Plan to use RFID in border control draws fire

A U.S. government plan to use long-range RFID technology as part of a border-crossing security initiative is coming under intensified fire by an industry group.

Beginning Jan. 31, 2008, a valid driver’s license won’t be enough for travelers to pass between the United States and Canada, Mexico, the Caribbean and Bermuda, under new Department of Homeland Security (DHS) rules. A standard government passport will be required, or a birth certificate with driver’s license. But as an alternative, DHS is moving forward with a pilot program that has states adding long-range RFID technology to driver’s licenses.

The idea is to have U.S. border guards with RFID readers quickly read a traveler’s RFID-enhanced driver’s license remotely and make a face check and watch for any posted security red flags pulled up by a database.

But the RFID technology is coming under fire from some, including the industry group Smart Card Alliance, which says long-range RFID is a bad idea in terms of security and operational efficiency.

“Long-range RFID is meant for tracking packages in a warehouse,” says Randy Vanderhoof, executive director of the Smart Card Alliance, which has been tracking the laws and technology proposals for what DHS and Congress call the Western Hemisphere Travel Initiative (WHTI), part of the many security revisions hammered out in the wake of the Sept. 11 terrorist attacks six years ago.

“So far, there is no security method in place to prevent anyone from re-programming their cards,” says Vanderhoof of long-range RFID in enhanced driver’s licenses. “There’s no encryption or security. It’s designed to be used by anyone with access to an RFID reader at a distance of 20 feet. Anyone could track these RFID cards and get the number of the card.”

In addition, the industry points out that since the U.S. government has adopted smart-card chip technology for new passports, the enhanced driver’s license based on RFID would fail to leverage the infrastructure now being put in place by DHS and the State Department to support the new ePassport.

The Smart Card Alliance has voiced its opposition to the DHS plan before, but now that three states -- Arizona, Vermont and Washington -- have agreed to work with DHS on pilot projects for “enhanced driver’s licenses,” as they’re called, the alliance is stepping up its opposition.

Many details of the program are yet to be revealed, with DHS indicating it will release more information under the framework of the “REAL ID” requirements later this year, with “full WHTI implementation” anticipated in the summer of next year.

DHS Secretary Michael Chertoff has voiced appreciation that states are lending their support on enhanced driver’s licenses. DHS expects Arizona to partner in the development of a “technologically enhanced driver’s license” that will be issued to residents that voluntarily apply and qualify for one.

This enhanced Arizona driver’s license is expected to be accepted at U.S. land and sea ports to satisfy WHTI requirements. The enhanced driver’s license is also expected to play a role in the “work-eligibility process,” DHS noted.