RFID Invades the Capital 
By Mark Baard

02:00 AM Mar. 07, 2005 PT

WASHINGTION -- A new smartcard, the type privacy advocates fear
because it combines biometric data with radio tags, will soon be one
of the most common ID cards in Washington.

Department of Homeland Security workers in May will begin using the
new ID card, called the DAC, to gain access to secure areas, log on 
to government computers and even pay their Metro subway fares.

The DAC, which stands for Department of Homeland Security Access Card,
will carry a digital copy of its bearer's fingerprint and other
personally identifiable information. It will use radio-frequency
identification and Bluetooth technologies to communicate with reader
devices at the department's offices.

"The card provides one type of authentication for all forms of access
(physical, wired and wireless)," said DHS Director of Authentication
Technologies Joseph Broghamer, who participated in a wireless
technology conference in Washington, D.C., last week.

The DAC will feature a high-resolution image of its bearer and a hard-
to-duplicate holographic image. The key identifier stored on the DAC,
however, will be a record of the bearer's biometric data (in this
case, a fingerprint) that can be read by special devices attached to
DHS computers.

For example, rather than entering a user name and password, DHS
workers will log on to their computers by sliding their DAC into a
special keyboard and pressing their finger on the keyboard's
fingerprint-reader pad. The keyboard will then authorize workers by
comparing their physical fingerprint to the card's fingerprint record.

The DHS will issue approximately 40,000 of the new cards to its
employees and contractors this year. The DHS is just one of many
departments (the Department of Defense is another) responding to a
White House directive calling for new ID cards that are "strongly
resistant" to terrorist exploitation and "can be rapidly authenticated
electronically."

The DAC's use of fingerprint records makes it more secure than
previous ID card technologies, because it authenticates both the card
and its bearer, said Broghamer, and its use of wireless communication
makes it more convenient for DHS employees.

DAC's RFID and Bluetooth capabilities (some DAC holders will be
testing Bluetooth-enabled cardholders in May) will show "how wireless
can get around the form factors," said Broghamer, referring to
incompatibilities among devices that read ID cards by making physical
contact with them.

But the DAC's RFID chip and its Bluetooth-enabled holder will make it
a target for hackers and spies with wireless readers, who could be
lurking in commissaries, coffee shops, bars and subway stations around
the Capitol.

The tens of thousands of people carrying DACs around Washington this
year will also help to prove or discredit predictions by privacy
advocates that the RFID tags will be used to track individuals in
public and private places.

"We don't see any sensible and offsetting reason for using RFID
technology instead of another technology in identification cards and
documents," said Cedric Laurant, policy council at the Electronic
Privacy Information Center, "except for surreptitiously tracking
people's movements with reader devices." 

(snip)

Full article at Wired News ....
http://www.wired.com/news/privacy/0,1848,66801,00.html?tw=wn_tophead_2

Cheers, Steve..

---