Electronic U.S. passports coming in December

Computerworld - The U.S. government plans to begin issuing electronic passports in December that feature a built-in chip that contains information about the passport holder and facial-recognition capabilities.
In an announcement Tuesday, the U.S. Department of State said the first electronic passports will be issued only through the department; By October 2006 domestic passport agencies, such as local government offices and post offices, will be able to provide them.
The use of electronic passports is being implemented to enhance document and border security and to make identification for international travel easier and more secure for U.S. citizens, the department said.
The new passports will combine facial-recognition and contactless chip technology. The chip, which will be embedded in the cover of the passport, will hold the same information that is printed in today's paper passports, including the passport holder's name, date of birth, gender, place of birth, dates of passport issuance and expiration, passport number and photo image. A digital signature will be used to protect the stored data from alteration and mitigate against photo substitutions. The digital photograph will also allow biometric comparisons using facial-recognition technology available at international borders, according to the agency.
To prevent unauthorized reading, or "skimming" of the data, antiskimming technology will be built into each electronic passport's front cover, according to the agency. Officials are also considering inclusion of basic access control technology that would prevent the data from being accessed until the passport is opened and its machine-readable zone on the data page is read electronically.
Those built-in safeguards may not be enough, said Lee Tien, a senior staff attorney at the Electronic Frontier Foundation, a San Francisco-based privacy group. Earlier this year, the group joined other privacy groups in submitting comments to the State Department about the new passports, arguing that the security efforts don't do enough to protect Americans from unauthorized data theft. The proposed shielding may not work in all scenarios when a passport is opened and read, Tien said.
"We are very dubious of the need for any kind of electronic ID for security purposes," he said. "We have concerns that if they do implement it ... that they are not planning on using any technological safeguards other than shielding to protect [the passports] from unauthorized reading. We believe more needs to be done.
"Given that they do seem to be going forward, they need to study and implement better privacy protection," Tien said.
Paper passports now in use would be replaced as they are renewed, according to a State Department spokesman.About 8 million passports are renewed annually out of some 57 million passports in circulation. The passports would be printed and manufactured by private companies, and the technical specifications on the built-in chips -- and details on how information will be stored -- are not being released.
Fees for the new passports are expected to remain unchanged, according to the agency. The fee for applicants 16 and older is $55, plus a $12 security surcharge and a $30 processing fee, for a total of $97.