Adam Laurie, director, the Bunker, said: "The concept is that all the biometric files on the passport chips are digitally signed, so cannot be tampered with. However, the problem is that the digital certificate that proves this is also stored on the passport, so all an attacker has to do is write their own certificate. The defence to this was for governments to set up a directory to verify the real certificates. However, only 15 out of around 55 countries now issuing the passports have signed up to the directory launched last year, leaving huge numbers of passports unverifiable."
Laurie demonstrated his open-source RFIDiot tools to delegates, first wiping data from a building access card, then reprogramming it as a cloned animal ID chip. He explained that there are at least two chips designed to be flexible in their deployment, allowing the same hardware to be used in a variety of different applications. This means that they can be reconfigured, reprogrammed and used as clones by a hacker.
"I find the human implantation of RFID chips especially worrying. It's not difficult to reprogram other chips to fool the readers", he continued.
The discoveries follow a series of exploits to clone RFID tags, and rising concerns among privacy advocates and security experts. A recent research paper from Lausitz University of Applied Sciences, Germany and Radboud University, The Netherlands, found that remotely detecting the presence of a passport and determining it's nationality was relatively easy, due to the differences between each country's implementation of the international standards.
"Although all passports implement the same international standard, experiments with passports from ten different countries show that characteristics of each implementation provide a fingerprint that is unique to passports of a particular country," stated the researchers.