Passports these days have a small chip inside called an RFID. Governments who issue these passports say they’re secure and safe to use. And for years hackers have been saying they’re not secure. So who’s right?
Chris Paget, a white hat hacker (the good kind of hacker), recently did an experiment to see how many passports he could copy using some very simple tools. His aim was to see if he could read the RFID inside someone’s passport. The results?
In 20 minutes he managed to find 2 people carrying a new RFID passport, and was able to copy the contents of the RFID chip.
He did this from his car while driving around San Francisco. The people carrying the passports have no idea this happened. There’s no way for them to know. He made a video of his experiment that you can watch here:
(If the video above doesn’t play click here)
So what can we learn from this?
- The RFID chip inside passports are not secure
- The RFID chip inside passports can be copied from a distance
What can you do?
- If your governments wants to tag people using RFID, e.g. by embedding RFID chips in drivers licenses, be aware of the ramifications.
- It’s technically possible to shield your RFID passport by using a metal film. Some companies have started selling passport wallets that can block radio signals, stopping people reading the chip remotely.
Below are some passport wallets that can shield RFID signals (Click here to view in a full page)
That’s genuinely worrying. This isn’t conspiracy theory stuff, this is really basic privacy being easily taken advantage of.
Everyone thought those Metal-shielded wallets were geeky and were only for tinfoil wearing freaks – not any more!