Security Hole Seen in Passport E-Data

Electronic passports being introduced in the U.S. and other countries have a major vulnerability that could allow criminals to clone embedded secret code and enter countries illegally, an expert warned.

A demonstration late Friday by German computer security expert Lukas Grunwald showed how personal information stored on the documents could be copied and transferred to another device.

It appeared to contradict assurances by officials in government and private industry that the electronic information stored in passports could not be duplicated.

“If there is an automatic inspection system, I can use this card to enter any country,” Grunwald said, holding up a computer chip containing electronic information that he had copied from his German passport.

The research is the latest to raise concerns about the growing use of radio-frequency identification technology, which enables everyday objects such as store merchandise, livestock and security documents to transmit electronic data to computers equipped with special antennas.

Countries such as Germany already use the technology in passports to help border officials guard against forgeries and to automate the processing of international visitors.

U.S. officials plan to start embedding the radio-frequency technology in passports in October.

A State Department spokeswoman said late Saturday that she did not have enough information on the matter to comment.

The presentation was one of dozens delivered at the Defcon conference that ended Sunday in Las Vegas.

The conference, attended by many of the world’s best-known security experts, has become an annual showcase of the latest discovered weaknesses in computers, phone equipment and other machines.