Important: Processing times recently changed for both routine and expedited passport applications.

How Secure Is My Electronic Passport?

The new electronic passport with RFID technology

If you obtained a passport in the last few years, then you are a bearer of an electronic passport or e-passport. It features an embedded microchip technology that is used to verify your identity. The chip contains your unique biometrics, the data from your passport data page, the microchip identification number, and a digital signature that verifies the authenticity of the chip's data. It is designed to be read by special e-passport chip readers.

The whole point of the electronic passport is increased security. The United States mandates that all countries participating in the U.S. Visa Waiver Program must issue passports with biometrics for use with facial recognition technologies. Anyone entering the United States under the Visa Waiver Program must present an e-passport in compliance with enhanced U.S. border security efforts.

Therefore, the U.S. State Department has been issuing U.S. electronic passports to its citizens since 2007 in an effort to reciprocate and comply with international secure travel standards. In fact, the e-passport has quickly become the world standard for secure travel documents. For U.S. e-passports, the embedded microchip is on the back cover of the passport book.

Some travelers are concerned with security and privacy issues of e-passports; they fear that the technology is vulnerable to unauthorized use. Eavesdropping on communications between the chip and reader, skimming sensitive personal data, tracking the passport holder's movements, and cloning the chip from the e-passport are the biggest concerns. The U.S. State Department assures travelers that measures have been taken in both e-passport design and use to deter these criminal activities.

The U.S. State Department reduces the risk of skimming and eavesdropping with the use of Basic Access Control (BAC) that denies access to the chip's contents unless the reader proves it has authorized access. The chip also has a randomized Unique Identifier (UID) to help prevent the passport holder from being tracked. Since cloning means the chip is removed from the passport and replaced with a different one, the recourse is matching the chip data with the passport data page. U.S. e-passports also use Public Key Infrastructure (PKI) technology to keep the data on the chip from being unlawfully altered.

There are some things you can do to enhance the security measures for your own e-passport. The first thing an e-passport holder should do is purchase an RFID blocking case or wallet for the passport. They are specifically designed to secure RFID-enabled passport cards and passport books to protect them from data skimming and hacking. As long as the e-passport is inside the case, it cannot be read remotely.

Always keep your passport on your person, do not put it in stowed baggage or in overhead transit compartments. Keep it locked in your hotel's safe and only carry a color photocopy with you while you are out and about, and never exchange your passport as security for renting cars, recreational vehicles, or other expensive items.

This website is reader-supported. When you buy through links on our site, we may earn an affiliate commission at no additional cost to you.