New, "More Secure" US NextGen Passport
#571
Join Date: Nov 2012
Posts: 3,537
I renewed my US passport last month and got the old version, from the US Embassy in London. I was a bit disappointed but oh well.
One thing I hope is that the new one will be easier for phones to read - apps that verify ePassports struggle with US passports it's so weak you have to get the phone exactly right. This may be a more significant issue in the years to come as more and more of our lives become app-based.
One thing I hope is that the new one will be easier for phones to read - apps that verify ePassports struggle with US passports it's so weak you have to get the phone exactly right. This may be a more significant issue in the years to come as more and more of our lives become app-based.
#572
Join Date: Jul 2015
Location: Florida
Programs: Delta SkyMiles; Hilton HHonors; NEXUS; National Emerald Club Executive
Posts: 365
One thing I hope is that the new one will be easier for phones to read - apps that verify ePassports struggle with US passports it's so weak you have to get the phone exactly right. This may be a more significant issue in the years to come as more and more of our lives become app-based.
From what I have read about the new passport, it will have hard covers with stronger RFID shielding to prevent the passport from being read at a distance; you will need to open it. This is in addition to using the text in the MRZ as a key to decrypt the contents.
#573
Join Date: Nov 2012
Posts: 3,537
As far as I know, this is a feature, not a bug. You will find it easier to read the RFID chip if you hold the phone to the INSIDE of the rear cover — when I do that, I can read the chip in my US passport just as easily as the one in my Norwegian one. To be clear, just like you, I received the old-style US passport.
From what I have read about the new passport, it will have hard covers with stronger RFID shielding to prevent the passport from being read at a distance; you will need to open it. This is in addition to using the text in the MRZ as a key to decrypt the contents.
From what I have read about the new passport, it will have hard covers with stronger RFID shielding to prevent the passport from being read at a distance; you will need to open it. This is in addition to using the text in the MRZ as a key to decrypt the contents.
I was hoping they'd do away with that silliness in the new version.
#574
Join Date: Jul 2015
Location: Florida
Programs: Delta SkyMiles; Hilton HHonors; NEXUS; National Emerald Club Executive
Posts: 365
Encryption can be broken. Much of the decryption key in this case can be guessed at, and narrowing down the number of possible keys makes brute force decryption of the unknown parts easier.
Since the decryption key is based in your passport’s MRZ, it is known to include your name, your gender, your DOB, your nationality, the expiration date and a few other data elements. On ordinary US passports, the first five letters will be P<USA and the end of line two will include your locator number. All of these elements appear in a fixed order, unused positions contain < and the algorithm for computing check digits is public knowledge. This makes decryption, while still hard, not quite as impossible as we might assume — particularly given the advances that are likely to happen in computing power over the next few decades.
Good security always employs multiple layers.
Since the decryption key is based in your passport’s MRZ, it is known to include your name, your gender, your DOB, your nationality, the expiration date and a few other data elements. On ordinary US passports, the first five letters will be P<USA and the end of line two will include your locator number. All of these elements appear in a fixed order, unused positions contain < and the algorithm for computing check digits is public knowledge. This makes decryption, while still hard, not quite as impossible as we might assume — particularly given the advances that are likely to happen in computing power over the next few decades.
Good security always employs multiple layers.
#575
FlyerTalk Evangelist
Join Date: Jan 2008
Location: HEL
Programs: lots of shiny metal cards
Posts: 14,106
#576
Original Member
Join Date: May 1998
Location: NYC
Programs: AA 2MM, Bonvoy LTT, Hilton Diamond
Posts: 14,638
I think people are concern about that same information being extracted remotely. Then again if you are in the US, all that info plus SSN has already been stolen when Equifax was hacked a number of years ago.
#577
Join Date: Jul 2015
Location: Florida
Programs: Delta SkyMiles; Hilton HHonors; NEXUS; National Emerald Club Executive
Posts: 365
That is not to say that the biodata page itself does not already contain sensitive information -- it absolutely does. But at least when you present your passport to a hotel, you're physically handing it over. Most people would be uncomfortable with the concept that their passport could just be read at a distance by any random stranger they pass on the street. Physical RF shielding in the cover pages is one defense against this. Encrypting the data using the MRZ as a key is another. It may seem like overkill insofar as the MRZ alone contains much of the same data, and a better system could no doubt have been devised. But it's better than nothing.
That said, the Equifax breach was disastrous, and the fact that nothing was done about it is going to be a source of identity theft for years to come. There have been other terrible breaches as well, such as the OPM data breach that leaked highly sensitive information on literally every person who has undergone a federal government background check in modern times.
But we can't just throw our hands up and say the information has been compromised so many times that we might as well just make it all public. In the Equifax case, though, retiring social security numbers in favor of a more secure alternative would have been warranted.
#578
Suspended
Original Poster
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
GPO says everything is “on track” with the Next Generation passport program.
But you can look at the OIG report about some passport issues:
https://www.oversight.gov/sites/defa...Posting508.pdf
The online renewal is long delayed too. The “next generation” passport has had its delays due to some of the same dynamics, but GPO says the project is on track on its end.
But you can look at the OIG report about some passport issues:
https://www.oversight.gov/sites/defa...Posting508.pdf
The online renewal is long delayed too. The “next generation” passport has had its delays due to some of the same dynamics, but GPO says the project is on track on its end.
#580
Join Date: Jan 2011
Posts: 2,346
Wonder if, like the UK passports, they will have to use up old stock before issuing the new passports? So it could really be a toss of the coin as to if you get the new passport for a few months.
#582
Moderator: Travel Safety/Security, Travel Tools, California, Los Angeles; FlyerTalk Evangelist
Join Date: Dec 2009
Location: LAX
Programs: oneword Emerald
Posts: 20,639
There are several reports from the past week in the Current US passport wait? (Merged Threads) of members and family members being issued Next Generation Passports.
#583
Join Date: Jul 2011
Location: FRA
Posts: 229
#584
Suspended
Original Poster
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
The new US passports have alphanumeric passport numbers, meaning they include at least one letter -- for now, it's the initial part of the number. Let's see if/when/how the use of alphanumeric ends up being an issue.
#585
Original Member
Join Date: May 1998
Location: NYC
Programs: AA 2MM, Bonvoy LTT, Hilton Diamond
Posts: 14,638
Where do you see a concern? Other country passports have alphabetical characters. It’s part of ICAO standard.