GUWonder

IIRC the US requirement for post-fall 2006 passports (being used under the VWP) was for the biodata page info to be included on the RFID chip even as VWP countries weren't all on the same page in regard to what additional biodata they would agree to collect and include on the biodata page when issuing epassports from the fall of 2006. The chips and their "source" biodata page of some VWP countries don't all include and use the same biodata fields in the same way as all other chips and "source" biodata pages from other VWP countries -- speaking of passports the US accepts under the US VWP.

Himeno

It's also not a law. Congress did not decide that. CBP did. It is a rule, and CBP can change it whenever they want. As they did with what info is needed on the ESTA last November.
It also doesn't require anything be on the chip, or the chip to be working, just that the chip be present.

The "biometric" chip in Australian e-passports does not contain any "biometrics". The Australian passport office/Australia Post does not record any biometric information when processing passports. The chip only contains the data present on the data page and in the MRZ.

AllieKat

Umm, a photograph is a piece of biometric data. That's all most biometric passports have. And, okay, to be very technical, the law is that CBP is given the authority to enforce the policies they determine necessary to secure America's borders against potential threats. Thus, "under a rule authorised by law" would have been the correct wording.

My POINT, which has been completely missed as this is torn apart, is one would never be best served by opting for a non-biometric passport as it'll only cause them problems and may get some refusals or visa requirements in countries such as the US. There's literally no reason you'd want the non-biometric version. They're not charging less for it (I Googled it).

joshwex90

Even if this was the case, Israel isn't in the VWP, so it doesn't matter much.

All Schengen passport holders give their fingerprint? You sure?

Just means that the camera is able to capture the appropriate details and "transmit" them to the computer. The non-biometric passports in Israel have a photograph physically inserted under lamination - very nostalgically I might add

I thought it was the same in the USA - that nothing is stored on the chip, and it simply acts as a "key" to the State Department or Homeland Security Department's database.

Their fear is that the government can then abuse your information, or the system can get hacked and your info, which is quite personal, can be stolen.

GUWonder

Not all Schengen passport holders give their fingerprint to get a passport from a Schengen country.

It's amusing to refer to epassports as biometric passports and then shift to using the biometric passport reference for non-epassports too.

Language matters, as lack of consistency in language use by any individual just sows the seeds of confusion.

joshwex90

Do you know which countries do and don't require it?

And for countries that require something more, is it generally just index finger fingerprints? From everyone or just people who want something like expedited passport control?

GUWonder

For general adult passports? I do know that all have an exemption for at least some adults. I need to ask the appropriate persons to get updated info on the overall circumstances applicable to the adult and to the child populations in these areas. Usually people focus on just what their own country does unless it's part of an multilateral agreement/understanding or investigatory/prosecution "need".

GUWonder

Daesh/ISIS/ISIL has modern passport making equipment which it has seized/stolen/acquired in Syria; and it has real passport blanks too. Not exactly news to me, but finally some in the USG still have confirmed that too.

The extremist outfit also has the biographical and biometric data of prior passport applicants, leading to concerns about identity theft.

http://www.reuters.com/article/us-mi...MDgKTBEVB3r.97

Give governments "too much" information on "too many" people, and what to expect from that? A mess-up, of course, with little to no accountability -- while the exploited pay the price for the mess-ups. Is that biometric capture going to help those subjected to identity theft? Not generally. Is that going to make even validly-issued passports "more reliable" for travel? There should be some doubt about that.

petaluma1

Dollars to donuts that ISIS is not the only organization that has the capability to produce fake passports. Anyone who thinks otherwise has their head in the sand.

Boggie Dog

Not just passports. At least one other country is reported to have proper printing equipment and correct supplies to make U.S. currency. No telling what other documents and credentials are being made.

And TSA thinks a cursory look at ID adds a wit to commercial airline security.

GUWonder

Of course Daesh/ISIS/ISIL is not. Plenty of governments have organizations that own the same passport making equipment and used the same passport stock suppliers; and some of these governments have organizations that are not beyond using such means to create fraudulent passports even for government operations of a questionable nature.

More parties seem more interested in counterfeit money production than counterfeit passport production.

Not sure this situation would be what it is if the US had not pushed for so many other countries to jump onto more "secure" passports and passport-producing supply and logistics chains around the world of the sort the US wanted other countries to implement and got in place in much of the world.

Standardization and standardized, "approved" suppliers were meant to create additional confidence in the security of passports, but it also comes with risk vectors that wouldn't exist but for some sort of centralization, and short-listing of approved vendors. Oh the irony.

surreycrv

While Americans may be the leaders in "rush to security after an incident", they are far from leaders of new technology security. Take credit cards for an easy example, the world has embraced chip and pin cards for what, a decade or better. It's just this year American business has finally adopted the system. How many Americans were denied usage of their dated swipe and sign cards travelling abroad during the last decade?

A biometric tie to the passport presenter is not a tin foil hat convention theme.

Himeno

Australia only changed to Chip and Pin last year, and there are still cards without chips and POS systems are still able to use both. A few years ago while in Europe, before my cards were changed to Chip, I was unable to use a number of ticket machines because of the "older" card type and the machine had no way of using an alternate option. Had to pay more and use a sales desk because the machines where chip and pin only. No cash, and no backup in case a card didn't have a chip or the chip failed to read.

It's not like the chip and pin system is any more "secure" then the old mag strip system.

GUWonder

Even with Chip+PIN cards, they are subject to being used for fraudulent transactions. The full number of the bank card + three/four digit security codes on the back and/or front of the card can still be used for transactions over various channels. Also, the Chip+PIN cards can still be used without PIN entry even at brick and mortar stores, although some retailers may ask for ID verification. Not that retailers are all that competent in ID verification. And then there are PIN capturing methods which make increased PIN use a source of more easily draining bank accounts tied to some such chip+PIN cards.

A biometric tie to the epassport users has provided some with a false sense of document security. And governmental storage or biographic and biometric data creates some real risks for passport applicants/users, no less so given how governments are anything but perfect in securing even sensitive government employee data.

joshwex90

While these clearly belong in the credit card forums, this isn't quite accurate.

Chip & PIN is significantly more secure than the mag stripe system. Not sure why you'd argue otherwise.

It's extremely easy to clone a mag strip card; exceedingly difficult (not going to say impossible, but it has yet to be done) to clone/skim a chip card. Add to that that mag stripe cards give over unencrypted data allowing man-in-the-middle attacks whereas data breaches with EMV cards are pointless as they'll only capture a one-time token.

As for asking for ID, that goes against Visa/MC policies, not to mention that if the card is cloned as opposed to stolen (which most fraud is), they'll print a card with a name to match the ID...