Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

US Government in Epic Border Security Fail

The US government has been left red-faced after it emerged that its Customs and Border Protection (CBP) has failed for over a decade to verify passports are authentic because it has not been able to properly read their built-in smart chip.

Democratic Party senators Ron Wyden and Claire McCaskill sent a letter this week to the acting commissioner of the CBP, demanding that the anti-forgery and anti-tampering features of the e-passports are utilized.

The ‘smart’ passports, implemented in the US back in 2007, contain a chip on which is stored the holder’s information and cryptographic information to verify its authenticity, making it virtually impossible to forge.

Countries that want to retain visa waiver status must also support e-passports for their citizens.

However, the senators claimed that: “Despite these efforts, CBP lacks the technical capabilities to verify e-Passport chips.”

“CBP has been aware of this security lapse since at least 2010, when the Government Accountability Office (GAO) released a report highlighting the gap in technology,” the letter continued.

“Eight years after that publication, CBP still does not possess the technological capability to authenticate the machine-readable data in e-Passports.”

The senators argued that “it is past time” for the features to be utilized, and urged the agency to work with experts to calculate the costs before developing and implementing a plan to validate the digital signatures in smart passports.

The security fail comes amid a renewed attempt by the Trump administration to act tough on border control, with a controversial “extreme vetting” policy which requires those from certain countries to reveal detailed social media histories and other information or risk being turned away.

What’s Hot on Infosecurity Magazine?