Are Biometric Passports "Good" or "Bad?"

Reply

Old Jan 6, 15, 4:13 am
  #16
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 84,462
Originally Posted by AllieKat View Post
Sorry I wasn't clear but what I meant is US law requires any passport issued today to be a biometric passport to get into the U.S. under the VWP and has since 2006 as your quote shows.
IIRC the US requirement for post-fall 2006 passports (being used under the VWP) was for the biodata page info to be included on the RFID chip even as VWP countries weren't all on the same page in regard to what additional biodata they would agree to collect and include on the biodata page when issuing epassports from the fall of 2006. The chips and their "source" biodata page of some VWP countries don't all include and use the same biodata fields in the same way as all other chips and "source" biodata pages from other VWP countries -- speaking of passports the US accepts under the US VWP.
GUWonder is online now  
Reply With Quote
Old Jan 6, 15, 4:36 am
  #17
 
Join Date: Jul 2007
Programs: QFF
Posts: 5,198
Originally Posted by AllieKat View Post
Sorry I wasn't clear but what I meant is US law requires any passport issued today to be a biometric passport to get into the U.S. under the VWP and has since 2006 as your quote shows. I did say some old passports were grandfathered in.
It's also not a law. Congress did not decide that. CBP did. It is a rule, and CBP can change it whenever they want. As they did with what info is needed on the ESTA last November.
It also doesn't require anything be on the chip, or the chip to be working, just that the chip be present.

The "biometric" chip in Australian e-passports does not contain any "biometrics". The Australian passport office/Australia Post does not record any biometric information when processing passports. The chip only contains the data present on the data page and in the MRZ.
Himeno is offline  
Reply With Quote
Old Jan 6, 15, 5:06 am
  #18
 
Join Date: Nov 2012
Posts: 3,403
Originally Posted by Himeno View Post
It's also not a law. Congress did not decide that. CBP did. It is a rule, and CBP can change it whenever they want. As they did with what info is needed on the ESTA last November.
It also doesn't require anything be on the chip, or the chip to be working, just that the chip be present.

The "biometric" chip in Australian e-passports does not contain any "biometrics". The Australian passport office/Australia Post does not record any biometric information when processing passports. The chip only contains the data present on the data page and in the MRZ.
Umm, a photograph is a piece of biometric data. That's all most biometric passports have. And, okay, to be very technical, the law is that CBP is given the authority to enforce the policies they determine necessary to secure America's borders against potential threats. Thus, "under a rule authorised by law" would have been the correct wording.

My POINT, which has been completely missed as this is torn apart, is one would never be best served by opting for a non-biometric passport as it'll only cause them problems and may get some refusals or visa requirements in countries such as the US. There's literally no reason you'd want the non-biometric version. They're not charging less for it (I Googled it).
AllieKat is offline  
Reply With Quote
Old Jan 6, 15, 6:31 am
  #19
Thread Starter
FlyerTalk Evangelist
 
Join Date: Dec 2009
Location: HaMerkaz/Exit 145
Programs: UA, LY, BA, AA
Posts: 12,360
Originally Posted by AllieKat View Post
I know US law REQUIRES a biometric passport to get in under the Visa Waiver Program. Canada didn't have to comply, because their visa-free entry is under a different treaty or something.
Even if this was the case, Israel isn't in the VWP, so it doesn't matter much.

Also, while Schengen countries require fingerprints in biometric passports (which I'll not are stored under Extended Access Control and thus NOT accessible to other countries, thus, other countries will still store their own copies of your fingerprints), most other countries do NOT require fingerprints, so that shouldn't have stopped Israel... they could have not done that step.
All Schengen passport holders give their fingerprint? You sure?

Finally, what the heck is "biometric photography" of someone? I have three biometric passports (citizen of three countries) - they're all made from a normal, old fashioned, printed passport photo. Nothing special at all.
Just means that the camera is able to capture the appropriate details and "transmit" them to the computer. The non-biometric passports in Israel have a photograph physically inserted under lamination - very nostalgically I might add

Originally Posted by Himeno View Post
The "biometric" chip in Australian e-passports does not contain any "biometrics". The Australian passport office/Australia Post does not record any biometric information when processing passports. The chip only contains the data present on the data page and in the MRZ.
I thought it was the same in the USA - that nothing is stored on the chip, and it simply acts as a "key" to the State Department or Homeland Security Department's database.

Originally Posted by AllieKat View Post
My POINT, which has been completely missed as this is torn apart, is one would never be best served by opting for a non-biometric passport as it'll only cause them problems and may get some refusals or visa requirements in countries such as the US. There's literally no reason you'd want the non-biometric version. They're not charging less for it (I Googled it).
Their fear is that the government can then abuse your information, or the system can get hacked and your info, which is quite personal, can be stolen.
joshwex90 is offline  
Reply With Quote
Old Jan 6, 15, 7:00 am
  #20
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 84,462
Not all Schengen passport holders give their fingerprint to get a passport from a Schengen country.

