RFID open to criminal abuse
By Guy Matthews,
Terrorists could potentially use RFID technology in electronic passports to set off a bomb when a particular target comes within reach, warns a leading electrical engineering expert.
Nigel Gilbert of the Royal Academy of Engineering suggests a number of ways in which RFID technology could be abused by both criminals and governments in his report entitled 'Dilemmas of Privacy and Surveillance: Challenges of Technological Change', published this week.
In particular he is concerned that that unencrypted data stored on an RFID chip in an e-passport, such as those currently being implemented by the UK Government, can be read by anybody passing near the document holder with the right equipment.
"Not only could a passport holder be revealing identifying and personal information to passport control, but they could also be unwittingly revealing their personal data to 'spies' who had equipped themselves with readers," says Gilbert in the report.
These eavesdroppers, he says, could use the resulting data for fraud of various kinds, for example stealing biometric details and accessing other services that use biometrics like pay-by-touch systems.
"With sensitive personal details readable over a distance, it could even become possible, with appropriate antennas and amplification, to construct a bomb that would only detonate in the presence of a particular nationality or even a particular individual," suggests Gilbert.
Clive Longbottom, an analyst with consultancy Quocirca, believes the terror risk is remote.
"The possibility of using RFID in passports to set off a bomb is rather an outside chance, as the chip reader would need to be with a few centimetres of the person involved, as there is no active component to the passport," he told IT PRO.
The terrorists, he says, would also need to have hacked the passport database to gain the details of the passport signature, and then would have had to replicate the passport reader technology to fully recognise that signature: "If they can do that, then they probably don't need to be so clever in placing a bomb - why not just use standard blunt weapon approaches, or a sniper?"
Longbottom believes that RFID does, nevertheless, represent a serious security challenge, open to official or unofficial misuse.
"RFID can be misused, and doubtless will be by the powers that be," he says. "We can put in place safeguards for technological approaches. We can also use technology to stop wilful abuse - for example, creating the need for dual biometric security credentials to access certain information means that you have to have at least two people involved in the abuse. I don't think that RFID is the problem, it's far more down to how it's used."
advertisement
Latest Mobile & Telecoms Features
Q&A: Mike Lazaridis and Jim Balsillie, co-chief executives at RIM
The two top executives at RIM discuss smartphones, the competition posed by netbooks and the future of the BlackBerry.
- The present and future of IT security
- Tera Scale Lab: Where hardware meets software
- Q&A: Motorola's enterprise VP John Coon
- Q&A: Orange's devices chief Francois Mahieu
- What's happened to Sony Ericsson?
- Top 10 iPhone tips
- Where will IT be in 2015?
- Keynote's Umang Gupta on the health of the Net
- Taking Symbian open source
Latest Mobile & Telecoms Reviews
HTC Touch Pro
Rating: 
advertisement
Latest News Videos in Mobile & Telecoms
Video: HTC Touch Pro review
PlayCan HTC's Touch Pro go one better than the Touch Diamond? Check out our video review to find out.
White papers
Want more background on today's hottest IT trends?
Visit IT PRO's white paper library for more on virtualisation, encryption and other topics.
Register for IT PRO
You'll get exclusive member benefits including free white papers, downloads, Webinars and weekly newsletters full of the latest IT PRO news, reviews, insight and expertise.
Social Bookmark this article: What is this?