US E-passports Haven't Been Verified In Over A Decade

An e-passportImage copyright Getty Images
Image caption US border control has not been authenticating e-passports since the technology was launched in 2007

US border control agents have not been using the right software to verify e-passports for more than a decade, two US senators claim.

Oregon senator Ron Wyden and Missouri senator Claire McCaskill have asked US customs officials to start properly authenticating e-passports.

If data on smart chips cannot be checked, it is not possible to tell if it has been tampered with, they say.

Anti-forgery measures in e-passports have never been implemented.

The US was one of the first countries in the world to adopt e-passports, and travellers from countries on the visa-waiver list are now required to enter the country using e-passports, which speed up the time needed to process individuals in border control.

However, the senators say that US Customs and Border Protection (CBP) has never used the anti-forgery and anti-tamper security measures it required to be built into e-passport smart chips because it doesn't have the right software.

"CBP has been aware of this security lapse since at least 2010, when the Government Accountability Office (GAO) released a report highlighting the gap in technology," Mr Wyden and Ms McCaskill wrote in a letter to customs officials.

"Eight years after that publication, CBP still does not possess the technological capability to authenticate the machine-readable data in e-passports."

The senators want US border control to start authenticating the data in e-passports by 1 January 2019.

CBP told the BBC that while it does not currently verify the country certificate of an e-Passport, the government agency does verify the data contained within the chip and the passport photo page that is placed into the scanner.

CBP also said that it has a unit to analyse fradulent travel documents seized by its officers, who physically check the travel documents belonging to all passengers who arrive on US-bound flights, and compare the data in the chip to the details on the photo page.

ESET's IT security specialist Mark James says that not authenticating the data stored in e-passport smart chips is a big concern.

"Any information stored on a chip could be tampered with," he told the BBC.

"In its simplest form, the data in the digital passport could be easily copied and stolen without your permission, and that data could be used to forge passports."

However, he felt that this was only a big problem if US customs officials were not using a physical back-up check as well as e-passport readers.

RECENT NEWS

From Chip War To Cloud War: The Next Frontier In Global Tech Competition

The global chip war, characterized by intense competition among nations and corporations for supremacy in semiconductor ... Read more

The High Stakes Of Tech Regulation: Security Risks And Market Dynamics

The influence of tech giants in the global economy continues to grow, raising crucial questions about how to balance sec... Read more

The Tyranny Of Instagram Interiors: Why It's Time To Break Free From Algorithm-Driven Aesthetics

Instagram has become a dominant force in shaping interior design trends, offering a seemingly endless stream of inspirat... Read more

The Data Crunch In AI: Strategies For Sustainability

Exploring solutions to the imminent exhaustion of internet data for AI training.As the artificial intelligence (AI) indu... Read more

Google Abandons Four-Year Effort To Remove Cookies From Chrome Browser

After four years of dedicated effort, Google has decided to abandon its plan to remove third-party cookies from its Chro... Read more

LinkedIn Embraces AI And Gamification To Drive User Engagement And Revenue

In an effort to tackle slowing revenue growth and enhance user engagement, LinkedIn is turning to artificial intelligenc... Read more

We use cookies to give you the best experience possible. By continuing we’ll assume you’re on board with our cookie policy.