Rob Beschizza
Gear

"Secure" British Passports Cracked Within Hours

Britain’s high-tech biometric passports, already issued to 3 million citizens, were pwned Friday by U.K. newspaper The Guardian. They cost millions to develop, and only after the construction of a $110m production facility did they begin to find their way into British travelers’ hands. They’re a prelude to the U.K. government’s schemes to impose a […]

Passport_1Britain's high-tech biometric passports, already issued to 3 million citizens, were pwned Friday by U.K. newspaper The Guardian.

They cost millions to develop, and only after the construction of a $110m production facility did they begin to find their way into British travelers' hands. They're a prelude to the U.K. government's schemes to impose a national identity card using similar technology. But thanks to the newspaper, a few hackers and 48 hours, the system is just another joke in the history of "unhackable" encryption.

"I was amazed that they made it so easy," computer security expert Adam Laurie says. "The information contained in the chip is not encrypted, but to access it you have to start up an encrypted conversation between the reader and the RFID chip in the passport."

The Home Office points out that the only information thus gained is information visible on the passport, such as the traveler's name and address. The system's (uncracked) ability to ensure such data cannot be edited or forged, they said, is more important. The Guardian proposes that it's just a matter of time and is angling for a recall.

Cracked it! [The Guardian]