A representative of the Government Publishing Office (GPO) called into question parts of the story I posted earlier this week, based on a Washington Times story about the offshore outsourcing of American Passport production. After reading over the responses from the GPO to the Times story, I thought a follow-up was needed to clarify the issue.
The key element in the story, imho, is that the electronic components of the new American passport are produced by foreign companies. Gemalto from the Netherlands and Germany's Infineon produce the biometric chips in Singapore and Taipei, then send them to Thailand where the Dutch company SmartTac add the antennas and inserts the devices in blank American passport covers. The GPO acknowledges this, but asserts that--
- The companies in question have been thoroughly vetted for security and are carefully watched.
- No U.S. companies bid for the production of the computer chips and radio frequency I.D. antennas incorporated in the passport.
- For international homologation, the U.S. had to adopt technology compatible to that used in other countries, and was forced to look offshore to find this tech.
- The system incorporates many security features making it virtually impossible for hackers to access the information encoded in the chip.
- The chip is encoded with only that information that is also printed on the passport.
- Sophisticated inventory tracking will eliminate the risk of passports going missing.
The GPO explains that, after the government made the decision to incorporate electronics in the passport, (although it was under no international agreement requiring it) it was "shocked" to learn that no domestic sources were available to provide this tech. Don't you think that someone might have checked beforehand?
It also devotes a great deal of time to explaining how common it is for our government to shop internationally, missing the point that most Americans view the passport as a tangible symbol of their country, and the notion that we are incapable of provding for ourselves something so fundamental is wounding to our pride.
As far as security goes, the Washington Post recently ran an article about a security expert who claims to have created software that will allow a hacker to access and modify the data on the computer chip.
The GPO information makes for some good reading. I encourage you to check it out and draw your own conclusions.