Are Biometric Passports "Good" or "Bad?"
#16
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
IIRC the US requirement for post-fall 2006 passports (being used under the VWP) was for the biodata page info to be included on the RFID chip even as VWP countries weren't all on the same page in regard to what additional biodata they would agree to collect and include on the biodata page when issuing epassports from the fall of 2006. The chips and their "source" biodata page of some VWP countries don't all include and use the same biodata fields in the same way as all other chips and "source" biodata pages from other VWP countries -- speaking of passports the US accepts under the US VWP.
#17
Join Date: Jul 2007
Programs: QFF
Posts: 5,304
It also doesn't require anything be on the chip, or the chip to be working, just that the chip be present.
The "biometric" chip in Australian e-passports does not contain any "biometrics". The Australian passport office/Australia Post does not record any biometric information when processing passports. The chip only contains the data present on the data page and in the MRZ.
#18
Join Date: Nov 2012
Posts: 3,537
It's also not a law. Congress did not decide that. CBP did. It is a rule, and CBP can change it whenever they want. As they did with what info is needed on the ESTA last November.
It also doesn't require anything be on the chip, or the chip to be working, just that the chip be present.
The "biometric" chip in Australian e-passports does not contain any "biometrics". The Australian passport office/Australia Post does not record any biometric information when processing passports. The chip only contains the data present on the data page and in the MRZ.
It also doesn't require anything be on the chip, or the chip to be working, just that the chip be present.
The "biometric" chip in Australian e-passports does not contain any "biometrics". The Australian passport office/Australia Post does not record any biometric information when processing passports. The chip only contains the data present on the data page and in the MRZ.
My POINT, which has been completely missed as this is torn apart, is one would never be best served by opting for a non-biometric passport as it'll only cause them problems and may get some refusals or visa requirements in countries such as the US. There's literally no reason you'd want the non-biometric version. They're not charging less for it (I Googled it).
#19
FlyerTalk Evangelist
Original Poster
Join Date: Dec 2009
Location: HaMerkaz/Exit 145
Programs: UA, LY, BA, AA
Posts: 13,167
Also, while Schengen countries require fingerprints in biometric passports (which I'll not are stored under Extended Access Control and thus NOT accessible to other countries, thus, other countries will still store their own copies of your fingerprints), most other countries do NOT require fingerprints, so that shouldn't have stopped Israel... they could have not done that step.
Finally, what the heck is "biometric photography" of someone? I have three biometric passports (citizen of three countries) - they're all made from a normal, old fashioned, printed passport photo. Nothing special at all.
My POINT, which has been completely missed as this is torn apart, is one would never be best served by opting for a non-biometric passport as it'll only cause them problems and may get some refusals or visa requirements in countries such as the US. There's literally no reason you'd want the non-biometric version. They're not charging less for it (I Googled it).
#20
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
Not all Schengen passport holders give their fingerprint to get a passport from a Schengen country.
It's amusing to refer to epassports as biometric passports and then shift to using the biometric passport reference for non-epassports too.
Language matters, as lack of consistency in language use by any individual just sows the seeds of confusion.
It's amusing to refer to epassports as biometric passports and then shift to using the biometric passport reference for non-epassports too.
Language matters, as lack of consistency in language use by any individual just sows the seeds of confusion.
Last edited by GUWonder; Jan 6, 2015 at 6:06 am
#21
FlyerTalk Evangelist
Original Poster
Join Date: Dec 2009
Location: HaMerkaz/Exit 145
Programs: UA, LY, BA, AA
Posts: 13,167
And for countries that require something more, is it generally just index finger fingerprints? From everyone or just people who want something like expedited passport control?
#22
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
For general adult passports? I do know that all have an exemption for at least some adults. I need to ask the appropriate persons to get updated info on the overall circumstances applicable to the adult and to the child populations in these areas. Usually people focus on just what their own country does unless it's part of an multilateral agreement/understanding or investigatory/prosecution "need".
#23
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
Daesh/ISIS/ISIL has modern passport making equipment which it has seized/stolen/acquired in Syria; and it has real passport blanks too. Not exactly news to me, but finally some in the USG still have confirmed that too.
The extremist outfit also has the biographical and biometric data of prior passport applicants, leading to concerns about identity theft.
http://www.reuters.com/article/us-mi...MDgKTBEVB3r.97
Give governments "too much" information on "too many" people, and what to expect from that? A mess-up, of course, with little to no accountability -- while the exploited pay the price for the mess-ups. Is that biometric capture going to help those subjected to identity theft? Not generally. Is that going to make even validly-issued passports "more reliable" for travel? There should be some doubt about that.
The extremist outfit also has the biographical and biometric data of prior passport applicants, leading to concerns about identity theft.
http://www.reuters.com/article/us-mi...MDgKTBEVB3r.97
Give governments "too much" information on "too many" people, and what to expect from that? A mess-up, of course, with little to no accountability -- while the exploited pay the price for the mess-ups. Is that biometric capture going to help those subjected to identity theft? Not generally. Is that going to make even validly-issued passports "more reliable" for travel? There should be some doubt about that.
