Germany has announced a new national ID program that will be mandatory for all citizens. The ID cards will be embedded with a special radio frequency identification security chip, or "RFID." These chips allow for short distance transmission of data over radio waves. One of the unique features of RFID is the lack of a power source within the chip itself. For example, many newer cars have a RFID chip implanted in the plastic casing of key used to start the car. (I am not referring to the remote door control which is usually battery powered.)
When the key is turned, the car sends a specially tuned radio wave toward the key. The radio waves generate enough power to activate the chip inside the key and transmit a authentication code back to the car, allowing it to start. Since RFID does not require an external power source, it is perfect for use in these types of applications. You might have an RFID chip in your wallet right now without even realizing it.
The use of RFID chips for identification cards is not unique. In the United States, passports issued after 2006 contain an RFID tag which contains the name, nationality, gender, date of birth, and place of birth of the passport holder. However, the cards proposed to be used in Germany will be exponentially more complex. Supposedly, the cards will not only be used by the government for identification purposes but will also facilitate online shopping and downloading music.
The potential applications are limitless, but so are the potential vulnerabilities. Although RFID's have become more secure overtime, it continues to have a number of weaknesses which can be exploited. It will be interesting to see how Germany addressed those concerns when the new cards are rolled out November 1st.