March 6, 2008

Brokeback Passport
Lima, Peru

The design of my son's freshly issued U.S. passport is new to me, and appears to be everything that I read it was(n't).

Oozing Propaganda

Brokeback: (adj.) Used to describe anything of questionable masculinity; gayness. Believed to have originated from the 2005 motion picture Brokeback Mountain.

I don't like the imagery on the inside of the new passports (which started appearing in 2006), and I'm certainly not alone:

My bank sells checks with similar imagery, like artwork by Thomas Kinkade, painter of light, or a pattern called "Puppies! Puppies! Puppies!"

It's not that I'm unpatriotic. But the need to repeatedly thrust our whole catalogue of national iconography in the face of every customs officer we meet strikes me as kind of gauche. Isn't the gold eagle on the blue leatherette jacket enough of a symbol?

Not only are the internal pages an eyesore, but I think all the imagery will ultimately do a really keen job of obscuring the much needed legibility of the inked stamps.

A comparative look inside my used passport, and my son's freshly issued one

Besides, all that iconography really does make me feel uncomfortable. You never know what's going to set a border official off, cause you to get shortchanged on days granted in a country, or get you sent to a superior for a secondary inspection. Forcing an immigration agent to hunt for a space on pages amidst scenes of bison, bears, bells, trains, and mountains isn't a particularly pleasing thought.

On the upside, I like how the entries/departures column classification has been removed, as experience has shown me that it's almost always ignored anyway.

RFID Concerns

RFID stands for "radio-frequency identification." Passports with RFID chips store an electronic copy of the passport information on the data page: Your name, a digitized picture, expiration and issuance date, etc.

By itself, this is no problem. But RFID chips don't have to be plugged in to a reader to operate. Like the chips used for automatic toll collection on roads or automatic fare collection on subways, these chips operate via proximity. The risk to you is the possibility of surreptitious access: Your passport information might be read without your knowledge or consent by a government trying to track your movements, a criminal trying to steal your identity, or someone just curious about your citizenship.

Comparing my well used passport to Aidric's. Note the addition of the RFID logo at the bottom

I'm really on the fence regarding how concerned I feel about the RFID chip that's now embedded in the front covers of new U.S. passports. At this stage, I feel they do more harm than good, and if this was my freshly obtained passport, I just might consider taking a hammer to the cover to alleviate any stress about it.

The U.S. government likes to say that the implementation of shielded covers and Basic Access Control (BAC, characters from the printed machine-readable zone of the passport must be read first in order to unlock the chip for reading) prevents data skimming, eavesdropping, tracking, and cloning, but real-world experience has proven otherwise. As it stands right now, someone could intercept the communication of information between an open passport and card reader from as much as 30 feet away, even with the BAC in place. Imagine what could be done in the year 2018.

The security of your passport has to be strong enough to last a decade.

This is perhaps the greatest risk. The security mechanisms on your passport chip have to last the lifetime of your passport. It is as ridiculous to think that passport security will remain secure for that long as it would be to think that you won't see another security update for Microsoft Windows in that time. Improvements in antenna technology will certainly increase the distance at which they can be read, and might even allow unauthorized readers to penetrate the shielding.

All this RFID chip implementation was done under the guise of redundant security and fraud detection, but embedded chips that only contain a copy of the passport data page aren't the solution. The weak link in identity documents is the issuance procedures, not the documents themselves. Legitimate identification with false information is a much bigger problem.

The variety of scenarios you'll find entering or exiting a country outside of an airport range greatly, and not all have methods to utilize new technologies—many still don't have computers, and most governments don't share the information on the passports data they issue or collect.

Just as recently as crossing from Peru into Ecuador and back a few weeks ago did I find on the Peruvian side of the border a man with a big ledger looking and my passport and writing a few details down in the book. No scans, no RFID reader—nothing but a notation and a stamp. Contrast that against the biometric fingerprinting that I've had done to me a few times in other (poorer) countries in Latin America.

Frankly, I'm really hoping that the Department of State is on some sort of five-year design change program with these passports now, as my well-used book is set to expire in 2011. Yes, I'm certainly keeping my fingers crossed that somewhere in the next three years we'll all see a redesign of this insecure eyesore.


The United States


March 7th, 2008

I read an easy way to disable the chip is to put the passport in the microwave. May want to research for how long though.


Craig |

March 7th, 2008

The microwave is a no-go Roosh. I've read that it can cause the chips to burn, leaving scorch marks on the cover (as well as plenty of sparks in the microwave). A well placed hammer strike should be pretty deniable (especially when you're looking at 25 years in prison for tampering)

The beauty of a beat-up passport | Working World

Pingback on September 16th, 2009

Note: Comments are open to everyone. To reduce spam and reward regular contributors, only submissions from first-time commenters and/or those containing hyperlinks are moderated, and will appear after approval. Hateful or off-topic remarks are subject to pruning. Your e-mail address will never be publicly disclosed or abused.