US Border Patrol Unable to Validate E-Passport Data -- Security Today

US Border Patrol Unable to Validate E-Passport Data

E-passports store a cryptographic signature to prevent forgeries and tampering, but CBP has not deployed the software needed to verify the information, causing a security lapse.

By Jessica Davis
Feb 27, 2018

U.S. Customs and Border Protection officials have been unable to cryptographically verify passports of visitors coming into the US for more than a decade because they lacked the proper software, according to a letter sent to CBP acting commissioner Kevin K. McAleenan by Sens. Ron Wyden (D-OR) and Claire McCaskill (D-MO). E-passports store a cryptographic signature to prevent forgeries and tampering, but CBP has not deployed the software needed to verify the information, causing a security lapse.

For the last 11 years, the United States has inserted RFID chips in the back panel of its passports, creating “e-Passports”. The chip stores passport information, a biometric identifier, and a cryptographic signature to prevent tampering or forgeries, making it theoretically more secure and more difficult to alter.

However, according to Wyden and McCaskill, CBP currently “lacks the technical capabilities to verify e-passport chips.”

“Specifically, CBP cannot verify the digital signatures stored on the e-passport, which means that CBP is unable to determine if the data stored on the smart chips has been tampered with or forged," according to the senators’ letter.

The security gap was first brought to light by the Government Accountability Office (GAO) in a 2010 report.

"DHS does not have the capability to fully verify the digital signatures because it ... has not implemented the system functionality necessary to perform the verification,” GAO reported. "The additional security against forgery and counterfeiting that could be provided by the inclusion of computer chips on e-passports issued by the United States and foreign countries ... is not fully realized."

The senators have asked CBP to work with the government’s General Services Administration to create a budget for implementing the software needed to use the e-passport verification functionality and present a plan by January 1, 2019.

About the Author

Jessica Davis is the Associate Content Editor for 1105 Media.

Featured

Survey: Nearly Half of Employees Hide Workplace AI Use

Laserfiche, a SaaS provider of intelligent content management and business process automation, recently released new survey findings on AI adoption in the workplace, revealing that nearly half of Americans (49%) who use AI at work keep it to themselves, with 15% deliberately avoiding telling their manager. Read Now
- Artificial Intelligence
- Cybersecurity
46% of Enterprise Passwords Are Vulnerable to Cracking

Picus Security recently released The Blue Report™ 2025, based on more than 160 million real-world attack simulations. Now in its third year, the report provides a data-driven assessment of how well security controls perform against today’s threats — and this year’s findings are the most concerning to date. Read Now
- Cybersecurity
Community-Led Video Security Network Transforms Pennsylvania City Public Safety

A community-supported video security initiative has transformed public safety in Lancaster, Pennsylvania. The citizen-led collaboration demonstrates how open platform video technology can help revitalize struggling urban areas. Read Now
- Government
Browser-Based AI Agents: The Silent Security Threat Unfolding

Some of the most revolutionary advances in artificial intelligence include browser-based AI agents, which are self-sustaining software tools integrated into web browsers that act on behalf of individuals. Read Now
- Cybersecurity
Report: Cybercriminals Abandon Tech Tricks for Personalized Email Deception Tactics

VIPRE Security Group, a cybersecurity, privacy, and data protection company, has released its email threat landscape report for Q2 2025. Through an examination of worldwide real-world data, this report sounds the alarm on the most significant email security trends observed in the second quarter of 2025, enabling organizations to develop effective email security defenses for the remainder of the year. Read Now
- Cybersecurity

Security Today eNews

Sign up today for essential industry news and product information that can help you stay afloat in the fast-paced world of security.

Email Address*Country*

Please type the letters/numbers you see above.

PureTech Systems, Clear Align Partner to Deliver Advanced Autonomous Security, Command-and-Control for U.S. Air Force Tactical Security System

Webinars

Whitepapers

New Products

Mobile Safe Shield

SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame.
ResponderLink

Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.
Connect ONE®

Connect ONE’s powerful cloud-hosted management platform provides the means to tailor lockdowns and emergency mass notifications throughout a facility – while simultaneously alerting occupants to hazards or next steps, like evacuation.