Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

5/26/2006
06:30 AM
50%
50%

RFID Could Aid Border Security

Technology's role in potential expansion of US-Visit roils privacy advocates

Possible expansion of the federal US-Visit program has renewed the privacy and civil rights debate that has dogged the RFID-based program since its inception.

For the past eight months, the Department of Homeland Security has been testing radio frequency identification (RFID) technology to keep track of who enters and exits the country. But now that officials are suggesting a widespread rollout of the technology, a DHS subcommittee is worried that the privacy concerns outweigh the technology's benefits.

DHS uses RFID tags as part of its high profile and controversial US-Visit (visitor and immigrant status indicator technology) initiative. The border security program also uses biometric fingerprinting and digital photography to keep track of visitors, generally in cases where a visa is required. If you're between 14 and 79, the U.S. government will keep your fingerprints and photo in a database for up to 75 years.

In five border ports, the government is testing the use of RFID tags in I94 forms, which keep track of a traveler's U.S. arrival and departure. The idea is that a tag reader can handle all this automatically, without a visitor having to slow down. So far the tags are in trials in two locations in Nogales, Ariz., as well as Alexandria Bay, N.Y., and at the Pacific Highway and Peace Arch ports in Washington state.

"The reason for putting the tag in the I94 form is to keep them from looking for people who already left," says Tim Heffernan, director of government relations and public affairs at Symbol Technologies Inc., which makes the RFID tags for the forms. Heffernan said that there are plans to take the program beyond the five test sites, noting that the DHS has issued an RFI (request for information) regarding 50 additional border ports. But he deferred to US-VISIT for details; a press representative for US-Visit did not return calls.

Raising flags among privacy groups is the fact that US-Visit is considering a widespread deployment of RFID technology as part of the Intelligence Reform Terrorism Prevention Act. That law states that by June 1, 2009, all Canadian or U.S. citizens must present either a passport or other document when crossing land borders. The initial deadline was January 2008, but last week the Senate approved an extension.

"We are looking to the State Department to develop an alternative travel document, one [for which] we're emphasizing the need for using radio frequency identification technology," said Jim Williams, director of US-Visit, in a March meeting of the DHS's Data Privacy and Integrity Advisory Committee. He said this would serve two purposes: It would speed up the inspection process by reading a tag 30 feet from the officer's booth; and it would record the data of all entrants into a database.

The DHS's Data Privacy and Integrity Advisory Committee will hold a hearing June 7 in San Francisco to discuss the use of RFID in U.S. border control. Central to that discussion will be a draft report from the DHS's Emerging Applications and Technology Subcommittee, entitled, "The Use of RFID for Human Identification." The report argues that RFID is suited to tag things and not people, that while it is inexpensive it is not necessarily efficient, and that it's discomfiting.

"Without formidable safeguards, the use of RFID in identification cards and tokens will tend to enable the tracking of individuals' movements, profiling of their activities, and subsequent, non-security-related use of identification and derived information," the report reads.

"A well-designed smart card can do away with privacy concerns, but it seems like the DHS is tending toward the kind of RFID tags that are appropriate for cattle and palates of dog food," says report co-author Jim Harper, director of information policy studies at the Cato Institute, a liberitarian-ish think tank.

RFID proponents say the privacy fears are blown out of proportion.

"There are a lot of concerns that this will lead to the government instituting a national RFID identification program, which would lead to them being able to read your underwear from space," says Bert Moore, director of communications for the Association for Automatic Identification and Mobility, an industry trade group. Moore says it would cost tens of billions of dollars to monitor all Americans with RFID tags and readers. "For that kind of money they could hire someone to follow you around. You're not that special."

Next Page

Symbol's Heffernan points out that the RFID tags currently in use are passive tags, meaning they don't have an internal power source. Instead, they get their transmission power from an RFID reader. As such, they can't be scanned at distances of more than ten feet.

"It's not a tracking technology, it's an authentication technology," Heffernan says. "If you want to track someone, there are better ways to do it -- with GPS (global positioning system technology) or even just a cell phone."

But beyond the basic privacy concerns, Cato's Harper argues that the RFID plan as it stands so far has logical security loopholes.

"The I94 tag is really good for tracking the location of I94 forms," he says. "But you could take it to the nearest truck stop, tape it to a truck, and fool the immigration customs."

In that regard, a more foolproof and controversial RFID solution is VeriChip Corp.'s implantable microchip, which embeds a 16-digit identifier into a person's arm. Most clients so far use the tag in case of medical emergencies, to help doctors get quick access to a patient's records. "Wander prevention" among patients with dementia is one of the applications VeriChip lists on its site, as is the prevention of baby switching.

But a video surveillance company called Citywatcher.com has implanted some chips into employees who require secure access into certain parts of the company, according to VeriChip spokesman John Proctor.

One VeriChip implantee, though, says it's a mistake to use the chip for matters of secure access.

John Halamka, CIO of Harvard Medical School, was implanted with a VeriChip in December 2004 in order to encourage its use in patient identification. "The VeriChip should serve exclusively for identification, and not authentication or access control," he writes.

The reason? VeriChips are vulnerable to cloning attacks, in which a hacker can spoof a reader into accepting a cloned signal, rather than a VeriChip signal, although the hacker must be standing close to the reader. Halamka and three co-authors detail the security risk in a report called "The Security Implications of VeriChip Cloning," which they have submitted to the Journal of the Amercian Medical Informatics Association.

VeriChip's Proctor acknowledges that the chip runs on an unencrypted ISO frequency and should be used in concert with a suite of other security measures.

On the other hand, Halamka's report warns about the implications of cloning also argues that it might not be such a bad thing.

"For bearer safety, a VeriChip should be easy to clone; an attacker then has less incentive to coerce victims or extract VeriChips from victims' bodies," the report says.

— Carmen Nobel, Senior Editor, Light Reading. Special to Dark Reading

Organizations mentioned in this story:

  • Association for Automatic Identification and Mobility
  • Cato Institute
  • DHS/US-VISIT
  • Symbol Technologies Inc. (NYSE: SBL)
  • VeriChip Corp.
     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/9/2020
    4 Security Tips as the July 15 Tax-Day Extension Draws Near
    Shane Buckley, President & Chief Operating Officer, Gigamon,  7/10/2020
    Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
    Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-15105
    PUBLISHED: 2020-07-10
    Django Two-Factor Authentication before 1.12, stores the user's password in clear text in the user session (base64-encoded). The password is stored in the session when the user submits their username and password, and is removed once they complete authentication by entering a two-factor authenticati...
    CVE-2020-11061
    PUBLISHED: 2020-07-10
    In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initialization of a verify job. Disabling verify jobs mitigates the problem. This issue is also patched in...
    CVE-2020-4042
    PUBLISHED: 2020-07-10
    Bareos before version 19.2.8 and earlier allows a malicious client to communicate with the director without knowledge of the shared secret if the director allows client initiated connection and connects to the client itself. The malicious client can replay the Bareos director's cram-md5 challenge to...
    CVE-2020-11081
    PUBLISHED: 2020-07-10
    osquery before version 4.4.0 enables a priviledge escalation vulnerability. If a Window system is configured with a PATH that contains a user-writable directory then a local user may write a zlib1.dll DLL, which osquery will attempt to load. Since osquery runs with elevated privileges this enables l...
    CVE-2020-6114
    PUBLISHED: 2020-07-10
    An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceHRM v26.6.0.OS (Commit bb274de1751ffb9d09482fd2538f9950a94c510a) . A specially crafted HTTP request can cause SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerabi...