Recent biometric passports are equipped with electronic protections to avoid attacks. These protections are :
* Basic Access Control (BAC): the chip has to be unlocked using the Machine Readable Zone printed into the passport (prevents skimming). This protection also brings a medium level of encryption to the communication channel between the chip and the reader. * Random identification number (along with BAC): the passport number provided by the chip is random until the BAC is unlocked. * Active Authentication: the chip contains a private key that cannot be read or copied, but its existence can easily be proven (prevents cloning). * Extended Access Control (EAC): the chip reader must authenticate using a strong encryption certificate to access sensitive biometric information (fingerprints, iris...). This protection also brings strong encryption to the communication channel. This protection level is the most secure, but is still rare today.
no subject
* Basic Access Control (BAC): the chip has to be unlocked using the Machine Readable Zone printed into the passport (prevents skimming). This protection also brings a medium level of encryption to the communication channel between the chip and the reader.
* Random identification number (along with BAC): the passport number provided by the chip is random until the BAC is unlocked.
* Active Authentication: the chip contains a private key that cannot be read or copied, but its existence can easily be proven (prevents cloning).
* Extended Access Control (EAC): the chip reader must authenticate using a strong encryption certificate to access sensitive biometric information (fingerprints, iris...). This protection also brings strong encryption to the communication channel. This protection level is the most secure, but is still rare today.