Face and fingerprints swiped in Dutch biometric passport crack Chip skimmed, then security breached
By John Lettice Published Monday 30th January 2006 12:38 GMT Dutch TV programme Nieuwslicht (Newslight) is claiming that the security of the Dutch biometric passport has already been cracked. As the programme reports here, (http://omroep.vara.nl/tvradiointernet_detail.jsp?maintopic=424 <http://omroep.vara.nl/tvradiointernet_detail.jsp?maintopic=424&subtopic=386 90> &subtopic=38690) the passport was read remotely and then the security cracked using flaws built into the system, whereupon all of the biometric data could be read. The crack is attributed to Delft smartcard security specialist Riscure, which here explains (http://www.riscure.com/news/passport.html) that an attack can be executed from around 10 metres and the security broken, revealing date of birth, facial image and fingerprint, in around two hours. Riscure notes that that the speed of the crack is aided by the Dutch passport numbering scheme being sequential. The process is explained in greater detail by Bart Jacobs, Research Director of the Institute for Computing and Information Sciences, University of Nijmegen, in presentations to be found here. (http://wwwes.cs.utwente.nl/safe-nl/meetings/24-6-2005.html) These make it clear that a skimming exercise could potentially yield all biometric data from a passport (or indeed a biometric ID card), giving ID thieves and would-be forgers a considerable leg up in the construction of fakes. According to the Dutch Interior Ministry ways to improve the security of the passport are being looked at. But note that they say "improve", not "fix". [Non-text portions of this message have been removed] -------------------------- Want to discuss this topic? Head on over to our discussion list, [EMAIL PROTECTED] -------------------------- Brooks Isoldi, editor [EMAIL PROTECTED] http://www.intellnet.org Post message: osint@yahoogroups.com Subscribe: [EMAIL PROTECTED] Unsubscribe: [EMAIL PROTECTED] *** FAIR USE NOTICE. This message contains copyrighted material whose use has not been specifically authorized by the copyright owner. OSINT, as a part of The Intelligence Network, is making it available without profit to OSINT YahooGroups members who have expressed a prior interest in receiving the included information in their efforts to advance the understanding of intelligence and law enforcement organizations, their activities, methods, techniques, human rights, civil liberties, social justice and other intelligence related issues, for non-profit research and educational purposes only. We believe that this constitutes a 'fair use' of the copyrighted material as provided for in section 107 of the U.S. Copyright Law. If you wish to use this copyrighted material for purposes of your own that go beyond 'fair use,' you must obtain permission from the copyright owner. For more information go to: http://www.law.cornell.edu/uscode/17/107.shtml Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/osint/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