It's amusing to refer to epassports as biometric passports and then shift to using the biometric passport reference for non-epassports too.

Language matters, as lack of consistency in language use by any individual just sows the seeds of confusion.

Last edited by GUWonder; Jan 6, 15 at 7:06 am
GUWonder is online now  
Reply With Quote
Old Jan 6, 15, 7:03 am
  #21
Thread Starter
FlyerTalk Evangelist
 
Join Date: Dec 2009
Location: HaMerkaz/Exit 145
Programs: UA, LY, BA, AA
Posts: 12,360
Originally Posted by GUWonder View Post
Not all Schengen passport holders give their fingerprint to get a passport from a Schengen country.
Do you know which countries do and don't require it?

And for countries that require something more, is it generally just index finger fingerprints? From everyone or just people who want something like expedited passport control?
joshwex90 is offline  
Reply With Quote
Old Jan 6, 15, 7:18 am
  #22
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 84,462
Originally Posted by joshwex90 View Post
Do you know which countries do and don't require it?

And for countries that require something more, is it generally just index finger fingerprints? From everyone or just people who want something like expedited passport control?
For general adult passports? I do know that all have an exemption for at least some adults. I need to ask the appropriate persons to get updated info on the overall circumstances applicable to the adult and to the child populations in these areas. Usually people focus on just what their own country does unless it's part of an multilateral agreement/understanding or investigatory/prosecution "need".
GUWonder is online now  
Reply With Quote
Old Dec 11, 15, 10:34 pm
  #23
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 84,462
Daesh/ISIS/ISIL has modern passport making equipment which it has seized/stolen/acquired in Syria; and it has real passport blanks too. Not exactly news to me, but finally some in the USG still have confirmed that too.

The extremist outfit also has the biographical and biometric data of prior passport applicants, leading to concerns about identity theft.

http://www.reuters.com/article/us-mi...MDgKTBEVB3r.97

Give governments "too much" information on "too many" people, and what to expect from that? A mess-up, of course, with little to no accountability -- while the exploited pay the price for the mess-ups. Is that biometric capture going to help those subjected to identity theft? Not generally. Is that going to make even validly-issued passports "more reliable" for travel? There should be some doubt about that.
GUWonder is online now  
Reply With Quote
Old Dec 12, 15, 8:24 am
  #24
 
Join Date: Aug 2012
Posts: 2,592
Originally Posted by GUWonder View Post
Daesh/ISIS/ISIL has modern passport making equipment which it has seized/stolen/acquired in Syria; and it has real passport blanks too. Not exactly news to me, but finally some in the USG still have confirmed that too.

The extremist outfit also has the biographical and biometric data of prior passport applicants, leading to concerns about identity theft.

http://www.reuters.com/article/us-mi...MDgKTBEVB3r.97

Give governments "too much" information on "too many" people, and what to expect from that? A mess-up, of course, with little to no accountability -- while the exploited pay the price for the mess-ups. Is that biometric capture going to help those subjected to identity theft? Not generally. Is that going to make even validly-issued passports "more reliable" for travel? There should be some doubt about that.
Dollars to donuts that ISIS is not the only organization that has the capability to produce fake passports. Anyone who thinks otherwise has their head in the sand.
petaluma1 is offline  
Reply With Quote
Old Dec 12, 15, 9:31 am
  #25
FlyerTalk Evangelist
 
Join Date: Mar 2008
Location: DFW
Posts: 12,926
Originally Posted by petaluma1 View Post
Dollars to donuts that ISIS is not the only organization that has the capability to produce fake passports. Anyone who thinks otherwise has their head in the sand.
Not just passports. At least one other country is reported to have proper printing equipment and correct supplies to make U.S. currency. No telling what other documents and credentials are being made.

And TSA thinks a cursory look at ID adds a wit to commercial airline security.
Boggie Dog is offline  
Reply With Quote
Old Dec 12, 15, 9:59 am
  #26
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 84,462
Originally Posted by petaluma1 View Post
Dollars to donuts that ISIS is not the only organization that has the capability to produce fake passports. Anyone who thinks otherwise has their head in the sand.
Of course Daesh/ISIS/ISIL is not. Plenty of governments have organizations that own the same passport making equipment and used the same passport stock suppliers; and some of these governments have organizations that are not beyond using such means to create fraudulent passports even for government operations of a questionable nature.

More parties seem more interested in counterfeit money production than counterfeit passport production.

Not sure this situation would be what it is if the US had not pushed for so many other countries to jump onto more "secure" passports and passport-producing supply and logistics chains around the world of the sort the US wanted other countries to implement and got in place in much of the world.

Standardization and standardized, "approved" suppliers were meant to create additional confidence in the security of passports, but it also comes with risk vectors that wouldn't exist but for some sort of centralization, and short-listing of approved vendors. Oh the irony.

