Computer scientists in Britain have uncovered weaknesses in electronic
passports issued by the US, UK, and some 50 other countries that allow attackers
to trace the movements of individuals as they enter or exit buildings.
The so-called traceability attack is the only exploit of an e-passport that
allows attackers to remotely track a given credential in real time without first
knowing the cryptographic keys that protect it, the scientists from University
of Birmingham said. What’s more, RFID, or radio-frequency identification, data
in the passports can’t be turned off, making the threat persistent unless the
holder shields the government-mandated identity document in a special pouch.