Sign in / up

back to article Germany rolls out ePassport II - it's fingerprinting good!

Germany is switching over to the second generation of ePassport passports, with the addition of fingerprint biometrics. Fingerprints become mandatory in June 2009*, and according to NXP, which supplies the chips for the passports, it will be the first country in the world "to introduce second-generation ePassports with enhanced …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Anonymous Coward
    Stop

    And don't forget

    Even if the path between the passport and the reader is completely secure, when your data reaches their system, it will be stored on their database. That means your photo (pristine quality), your fingerprints, your name, nationality, D.O.B., place of birth, and everything else on that passport.

    Once you are in there, you will never get out of there. They will then make this information available to whomever wants it, without your consent or knowledge, and of course, if their database is compromised by whatever means, the data will leak out en masse.

    When you go to any place on holiday, even the smallest country, your data will be captured. You might trust the German government to keep your data 'private' but would you trust, say, a 'third world' government to keep your data private? Some of the biggest 'third world countries' have just rolled out their own 'secure' passports and have the reader infrastructure coming next. When you go to these places, your passport data will be captured, and in these countries where corruption is endemic, you can bet that your data will be harvested and sold to the highest bidder on a regular basis.

    All of this is not about the 'security' of the passport; this is about setting up a world wide system of control where the authorities can see who is going where in real-time. The amazing thing is, this aim can be achieved without invasive biometrics and RFID; it can be done with the machine readable strips that already exist on the passport.

    It is nothing more than a pretext to fleece the sheeple, the money going to venal vendors.

    0 0
  2. Cameron Colley
    Black Helicopters

    Ah, so now we know...

    So it's NXP who are paying backhanders to the government is it?

    0 0
  3. Anonymous Coward
    Pirate

    This fingerprint reader is covered in snot!

    "Germany has already taken delivery of 18,000 fingerprint readers"

    AP: Germany Jan 1st 2010. The deadly outbreak of MSRA continues to spread throughout Germany. The recommended use of gloves to restrict exposure to the bug has been made useless by the need of most German citizens to use fingerprint machines. Emergency deliveries of Detol to all government buildings has been slowed by a shortage of delivery drivers.

    0 0
  4. Anonymous Coward
    Black Helicopters

    The scariest thing

    "achieves a security level which experts consider tamper-proof also in the future."

    The scariest thing is that the 'authorities' really believe this bullshit.

    I imagine that most of the people reading The Register are fully aware that no electronic / computerised system is ever going to be 'tamper proof'. The trouble is, the average plod isn't that tech-savvy, and when you get to judges and juries...............

    The film 'Rendition' starts to seem a little too plausible.

    Your ID card, your passport, your biometrics. YOU did it.

    0 0
  5. Harry Stottle

    The only way to protect sensitive authentication data...

    It is one thing to make the field reader tamper proof but that does nothing to prevent abuse of a central database by politically or commercially corrupt insiders.

    The only way to prevent that is for citizens to hold on to their own data (typically on their mobile phones) and to use an enrolment / key exchange protocol to verify the legitimacy of the fingerprint data in the field.

    As per (yawn) the ID Card Proposal at

    http://www.fullmoon.nu/book/side_issues/IdentityCards.htm

    0 0
  6. david

    oh dear

    "which experts consider tamper-proof also in the future"

    why does it worry me when experts predict the future.

    0 0
  7. Al Amet

    What if you have no fingerprints

    What about those people who don't have fingerprints and I'm not talking about the ones who don't have them for genetic reasons. I'm talking about those that don't have them because of the type of work they do. People that work with abrasive materials all day long often don't have detectable fingerprints. I still have spots on my finger tips that are completely smooth and have no detectable prints with ink or scanners. And what about those that have lost part of their digits due to an accident or birth defect. It will be interesting how the system deals with these people if prints are a requirement.

    0 0
  8. Anonymous Coward
    Coat

    Um, they're compulsory already

    "Fingerprints become mandatory in June 2009*"

    I've had mine all my life. Didn't get a chance to tick the box turning this option down with the digital (geddit?) EULA at birth

    0 0
  9. Tim J

    Re: And don't forget

    All incredibly good points, Mr A. Coward.

    I really wonder how the government would counter what you've said.

    0 0
  10. brainwrong

    Encrypted data

    "The German system uses encryption to protect the biometric data as it's communicated to the reader..."

    So it's not stored encrypted?

    I'm sure someone will work out how to dismantle it to access the data directly.

    0 0
  11. Jack Hughes
    Coat

    Phew

    "Fingerprints become mandatory in June 2009"

    And about time too, I've had mine for longer than I can remember!

    0 0
  12. Anonymous Coward
    Anonymous Coward

    religion?

    Do the germans, like the dear old NHS, have a slot in their database for religion?

    SELECT citizen_number,name,address from NHS JOIN IPS ON NHS.ID = IPS.citizen_number WHERE NHS.religion = [scapegoat_du_jour];

    http://thomas-associates.co.uk/The%20Price%20of%20Freedom%202004.ppt

    slides 5 and 30. the IT angle? see slide 29.

    The tinfoil hat, please.

    0 0
  13. John Lettice (Written by Reg staff)

    Re: Phew

    We at The Reg have always been worried about the Lizard People. Making having fingerprints mandatory should smoke them out.

    0 0
  14. Shakje
    Black Helicopters

    @Tim J

    Probably along the oft disproven lines of "if you've got nothing to hide..."

    0 0
  15. Neil Smith
    Stop

    Biometrics are just big fixed passwords that you can't change...

    and are only ever as good as the security on the database which holds them. Break into that, and everything you are is gone - owned by the thief for ever. BECAUSE YOU CAN'T CHANGE IT.

    This is a disaster waiting to happen.

    0 0
This topic is closed for new posts.