Hi-tech biometric passports used by Britain and other countries have been hacked by a computer expert, throwing into doubt fundamental parts of the UK's £415m scheme to load passports with information such as fingerprints, facial scans and iris patterns.
Speaking at the Defcon security conference in Las Vegas, Lukas Grunwald, a consultant with a German security company, said he had discovered a method for cloning the information stored in the new passports. Data can be transferred onto blank chips, which could then be implanted in fake passports, a flaw which he said undermined the project.
The revelation also casts another shadow over the government's plan for a national ID card, which would contain much of the same information.
Mr Grunwald said his discovery was made within two weeks of first attempting to copy the data, and the equipment used cost $200 (£105). It is believed the hacking principle could be applied to any new passport issued in Britain, the US and other countries. But the findings do not mean that all biometric information could be faked or altered by criminals. Although the data held on a passport chip is not encrypted, it is not yet possible to change the cloned data without alerting the authorities.
No comments:
Post a Comment