Elvis died in 1977.
But that didn’t prevent hackers from inserting his digital photo into a U.K. passport, and using it at a self-service passport machine at Amsterdam’s Schiphol airport to gain clearance to board a plane.
This incident occurred in September 2008. But this security vulnerability persists, as proven by the recent assassination of Mahmoud al-Mabhouh, a senior Hamas operative, in a Dubai hotel on January 20…
The alleged killers of Mr. Mabhouh included 11 people holding U.K. and other European passports. All of the killers used passports containing fake photographs and signatures.
Naturally, this wasn’t supposed to happen. When governments began issuing digitally encoded passports a few years ago, it was supposed to improve border security. For instance, Maura Harty, former U.S. assistant secretary of state for consular affairs, told a Congressional hearing in 2004:
“Embedding biometrics into U.S. passports to establish a clear link between the person issued the passport and the user is an important step forward in the international effort to strengthen border security.”
Only, the technology doesn’t work.
Indeed, the “ultra-secure” RFID chips digital passports contain can be cloned with about $100 worth of off-the-shelf electronic equipment. As a result, we have teams of assassins and who-knows-who-else roaming the world with digitally modified passports. Indeed, digital passports actually are far less secure than their predecessors.
The reason is that digital passports – and indeed digital data in general – suffers from an inherent security flaw…
If you take a non-digital passport and try to modify it physically, it’s very hard to do so without leaving some evidence of what you’ve done. There might be smudges, ink marks, or microscopic impressions of a razor blade used to cut out an old photo and insert a new one.