Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

5/26/2006
06:30 AM
50%
50%

RFID Could Aid Border Security

Technology's role in potential expansion of US-Visit roils privacy advocates

Possible expansion of the federal US-Visit program has renewed the privacy and civil rights debate that has dogged the RFID-based program since its inception.

For the past eight months, the Department of Homeland Security has been testing radio frequency identification (RFID) technology to keep track of who enters and exits the country. But now that officials are suggesting a widespread rollout of the technology, a DHS subcommittee is worried that the privacy concerns outweigh the technology's benefits.

DHS uses RFID tags as part of its high profile and controversial US-Visit (visitor and immigrant status indicator technology) initiative. The border security program also uses biometric fingerprinting and digital photography to keep track of visitors, generally in cases where a visa is required. If you're between 14 and 79, the U.S. government will keep your fingerprints and photo in a database for up to 75 years.

In five border ports, the government is testing the use of RFID tags in I94 forms, which keep track of a traveler's U.S. arrival and departure. The idea is that a tag reader can handle all this automatically, without a visitor having to slow down. So far the tags are in trials in two locations in Nogales, Ariz., as well as Alexandria Bay, N.Y., and at the Pacific Highway and Peace Arch ports in Washington state.

"The reason for putting the tag in the I94 form is to keep them from looking for people who already left," says Tim Heffernan, director of government relations and public affairs at Symbol Technologies Inc., which makes the RFID tags for the forms. Heffernan said that there are plans to take the program beyond the five test sites, noting that the DHS has issued an RFI (request for information) regarding 50 additional border ports. But he deferred to US-VISIT for details; a press representative for US-Visit did not return calls.

Raising flags among privacy groups is the fact that US-Visit is considering a widespread deployment of RFID technology as part of the Intelligence Reform Terrorism Prevention Act. That law states that by June 1, 2009, all Canadian or U.S. citizens must present either a passport or other document when crossing land borders. The initial deadline was January 2008, but last week the Senate approved an extension.

"We are looking to the State Department to develop an alternative travel document, one [for which] we're emphasizing the need for using radio frequency identification technology," said Jim Williams, director of US-Visit, in a March meeting of the DHS's Data Privacy and Integrity Advisory Committee. He said this would serve two purposes: It would speed up the inspection process by reading a tag 30 feet from the officer's booth; and it would record the data of all entrants into a database.

The DHS's Data Privacy and Integrity Advisory Committee will hold a hearing June 7 in San Francisco to discuss the use of RFID in U.S. border control. Central to that discussion will be a draft report from the DHS's Emerging Applications and Technology Subcommittee, entitled, "The Use of RFID for Human Identification." The report argues that RFID is suited to tag things and not people, that while it is inexpensive it is not necessarily efficient, and that it's discomfiting.

"Without formidable safeguards, the use of RFID in identification cards and tokens will tend to enable the tracking of individuals' movements, profiling of their activities, and subsequent, non-security-related use of identification and derived information," the report reads.

"A well-designed smart card can do away with privacy concerns, but it seems like the DHS is tending toward the kind of RFID tags that are appropriate for cattle and palates of dog food," says report co-author Jim Harper, director of information policy studies at the Cato Institute, a liberitarian-ish think tank.

RFID proponents say the privacy fears are blown out of proportion.

"There are a lot of concerns that this will lead to the government instituting a national RFID identification program, which would lead to them being able to read your underwear from space," says Bert Moore, director of communications for the Association for Automatic Identification and Mobility, an industry trade group. Moore says it would cost tens of billions of dollars to monitor all Americans with RFID tags and readers. "For that kind of money they could hire someone to follow you around. You're not that special."

Next Page

Symbol's Heffernan points out that the RFID tags currently in use are passive tags, meaning they don't have an internal power source. Instead, they get their transmission power from an RFID reader. As such, they can't be scanned at distances of more than ten feet.

"It's not a tracking technology, it's an authentication technology," Heffernan says. "If you want to track someone, there are better ways to do it -- with GPS (global positioning system technology) or even just a cell phone."

But beyond the basic privacy concerns, Cato's Harper argues that the RFID plan as it stands so far has logical security loopholes.

"The I94 tag is really good for tracking the location of I94 forms," he says. "But you could take it to the nearest truck stop, tape it to a truck, and fool the immigration customs."

In that regard, a more foolproof and controversial RFID solution is VeriChip Corp.'s implantable microchip, which embeds a 16-digit identifier into a person's arm. Most clients so far use the tag in case of medical emergencies, to help doctors get quick access to a patient's records. "Wander prevention" among patients with dementia is one of the applications VeriChip lists on its site, as is the prevention of baby switching.

But a video surveillance company called Citywatcher.com has implanted some chips into employees who require secure access into certain parts of the company, according to VeriChip spokesman John Proctor.

One VeriChip implantee, though, says it's a mistake to use the chip for matters of secure access.

John Halamka, CIO of Harvard Medical School, was implanted with a VeriChip in December 2004 in order to encourage its use in patient identification. "The VeriChip should serve exclusively for identification, and not authentication or access control," he writes.

The reason? VeriChips are vulnerable to cloning attacks, in which a hacker can spoof a reader into accepting a cloned signal, rather than a VeriChip signal, although the hacker must be standing close to the reader. Halamka and three co-authors detail the security risk in a report called "The Security Implications of VeriChip Cloning," which they have submitted to the Journal of the Amercian Medical Informatics Association.

VeriChip's Proctor acknowledges that the chip runs on an unencrypted ISO frequency and should be used in concert with a suite of other security measures.

On the other hand, Halamka's report warns about the implications of cloning also argues that it might not be such a bad thing.

"For bearer safety, a VeriChip should be easy to clone; an attacker then has less incentive to coerce victims or extract VeriChips from victims' bodies," the report says.

— Carmen Nobel, Senior Editor, Light Reading. Special to Dark Reading

Organizations mentioned in this story:

  • Association for Automatic Identification and Mobility
  • Cato Institute
  • DHS/US-VISIT
  • Symbol Technologies Inc. (NYSE: SBL)
  • VeriChip Corp.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned
    Nicole Sette, Director in the Cyber Risk practice of Kroll, a division of Duff & Phelps,  11/19/2019
    DevSecOps: The Answer to the Cloud Security Skills Gap
    Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
    Attackers' Costs Increasing as Businesses Focus on Security
    Robert Lemos, Contributing Writer,  11/15/2019
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Current Issue
    Navigating the Deluge of Security Data
    In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
    Flash Poll
    Rethinking Enterprise Data Defense
    Rethinking Enterprise Data Defense
    Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2012-2079
    PUBLISHED: 2019-11-22
    A cross-site request forgery (CSRF) vulnerability in the Activity module 6.x-1.x for Drupal.
    CVE-2019-11325
    PUBLISHED: 2019-11-21
    An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3.8. The VarExport component incorrectly escapes strings, allowing some specially crafted ones to escalate to execution of arbitrary PHP code. This is related to symfony/var-exporter.
    CVE-2019-18887
    PUBLISHED: 2019-11-21
    An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. The UriSigner was subject to timing attacks. This is related to symfony/http-kernel.
    CVE-2019-18888
    PUBLISHED: 2019-11-21
    An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. If an application passes unvalidated user input as the file for which MIME type validation should occur, then arbitrary arguments are passed to the underlying file command. T...
    CVE-2019-18889
    PUBLISHED: 2019-11-21
    An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through 4.2.11, and 4.3.0 through 4.3.7. Serializing certain cache adapter interfaces could result in remote code injection. This is related to symfony/cache.