‘Security flaw’ in passports exposed
Reporter: Richard Hooton
Date published: 08 August 2008
THE 3,000 passports stolen from a van in Chadderton could be forged and used by terrorists, experts claim.
The Home Office has insisted that microchips in the blank biometric passports, worth £15 million on the black market, are designed to be foolproof, making the documents worthless.
But a computer researcher working for a national newspaper was able to clone and manipulate microchipped passports in minutes — and have them recognised as genuine by the passport reader software used at airports.
Jeroen van Beek, from the University of Amsterdam, exposed the security flaw in tests that undermined claims that faked passports would be easily spotted at border checkpoints.
Using his own software, a publicly available programming code, a £40 card reader and two £10 RFID chips, he cloned the chips on two passports and implanted digital images of Osama bin Laden and a suicide bomber.
Criminals could use the process to create a passport in the name of a real person with a chip containing their biometrics — such as facial image and fingerprints — and travel the world as that individual. The stolen passports, or even fake passports, could be used with the cloned chips.
Mr van Beek said: “We’re not claiming that terrorists are able to do this to all passports today or that they will be able to do it tomorrow. But it does raise concerns over security that need to be addressed.”
The passports, printed at 3M Security Printing and Systems Ltd in Gorse Street, Chadderton, and en route to RAF Northolt in London for British embassies abroad, were stolen from a van on Monday last week when the driver called into a local shop. Two men attacked his passenger and took 24 boxes containing the documents.
A 48-year-old man was arrested and has been bailed until November 5, pending further inquiries.
Oldham East and Saddleworth MP Phil Woolas has already raised concerns that the passports could be used in countries where there are no biometric tests.
There are also fears that forgers could print them off as proof of identity for banks or sell them to asylum-seekers passing themselves off as UK citizens.
The Home Office insists it has yet to see evidence of someone being able to manipulate data in an e-passport.
A spokesman said: “We take security and privacy very seriously, which is why the British biometric passport meets international standards and we remain confident that it is one of the most secure passports available.”
