The passports use a radio frequency chip and antenna to send out the holder’s ID and biometric details when questioned by a reader.
Security researcher Jeroen van Beek, from the University of Amsterdam used his own software, a publicly available programming code, a £40 card reader and two £10 RFID chips to hack two passports.
He then inserted the details of Osama Bin Laden and a Palestinian suicide bomber. The process took less than an hour.
They were accepted as genuine by Golden Reader, the standard software used by the International Civil Aviation Organisation to test passports.
“We’re not claiming that terrorists are able to do this to all passports today or that they will be able to do it tomorrow,” Mr van Beek said.
“But it does raise concerns over security that need to be addressed in a more public and open way.”
If the method becomes known then legitimate passports handed in at hotels for example could be cracked and the biometric data changed to that of the passport’s buyer, making the electronic protection useless.
The crack will also raise new over the proposed UK national identity card, which uses the same technology to store over 50 items of data.
Dominic Grieve, the Shadow Home Secretary, has called on ministers to take urgent action
“It is of deep concern that the technology underpinning a key part of the UK’s security can be compromised so easily.”
UK electronic passports cloned within minutes
By Iain Thomson on Aug 7, 2008 2:20PM