evildoers can, in a flash, be hacked by evildoers. Using a cloning tool, British researchers embedded pictures of Osama bin Laden and a suicide bomber onto a set of chips and then tested them. They came up as “real” according to the agency that sets e-passport standards.
Using his own software, a publicly available programming code, a £40 card reader and two £10 RFID chips, Mr van Beek took less than an hour to clone and manipulate two passport chips to a level at which they were ready to be planted inside fake or stolen paper passports.
A baby boy’s passport chip was altered to contain an image of Osama bin Laden, and the passport of a 36-year-old woman was changed to feature a picture of Hiba Darghmeh, a Palestinian suicide bomber who killed three people in 2003. The unlikely identities were chosen so that there could be no suggestion that either Mr van Beek or The Times was faking viable travel documents.
The passports do not match the printed ID numbers embedded into every document, which should raise some suspicions. However, considering how easily the RFID chips were hacked I’m almost positive that industrious terrorists will be able to take a few hours to fake the printed portion as well. Security as theatre marches on.