Neville Pattinson protects passport privacy

The Allied sky watchers who used RF technology to identify aircraft as friend or foe back in World War II understood its value for intelligence gathering. Today, RF identification tags have opened the door to powerful market analytics and supply chain management capabilities, potentially enabling automatic identification and tracking of just about anything distributed, sold and used.

When the technology was first pitched as a replacement for bar codes, mass retailers like Walmart eagerly got on board. An RFID tag could store information electronically. It didn’t require line of sight for a reader to read its data. It could be embedded in the tracked object. What wasn’t to like?

But at the turn of the millennium, as added intelligence on the RFID chip microcontroller expanded the chips’ application range beyond mere inventory tracking, the technology’s capabilities and the potential for abuse raised red flags. Privacy advocates wondered how vulnerable the tags would be to data skimming by third parties. Government proposals for an RFID-based e-passport system only multiplied privacy advocates’ concerns.

The engineering community understood the technology’s implications, as well as the ability to protect users’ privacy through secure protocols and other mechanisms. But government officials eager to use RFID to expedite border security were reluctant to ponder unintended consequences.

In a post-9/11 environment where “security” often trumped “privacy,” one stubborn EE forced the government to confront the flaws in its proposed e-passport system, ultimately helping to convince federal officials to beef up e-passport security mechanisms. Neville Pattinson’s tenacity, integrity and independent thinking helped save U.S. citizens from a potential privacy nightmare.


Click on image to enlarge.

In 2004, during his tenure as director of business development technology and government affairs for smart card provider Axalto Americas, Pattinson spotted a security hole in the proposed e-passport system that would leave data stored on RFID chips vulnerable to data skimming. The spec put together by the International Civil Aviation Organization (ICAO) included a basic access control (BAC) mechanism that would protect the communication channel between the RFID chip and reader by encrypting the transmitted information. But BAC implementation in e-passports was “optional” under ICAO’s rules, and the U.S. government at the time was advocating “open free read.” Customs officials wanted to make it easier and faster at the border to read the information stored in the chip, and they were working under the assumption that the reader’s range maxed out at 4 inches.

Turns out they were off by 356 inches.

In essence, open free read for e-passports meant that thieves or terrorists equipped with a reader would have relatively easy access to data stored in identification documents. Americans traveling internationally would pass through airports with an electronic bull's-eye on their backs identifying their U.S. citizenship.

“I didn’t want to give the industry a black eye because of the sloppy implementation of RFID technology [in the proposed e-passport implementation]. We had to give the very best advice to the government,” recalls Pattinson, now senior vice president for government affairs and business development at Gemalto. When the government initially turned a deaf ear to that advice, Pattinson decided to prove his point at an early e-passport trial in 2004 at the National Institute of Standards and Technology (NIST).