#24
Join Date: Aug 2012
Posts: 3,526
Daesh/ISIS/ISIL has modern passport making equipment which it has seized/stolen/acquired in Syria; and it has real passport blanks too. Not exactly news to me, but finally some in the USG still have confirmed that too.
The extremist outfit also has the biographical and biometric data of prior passport applicants, leading to concerns about identity theft.
http://www.reuters.com/article/us-mi...MDgKTBEVB3r.97
Give governments "too much" information on "too many" people, and what to expect from that? A mess-up, of course, with little to no accountability -- while the exploited pay the price for the mess-ups. Is that biometric capture going to help those subjected to identity theft? Not generally. Is that going to make even validly-issued passports "more reliable" for travel? There should be some doubt about that.
The extremist outfit also has the biographical and biometric data of prior passport applicants, leading to concerns about identity theft.
http://www.reuters.com/article/us-mi...MDgKTBEVB3r.97
Give governments "too much" information on "too many" people, and what to expect from that? A mess-up, of course, with little to no accountability -- while the exploited pay the price for the mess-ups. Is that biometric capture going to help those subjected to identity theft? Not generally. Is that going to make even validly-issued passports "more reliable" for travel? There should be some doubt about that.
#25
FlyerTalk Evangelist
Join Date: Mar 2008
Location: DFW
Posts: 28,082
And TSA thinks a cursory look at ID adds a wit to commercial airline security.
#26
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
More parties seem more interested in counterfeit money production than counterfeit passport production.
Not sure this situation would be what it is if the US had not pushed for so many other countries to jump onto more "secure" passports and passport-producing supply and logistics chains around the world of the sort the US wanted other countries to implement and got in place in much of the world.
Standardization and standardized, "approved" suppliers were meant to create additional confidence in the security of passports, but it also comes with risk vectors that wouldn't exist but for some sort of centralization, and short-listing of approved vendors. Oh the irony.
Last edited by GUWonder; Dec 12, 2015 at 9:07 am
#27
Join Date: Jul 2010
Location: Surrey, BC
Programs: A few, *G,
Posts: 124
While Americans may be the leaders in "rush to security after an incident", they are far from leaders of new technology security. Take credit cards for an easy example, the world has embraced chip and pin cards for what, a decade or better. It's just this year American business has finally adopted the system. How many Americans were denied usage of their dated swipe and sign cards travelling abroad during the last decade?
A biometric tie to the passport presenter is not a tin foil hat convention theme.
A biometric tie to the passport presenter is not a tin foil hat convention theme.
#28
Join Date: Jul 2007
Programs: QFF
Posts: 5,304
While Americans may be the leaders in "rush to security after an incident", they are far from leaders of new technology security. Take credit cards for an easy example, the world has embraced chip and pin cards for what, a decade or better. It's just this year American business has finally adopted the system. How many Americans were denied usage of their dated swipe and sign cards travelling abroad during the last decade?
A biometric tie to the passport presenter is not a tin foil hat convention theme.
A biometric tie to the passport presenter is not a tin foil hat convention theme.
It's not like the chip and pin system is any more "secure" then the old mag strip system.
#29
Suspended
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,095
While Americans may be the leaders in "rush to security after an incident", they are far from leaders of new technology security. Take credit cards for an easy example, the world has embraced chip and pin cards for what, a decade or better. It's just this year American business has finally adopted the system. How many Americans were denied usage of their dated swipe and sign cards travelling abroad during the last decade?
A biometric tie to the epassport users has provided some with a false sense of document security. And governmental storage or biographic and biometric data creates some real risks for passport applicants/users, no less so given how governments are anything but perfect in securing even sensitive government employee data.
#30
FlyerTalk Evangelist
Original Poster
Join Date: Dec 2009
Location: HaMerkaz/Exit 145
Programs: UA, LY, BA, AA
Posts: 13,167
It's not like the chip and pin system is any more "secure" then the old mag strip system. https://www.youtube.com/watch?v=Ks0SOn8hjG8
Even with Chip+PIN cards, they are subject to being used for fraudulent transactions. The full number of the bank card + three/four digit security codes on the back and/or front of the card can still be used for transactions over various channels. Also, the Chip+PIN cards can still be used without PIN entry even at brick and mortar stores, although some retailers may ask for ID verification. Not that retailers are all that competent in ID verification. And then there are PIN capturing methods which make increased PIN use a source of more easily draining bank accounts tied to some such chip+PIN cards.
Chip & PIN is significantly more secure than the mag stripe system. Not sure why you'd argue otherwise.
It's extremely easy to clone a mag strip card; exceedingly difficult (not going to say impossible, but it has yet to be done) to clone/skim a chip card. Add to that that mag stripe cards give over unencrypted data allowing man-in-the-middle attacks whereas data breaches with EMV cards are pointless as they'll only capture a one-time token.
As for asking for ID, that goes against Visa/MC policies, not to mention that if the card is cloned as opposed to stolen (which most fraud is), they'll print a card with a name to match the ID...