new passports will also be issued with this technology:
Although the chip is passive and can be read only when a reader pings it, a reader with a strong battery can detect the chip’s signal from as far as 40 feet away, Schwartz said. It can easily be cloned, posing the risk that a hacker could make a duplicate card to fool a border agent, he said. Avi Rubin, a professor at Johns Hopkins University, said that two years ago, he duplicated an RFID chip in his “speedpass” used for buying gas, copied the information onto a laptop and, after extending a radio antenna from the laptop out the car door, was able to buy gas with the cloned RFID chip. Randy Vanderhoof, executive director of the Smart Card Alliance, represents technology firms that make another kind of RFID chip, one that can only be read up close, and he is critical of the passport card’s technology. It offers no way to check whether the card is valid or a duplicate, he said, so a hacker could alter the number on the chip using the same techniques used in cloning. “Because there’s no security in the numbering system, a person who obtains a passport card and is later placed on a watchlist could easily alter the number on the passport card to someone else’s who’s not on the watchlist,” Vanderhoof said.