Posts

This is what Passport Security looks like

Sixty different materials go into the printing of a U.S. passport. That little booklet of a thing contains up to 30 pieces of security—and you can’t see most of them. And good luck trying to get details on these security features.

PPThe author of an article on gizmodo.com points out that he tried to get specifics from Homeland Security, but that the “forensic lab’s experts couldn’t discuss the security.” The author then sought answers from passport and forgery experts.

Holograms

When you see or hear the word “hologram,” what do you think of? Passports use holographic technology. The gizmodo.com article mentions that the biodata page of a passport probably has a see-through hologram.

It’s possible to almost forge a hologram. One way is to press metal onto it, then use the metal as a die cast to create more holograms. There’s also a device that stamps out holograms, but these days they’re difficult to get ahold of. Usually, holograms come with other security features that make forging difficult, such as special inks.

The drawback to more complex security with the passport is that some of the features can be missed in the inspection process because there are so many to remember. This creates a margin through which fake ones can pass inspection.

Ink

The gizmodo.com article talks about how the ink’s composition, and elements of the paper are part of the security. What can be done with ink to distinguish an authentic passport from a forged one? Some inks dissolve when they’re tinkered with. Some change color when cooled or heated. Some contain a design that’s visible only under UV light.

The paper, too, may contain unique fibers such as fluorescent ones. There are many other secrets that a forger could never know (though this article is obviously revealing some of them, but even then, this doesn’t mean the forger would necessarily be able to figure out how to duplicate these features).

Text one-seventh the width of a red blood cell

“Nanoprinting” is used for the passport: Text may be as small as one micron. Talk about a tiny font size. The best forgers can’t touch this. Another way to foil a forgery attempt is to deliberately create an anomaly in the text, such as a slightly raised letter.

The gizmodo.com article says that the most troublesome part of a passport to duplicate is the font. From a macroperspective, the typeface may seem easy to duplicate, but there are hidden, deliberate features visible only under a microscope. A forger won’t be able to replicate microscopic intentional ink bleeds.

Your passport will have an electronic chip in the upper left-hand corner that contains your data, including photo. The article explains that a security researcher, showed how he could clone such a chip.

Nevertheless, when all is said and done, passport forgery exists and forgers do get away with it. And as mentioned previously, there are so many security features to look for, that inspectors can’t all remember every single one, and the very one(s) they skip may also be the ones that would show a forgery. The technology needed to duplicate a passport is sold online.

At any rate, for the most part, your passport is an extremely secure instrument. Its security technology is ever-evolving. By and large, you can use your passport with peace of mind. Hold onto it tightly. Don’t let it out of your sight. When you don’t need it make sure it’s in a safe place that you won’t forget about.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

United Airlines Passport Scanning Mobile App: is it safe?

How much easier international travel is for United Airlines fliers: They can now use their iOS or Android device to scan their passports.

PP

If a customer checks in with United’s mobile application for international flights, they can access the passport-scanning feature. One can check in within 24 hours of departure. Fliers will get an option to confirm their stored passport data or to scan their passport.

If a customer chooses the scan, the app will use the smartphone’s camera to capture passport information. United says this is “similar to a mobile banking deposit.” The flier can retrieve the boarding pass after the passport scan is verified.

United says that their passport scanning feature is very time-saving and gives fliers more control.

Since it’s launch, Ive been asked by multiple outlets in regards to its security and the safety of this application, as it pertains to possible data breaches. The company who created the apps backbone is “Jumio” and by all accounts, they seem top notch.

It’s important consumers never blindly download or use any application without doing some due diligence. This is what I found;

Jumio states: “Jumio is PCI Level 1 compliant and regularly conducts security audits, vulnerability scans and penetration tests to ensure compliance with security best practices and standards. To demonstrate PCI compliance a yearly on-site validation assessment by a QSA is carried out. Jumio carries the security controls established to achieve PCI compliance over to PII data which is of comparable sensitivity and has extended the scope of such controls to cover and protect all systems used to transmit/process/store PII data. Doing so, provides Jumio with a coherent and independently tested set of security policies/processes/controls and enables Jumio’s customers to gain confidence that their data – be it credit card or PII – is handled in a secure manner throughout its lifetime.”

This is great. Now let’s hope my airline, Delta, signs on too!

And again, know what you’re getting into with any app because the Wall Street Journal ran a report in 2010 warning people of app developers’ missing transparency. And yes, we’ve come a long way in 4 years but 101 popular applications for iPhone and Android were examined. It turned out that 56 actually transmitted the mobile device’s unique ID to other companies. This was done without the user’s consent or even awareness.

Forty-seven of the apps transmitted the device’s location. Five of the applications sent gender, age and other personal data to outsiders.

This shows how intent that online-tracking companies are at collecting private information on people. Kind of makes you think of that song, “Every Breath You Take,” by the Police, especially the part that goes, “I’ll be watching you.”

Trackers know what apps the user is downloading, how often they’re used and for how long, the whole works. And there’s been no meaningful action taken to curb this. It’s all about money. (Isn’t everything?)

The more “they” know about the user, the more targeted ads will come the user’s way. If they know you love shoes, ads about shoes will pop up. However, all this “transmitted” personal information can also be used for ID theft and other criminal purposes.

Solution:

Be aware. Don’t just blindly downloads and use an application. Do your research, read the terms and conditions and/or terms of service.

The user must weigh the risks and benefits when downloading the next application. In addition, download only from a reputable app store—after you’ve read user reviews and the app’s privacy policy regarding how much personal information it will get into and share.

Other tips include avoiding conducting smartphone transactions over unsecured Wi-Fi connections and keeping the software current in your smartphone: keeping up to date on its operating system, security software and browser.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Streamlined ‘Passpoint’ WiFi coming

WiFi connects us everywhere, such as in parks, subways, airplanes, coffee shops and public WiFi hotspots. The WiFi Alliance says there are more than a million hotspots worldwide, and a report by market research company Informa Telecoms and Media (Informa.com) reports that Wifi hotspot numbers are set to grow to 5.8 million globally in the next four years.

4WWhile all this wonderful WiFi is everywhere, there are issues with seamless connectivity and security that can be alleviated with cooperation from the larger ISPs and device manufacturers. Right now, public WiFi is wide open and vulnerable to wireless sniffers. Without a virtual private network like Hotspot Shield VPN, the data on your wireless devices are vulnerable to criminals.

According to the Wi-Fi Alliance, Wi-Fi CERTIFIED Passpoint™ will transform the way users connect to WiFi hotspot networks by making the process of finding and getting access to the right network seamless. It also provides user connections with WPA2™ security protection, enabling you to feel confident that your data is safe. Mobile devices that are certified for Passpoint, such as handsets and tablets, can still be used in existing hotspots. However, when you are in a Passpoint-enabled hotspot, you’ll discover a newly smooth connectivity experience.

An added benefit to seamless WiFi means less data usage on a carrier’s 3/4G network. With carriers pretty much nixing unlimited data use, consumers are finding they have to upgrade their data plans so they don’t go over their limit. With Passpoint, data usage will go down when WiFi connections happen effortlessly.

This is all great news for millions of people now using their wireless digital devices exclusively. But always keep in mind that no matter what you are using—a laptop, tablet, reader or mobile phone—wireless is inherently insecure and until Passpoint becomes as ubiquitous, a VPN such as Hotspot Shield VPN is as an essential layer of defense for your wireless devices.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.