In an attempt to streamline the passport issuing process, the government plans to implement a new biometric passport project led by the International Organization for Migration. The project is (unsurprisingly) supported by the Australian government, which is contributing Rs.500 million in an attempt to curb illegal immigration. The treasury in Colombo will be contributing another Rs.50 million to the project.
For those of you who are wondering, a biometric passport is a typical passport that has an RFID chip built in, storing your biometric data digitally. Since the data stored on the chip is authenticated using Public Key Infrastructure (PKI), it’s difficult and expensive to forge passports when every part of the system is properly implemented.
Biometric passports are nothing new. In fact, Malaysia first issued them back in 1998! Since then many countries have adopted it. The big question is: how effective are they?
They do indeed make forging passports tougher, but it’s still not impossible due to the flaws. First off, any data stored digitally can be hacked and stolen or modified. Back in 2008, a group of hackers modified the data stored on the RFID chip to contain details of Elvis Presley. As the video here shows, the scanner didn’t detect any errors and the King of Rock n Roll came back to life. Just head over to the Wikipedia page on biometric passports and you see a summary of other attacks carried out on biometric passports.
Secondly, there’s the biometrics themselves. Biometric security has always been perceived as a fool proof method of security. However in practice, it’s far from fool proof. Whether it’s iris scanning or finger prints, these systems can be fooled and hacked into. The fingerprint scanners on smartphones such as the Galaxy S5 are proof of this.
Then there’s the human factor. Airport security today still involves a lot of humans in the system. A human could solve these issues by telling whether the person holding the passport is actually Elvis Presley or just an impostor from Las Vegas, so technically it IS a safer system because it simply makes it more complicated to forge a passport. However, a lot depends on the human actually enforcing the checking procedures in place.
Back in March, two passengers of the ill-fated Malaysian Airlines flight MH370 boarded it with fake passports. One of these passengers had an Austrian passport – a biometric passport at that.
He boarded the ill-fated airline without any issue. Why? The Malaysian airport personnel didn’t check the passport against an international database of stolen passports after running it through the scanner. Had they carried out this checking procedure, it’s likely that the passenger wouldn’t have been allowed on the plane. The same could happen in Sri Lanka unless the security personnel at the airports and ports remain vigilant and properly enforce checking procedures in place.
So does this mean we’re throwing Rs.550 million down the drain? Not really. As we mentioned earlier biometric passports make forging passports much tougher with the implementation of the RFID chip and data it contains. This will help combat illegal immigration as long as our airport and port security staff remains vigilant and also the possibility of identity theft. However as malware and the attacks on the RFID chips have shown, criminals are likely to find ways to overcome this system – all they need is time.