Wednesday, May 20, 2009

Air France Biometric Boarding Pass Technology:

INTRODUCTION:
Air France has implemented the use of smartcard based boarding pass (on trial basis until the end of the year) for its frequent flyer programme members on flights between Paris Charles de Gaulle and Amsterdam Schipol. This new boarding pass contains an encrypted version of forefinger and thumb prints of passengers. During boarding the passenger would scan their forefingers and thumb prints on a fingerprint scanner (installed at the gate) that would then be compared with those stored in the card and upon successful verification the passenger would be allowed to board.

ISSUING OF AIR FRANCE BOARDING PASS:
It consists of the following steps:

Step1: Verification of identity based on documents like passport etc.

Step2: After verification fingerprints would be scanned using sensor (mostly optical) that would be stored in the boarding pass.

Step3: Collect the card.


OPERATION OF AIR FRANCE BOARDING PASS:

Step1: Insert the card into the boarding pass terminal and flight details will be printed on back of the card. The card can be reused at least 500 times because during next use the existed information will be erased and new flight information will be printed on it. Thus, the passenger holds on to the boarding pass even after travel.

Step2: Proceed to boarding terminal based on the information printed on the card.

Step3: The boarding terminal reader will check the flight information stored in the chip.

Step4: Once the flight information is read the passenger will be prompted to get his fingerprints scanned at the fingerprint scanner located at the terminal.
Step5: Fingerprint information stored in card is compared with the scanned fingerprint information. If both the fingerprint information matches then the boarding gate would open, allowing the person to board the flight.

WHAT MAKES THE AIR FRANCE BOARDING PASS SECURITY RELIABLE?
The answer to this question is NOTHING. The boarding pass technology just mimics the current e-passport and credit card technology, which suffer from many flaws.

DRAWBACKS OF THE AIR FRANCE BIOMETRIC BOARDING PASS SYSTEM:
Air France Biometric Boarding pass system suffer from the same drawbacks of e-passports and credit cards that are as follows:
1. Boarding Pass can be cloned:
Similar technology based e-passports and credit cards have been successfully cloned. This means that all the personal information stored in the boarding pass would be transferred to the cloned card including the passenger’s fingerprint. Following are some articles that show how easily e-Passports and credit cards can be cloned:
· http://www.timesonline.co.uk/tol/news/uk/crime/article4467106.ece (Fake-proof e-passports cloned in minutes)
· http://www.neoseeker.com/news/9787-insecurity-of-homeland-security-rfid-passports-shown-by-researcher/ (US Homeland Security passports successfully cloned with no problem)
· http://nepalinirelandnews.blogspot.com/2008/05/dublin-shop-workers-bribed-to-help-in.html (Dublin lasercard bank fraud).
2. Fingerprint scanner can be fooled:
The fingerprint scanner used is similar to the ones used at immigration i.e. optical fingerprint scanner. There are numerous evidence online that these scanners can be easily fooled by using fake finger. Making fake finger is not very difficult and lot of information is available on the web that teaches a person how to make a fake finger. For example the following link shows how easily latent fingerprint (fingerprint left behind on some object by the potential victim) can be lifted and used as a stencil to make fake finger.
http://www.ccc.de/biometrie/fingerabdruck_kopieren.xml?language=en (Tutorial to make fake finger)

Following are few articles that show how the contemporary optical fingerprint readers can be fooled easily with fake finger.
http://www.securityfocus.com/news/6717 (German hackers fool fingerprint scanners).
http://software.silicon.com/security/0,39024655,11033437,00.htm (Japanese man fools biometric sensor with fake finger)
http://www.asiaone.com/Travel/News/Story/A1Story20090101-111750.html (South Korean woman fools Japanese fingerprint sensor)
3. Vulnerable to skimming or eavesdropping:
The fingerprint information stored in the card is transmitted to the reader, which compares the information with the passenger’s scanned fingerprints. This is major drawback because the authentication is done by the system, so while transmission the data could be intercepted and stolen.

A skimming attack is when someone attempts to read the passport chip simply by beaming power at the passport. At normal power ranges, contactless smart card readers must be relatively close to the card within a few inches or at most a few feet. However, that range can be extended if the reader broadcasts power at illegally high levels. A skimming attack could be done to facilitate identity theft or to trace the movements of an individual.

An eavesdropping attack can occur, if the contactless smart card is actively communicating with a legitimate reader. RF emanations from both the smart card and the reader have been shown in tests to be readable at distances up to 30 feet (9 meters).
Once the fingerprint information is stolen it is easy for criminal to make a fake finger of the passenger. Also, by lifting fingerprints left by the passenger in various objects can be used to make fake finger.
Related links:
http://www.neoseeker.com/news/9787-insecurity-of-homeland-security-rfid-passports-shown-by-researcher/
http://www.theregister.co.uk/2009/02/02/low_cost_rfid_cloner/
4. Boarding Pass can make travelers sick or even worse kill:
Another rising concern amongst people during travel is spread of contagious diseases like swine flu, SARS etc. Since ever traveler has to touch a coomon fingerprint sensor there is a possibility of disease spreading. Infections like swine flu etc spread easily and can result in death too. One may say that touching a door handle in the airport can infect travelers too, but our point is the verification system should not contribute in the spreading of disease. Suppose even if a person takes good precaution wearing gloves etc, he will have to expose his finger to get his fingerprint scanned by the sensor. Person does not have to remove gloves to touch door handle.

CONCLUSION:
Current Air France boarding pass is just eyewash to make people feel secure. Air France should consider using a system confers real security. A truly secure boarding pass is one that:
- cannot be fooled by a replica of person’s biometric details like fingerprint, face etc.
- hard to forge or counterfeit.
- provides a secure communication between the reader and travel document. In other words not vulnerable to skimming or eavesdropping.
- does not contribute in the spreading of disease.

E-SMART SOLUTION TO THE PROBLEM:
e-Smart Technologies Inc. creates an authentication environment that would overcome the above drawbacks. Let us analyze each drawback above and see e-Smart solution to overcome it.
1. Can fake finger fool the e-Smart Boarding Pass system?
NO, because the each boarding pass will have a fingerprint scanner that is foolproof. E-Smarts innovative match-on-card/ boarding pass technology and fingerprint matching algorithm together can easily detect latex finger, gummy finger by analyzing the changes in electrical characteristics and other properties.
2. Can e-Smart Boarding Pass be reliably cloned?
NO. Cloning e-Smart card doesn’t make sense because the cloned card would store the fingerprint information pertaining to the owner. The thief will not be able to authenticate the e-Smart boarding pass using either his finger or a fake finger.
3. Can the fingerprint information be stolen from the card?
NO, because the fingerprint matching is done in the card and not in a central system so personal data remains in the card. Thus, in e-Smart Boarding Pass authentication there is no question of vulnerability to data intercepting attacks, such as eavesdropping and skimming.
4. Would e-Smart Boarding Pass contribute in the spreading of contagious diseases?
NO, because the each boarding pass will have a fingerprint scanner for a personal touch. Where there is personal touch there is no possibility of getting infected (at least not because of boarding pass verification process).