Researchers from the University of Washington and RSA Labs just published a paper on the privacy and security vulnerabilities of the RFID tags embedded within Washington's Enhanced Driver's License (EDL) and the U.S. Passport Card. In addition to confirming that the EPC Gen2 RFID tags in these documents can be remotely copied (i.e., cloned), this paper uncovered a number of concerns:
- The unique identification number on the RFID tags can be read from great distances, allowing the EDL or Passport Card holder to be tracked from up to 50 meters away (162 ft.), or the width of a football field!
- Even if EDL cardholders have their card within a protective foil sleeve provided by the Department of Licensing, the unique identification number on the RFID still can be read from up to two feet away.
- Anyone with access to an EPC Gen-2 RFID reader can permanently disable the RFID tag within an Enhanced Driver's License, without the cardholder ever knowing. This creates a serious problem for cardholders, since our administrative code states that, "...tampering with or deactivating the chip will invalidate the enhanced driver's license or identicard for purposes of border crossing." (WAC 308-105-020(4))
This research shows that government agencies need to implement strong privacy safeguards when developing border crossing documents.
And cardholders need to consider their options carefully when choosing what type of border crossing ID to get. Not sure what to do since even U.S. Passports have RFID? Educate yourself with our flyer (pdf) on the differences between these documents.
Those who'd like to see the research in action can check out this KOMO4 News story. It's worth noting that the $2,000 readers used are pretty standard for any business using the EPC Gen2 tags to replace bar codes for inventory tracking.