Date: December 8-13, 2006
Source: ABC AM program
Title: “Doubts raised over passport security” etc
Author: Rafael Epstein

Summary: Report about a computer “expert” reading Australian e-Passports in his possession.  Adam Laurie claims that e-Passports can be read remotely for the purpose of identity theft and/or cloning.  The remote reading involves the selected overcoming of the BAC by discovering the passport number, date of birth and date of expiry from other sources, and the construction of a high-powered reader which presumably will operate at 50-75cm distance.

Our response: There is nothing remarkable about reading the e-Passport data once it is in your possession.  Cloning is not seen as a particular threat.  For remote reading, discovering the BAC key data may be possible for a very small number of e-Passports, but would be difficult.  Even if the BAC key is known, the e-Passport must be within the range of the reader for several seconds for the reading transaction to be successful.  An e-Passport equipped with a metal decoupling page or shield cannot be read remotely.

http://www.abc.net.au/am/content/2006/s1807053.htm

see also

http://www.theregister.co.uk/2006/10/31/rfid_e-passport_attack/

http://australianit.news.com.au/articles/0,7204,20907070%5E15319%5E%5Enbv%5E,00.html

http://www.theage.com.au/news/security/passport-hacker-warns-of-identity-risk/2006/12/12/1165685661999.html?page=2