Last edited by GUWonder; Dec 12, 15 at 10:07 am
GUWonder is online now  
Reply With Quote
Old Dec 12, 15, 12:45 pm
  #27
 
Join Date: Jul 2010
Posts: 117
While Americans may be the leaders in "rush to security after an incident", they are far from leaders of new technology security. Take credit cards for an easy example, the world has embraced chip and pin cards for what, a decade or better. It's just this year American business has finally adopted the system. How many Americans were denied usage of their dated swipe and sign cards travelling abroad during the last decade?

A biometric tie to the passport presenter is not a tin foil hat convention theme.
surreycrv is offline  
Reply With Quote
Old Dec 12, 15, 8:24 pm
  #28
 
Join Date: Jul 2007
Programs: QFF
Posts: 5,198
Originally Posted by surreycrv View Post
While Americans may be the leaders in "rush to security after an incident", they are far from leaders of new technology security. Take credit cards for an easy example, the world has embraced chip and pin cards for what, a decade or better. It's just this year American business has finally adopted the system. How many Americans were denied usage of their dated swipe and sign cards travelling abroad during the last decade?

A biometric tie to the passport presenter is not a tin foil hat convention theme.
Australia only changed to Chip and Pin last year, and there are still cards without chips and POS systems are still able to use both. A few years ago while in Europe, before my cards were changed to Chip, I was unable to use a number of ticket machines because of the "older" card type and the machine had no way of using an alternate option. Had to pay more and use a sales desk because the machines where chip and pin only. No cash, and no backup in case a card didn't have a chip or the chip failed to read.

It's not like the chip and pin system is any more "secure" then the old mag strip system.
Himeno is offline  
Reply With Quote
Old Dec 12, 15, 9:27 pm
  #29
A FlyerTalk Posting Legend
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 84,462
Originally Posted by surreycrv View Post
While Americans may be the leaders in "rush to security after an incident", they are far from leaders of new technology security. Take credit cards for an easy example, the world has embraced chip and pin cards for what, a decade or better. It's just this year American business has finally adopted the system. How many Americans were denied usage of their dated swipe and sign cards travelling abroad during the last decade?
Even with Chip+PIN cards, they are subject to being used for fraudulent transactions. The full number of the bank card + three/four digit security codes on the back and/or front of the card can still be used for transactions over various channels. Also, the Chip+PIN cards can still be used without PIN entry even at brick and mortar stores, although some retailers may ask for ID verification. Not that retailers are all that competent in ID verification. And then there are PIN capturing methods which make increased PIN use a source of more easily draining bank accounts tied to some such chip+PIN cards.

A biometric tie to the epassport users has provided some with a false sense of document security. And governmental storage or biographic and biometric data creates some real risks for passport applicants/users, no less so given how governments are anything but perfect in securing even sensitive government employee data.
GUWonder is online now  
Reply With Quote
Old Dec 13, 15, 1:34 am
  #30
Thread Starter
FlyerTalk Evangelist
 
Join Date: Dec 2009
Location: HaMerkaz/Exit 145
Programs: UA, LY, BA, AA
Posts: 12,360
Originally Posted by Himeno View Post
It's not like the chip and pin system is any more "secure" then the old mag strip system. https://www.youtube.com/watch?v=Ks0SOn8hjG8
Originally Posted by GUWonder View Post
Even with Chip+PIN cards, they are subject to being used for fraudulent transactions. The full number of the bank card + three/four digit security codes on the back and/or front of the card can still be used for transactions over various channels. Also, the Chip+PIN cards can still be used without PIN entry even at brick and mortar stores, although some retailers may ask for ID verification. Not that retailers are all that competent in ID verification. And then there are PIN capturing methods which make increased PIN use a source of more easily draining bank accounts tied to some such chip+PIN cards.
While these clearly belong in the credit card forums, this isn't quite accurate.

Chip & PIN is significantly more secure than the mag stripe system. Not sure why you'd argue otherwise.

It's extremely easy to clone a mag strip card; exceedingly difficult (not going to say impossible, but it has yet to be done) to clone/skim a chip card. Add to that that mag stripe cards give over unencrypted data allowing man-in-the-middle attacks whereas data breaches with EMV cards are pointless as they'll only capture a one-time token.

As for asking for ID, that goes against Visa/MC policies, not to mention that if the card is cloned as opposed to stolen (which most fraud is), they'll print a card with a name to match the ID...
joshwex90 is offline  
Reply With Quote
 


Thread Tools
Search this Thread
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Forum Jump


All times are GMT -6. The time now is 11:32 pm.

Home - News - Forum - Hotel Reviews - Glossary - Contact Us - Airport Code Lookup - Terms of Use - Privacy Policy - Cookie Policy - Advertise on FlyerTalk - Archive - Top

This site is owned, operated, and maintained by Flyertalk.com. Copyright 2017 FlyerTalk.com. All rights reserved. Designated trademarks are the property of their respective owners.