Zapping passports: RFID chip, data acquisition and should you address it?

The Chaos Computer Club (CCC or C3) has recently called itself in a post Today without biometrics: passport "well done" about the personal information, biometric images and the like stored on the RFID chip of passport and ID card. The article also dealt with making the chips in the identification documents unusable - for example with the hotplates of an induction cooker. Why, why, why and how you can read out or use the data in your passport and ID card yourself, I would like to briefly list here.

Passport, ID, RFID chip, zap, destroy

Preliminary remarks

This article is not intended to promote the alteration or defacement of any identification document, nor is this blog post intended to provide legal advice. This text is the result of research in official and / or publicly available sources. The operators of the linked pages are responsible for their content.

Reading out the data from passports and ID cards

The passport and the “new” identity card of the Federal Republic of Germany each have an RFID chip on which personal data, fingerprints, a biometric passport photo and the like are stored. Reading out this data is standard at authorities, at the border and so on to check the identity of the person presenting it. However, you can also read the data from your passport or ID yourself. There are devices for various official or other online services that you can connect to your computer via USB. Amazon offers a selection.

Such devices are useful if you want to use citizen services, insurance, finance, shopping and similar services online and with proof of identity. Information is also available at personalausweisportal.de or in the brochure “The new ID card”, which you can get free of charge from the nearest town hall, citizens 'office, residents' registration office, etc. If you don't want to use such services, but just want to read out the documents, you can also do this free of charge with corresponding apps for iPhone and Android devices that can establish an NFC connection (Near Field Communication).

NFC apps for reading out passports and ID cards

While researching, I noticed that there are fewer such apps for iOS, but a whole bunch for Android. This is mainly due to the fact that Apple does not easily release its NFC chips for developers and distribute APIs - actually only for the wallet, Apple Pay and the like. For the iPhone there is only the in the official store Passport Readerthat you can try.

Due to this shortage of supply, I did the test with an Android device yesterday. Here the app eCl0wn turned out to be particularly instructive. Although it has a silly look, it shows a lot of data - even the biometric photo. There are also many other NFC apps that you can test in the Google Play Store.

Why zap / destroy the RFID chip in the passport?

Now to the contribution from the CCC on the subject Chip zap in your passport. It criticizes the automated checking of data at limits, which is done by reading out the passport data and comparing it with a database. "On the other hand, only deactivating the chip in the passport helps.“, Says the author frank. I would like to say about this, although this makes the comparison more difficult for the individual, but it does not abolish the system itself. In addition, it should be noted that the willful alteration of an identification document can violate various paragraphs (from Section 273 of the Criminal Code leads over Section 303a of the Criminal Code towards property damage Section 303 of the Criminal Code, as the ID / passport after Section 4 PAuswG Property of the FRG).

Reading out in passing, movement profiles, etc.

Sure, privacy is a sacred good nowadays that some people destroy themselves via Facebook and Co., but others try to protect. With regard to the identity card, the passport and the RFID chips built into them, there are always keywords such as Motion profile, Monitoring, Spionage and Amounted to. And of course: as explained above with the apps, the documents can be read out easily. But it is even easier to protect yourself against it: either with special ones ID cardsto Passport cover or by removing the aluminum hat and wrapping the metal foil around the ID document instead of around the head.

Summary

I do not want to give a conclusion, because this is a big controversial topic, on which one can have an opinion, but does not have to have. The creation of an international database with personal data as well as the comparison at the borders (of the Schengen area and elsewhere) will not be abolished by zapping your own document. In case of doubt, you can only delay your trip because the passport is illegible and a manual comparison is necessary. Anyone who feels spied on in everyday life can use a special cover or aluminum foil to block them.

By the way, comments are welcome if they are factual and constructive;)

-
Do you like my blog? Then I would be happy to receive a short review on Google. Easy leave something here for a moment - that would be great, thank you!

 

Effectively for free: iPhone 13 Mini and iPhone 13 deals with top conditions at Otelo - Advertisement

7 comments

  1. Deactivator says:

    The thing is destroyed or the owner takes back his property, it's simple. And besides, I don't have to techn. Have knowledge. I always have the ID in my back pocket and always lean against the stove in the kitchen - oops, now the ID is safe!

  2. Mike says:

    There is no central database. The data in the chip is only compared with the data in the viewing zones. There is no storage.

    • Rudi says:

      Exactly the opposite is the case. Please read the laws or follow the reports on them. Before you present your wishful thinking here as a fact.

      • Sir Apfelot says:

        Hello Rudi! Which thing or which laws are you referring to? Without a reference, your comment is incomprehensible and worthless ... unfortunately.

    • Sven Lupo says:

      Believing does not mean knowing !!!

Leave a Comment

Your e-mail address will not be published. Required fields are marked with * .