Part 1 and 2 of this series outlined the software and hardware components of a biometric passport. Cybersecurity consultant Ravi Das now looks at the security vulnerabilities associated with e-passports.

Given the size and complexity of an e-passport infrastructure, it is prone to many types of cyber-based attacks.

The following are examples of some of the security vulnerabilities associated with it:

  • Cloning attacks

This occurs when a newly issued e-passport contains the biometric information and data from either a stolen or a hijacked e-passport.

  • Eavesdropping attacks

This type of attack occurs when a hacker can gain access to the biometric templates when they are being transmitted from the Radio-Frequency Identification (RFID) antennae to the e-passport reader.

  • Adversary attacks

With this, the biometric information and data which is stored in the microchip can literally be “skimmed” off if the hacker possesses a very sophisticated type of network sniffing device.

  • Denial of service attacks

This can happen when the servers which are networked to the e-passport reader become heavily bombarded with meaningless network traffic and/or malformed data packets. As a result, the servers either become crippled or totally non-functioning.

  • Man in the middle attacks

This happens when an attacker is in the direct line of communication between the microchip and the e-passport reader, in an attempt to hijack any easily accessible information and data.

  • No key revocation

One of the cardinal rules of a Public Key Infrastructure (PKI) network base is to keep both the public and private keys refreshed during random or differing intervals. However, in the case of an e-passport infrastructure, the refreshment occurs very infrequently. For example, this may not happen until every ten years or so. As a result, these keys can become “stale” and are easily guessed by the attacker.

(Chintung Lee/Shutterstock)

To help combat some of these cyber-based threats, two types of protocols were created specifically for the e-passport infrastructure. These are known as the “Chip Authentication Protocol” and the “Reader Authentication Protocol.” With the former, the line of wireless communications between the RFID antennae and the e-passport reader is automatically reset in between the identification of individuals. With the latter, only valid and authentic e-passports can be processed.

Overall, we have provided an overview of an e-passport infrastructure. It can also be referred to as the “biometric passport” as well, because the microchip of the e-passport can contain at least three or even more different types of biometric templates.

Although other types of security information can be contained about the individual (such as biographical data), it is the biometric templates which are the most widely used.

As it was also reviewed, the e-passport infrastructure is prone to different types of cyber-based attacks. This is primarily due to its many components and heavy reliance upon a networked configuration. In this regard, conducting different types of penetration testing will also be very important, especially when it comes to discovering any hidden or unforeseen security holes and vulnerabilities.

The areas which need to be thoroughly penetration tested are as follows:

  • The durability of the infrastructure

The systems which are involved in an e-passport infrastructure must be designed and made so that they last for a long time.

  • The security of the infrastructure

All relevant networking protocols which are involved in the transmission of information and data and in the identification of the individual, must be as hacker-proof as possible. They must be tested on an almost daily basis. This also includes testing the microchip design, the RFID protocol, and the logical directory structure.

  • The functionality and the processes of the infrastructure

The entire e-passport infrastructure must be designed and implemented so that in the face of a cyber-based attack, all of the associated processes and functionalities can revert to their backup systems in just a matter of minutes, to ensure 24 X 7 X 365 continuity. In this regard, any backup or recovery and disaster recovery plans must be thoroughly tested.

Join the conversation. Join our LinkedIn Group.

Keesing Technologies

Keesing Platform forms part of Keesing Technologies
The global market leader in banknote and ID document verification