Britain is in the middle of a move towards making everyone's passport include a microchip. As of February this year, any passport you sent off for or renewed may have cost you substantially more and have included biometric information on such a device. In the case of the UK, this information includes a coded version of your facial features, in other places it may be fingerprints, iris scans and so on.

The chips these passports use include radio frequency ID (RFID) technology. This means the chip inside your passport will transmit some data – in this case your biometrics - to a reader when it receives signal from a RFID reader. The reason? More secure than paper based documents, and less open to fraud. Unless of course the potential fraudster knows a bit about such chips. Unsurprisingly, despite the Government's arrogance, they've already been hacked. Now that didn't take long did it?

At a recent security gathering in America, Lukas Grunwald revealed that he had worked out how to clone the contents of these passport chips. Accomplishing this task cost him an almighty £100. This of course is probably just about within the multimillion pound budget of such ne'er-do-wells as say terrorist organisations. They, like you, can download the program called RFDUMP they used to program the clone chip.

To make it explicitly clear what this means, you can clone the chip of a passport from say John Smith. Insert your new chip into, for instance, an old Christmas card, and now as far as any machine is concerned this Christmas card is now John Smith's valid passport.

To make it a little more convincing, Grunwald borrowed someone else's real passport and hid the cloned chip into the passport, between the cover and the real chip. The card reader, being only designed to read a single chip, read the nearest one and hence the genuine passport for person X was now deemed by the machine to be the passport for person Y.

This is made so much easier in that the data in the chips is not encrypted. Your personal details are there essentially in plain text. So far no-one has reportedly manage to alter the data in their passport themselves without leaving a tell-tale trail, but it may only be a matter of time. Besides, who needs to alter it much when you can have someone else's of your choice? Especially as some countries, such as Australia, are apparently considering relying solely on machines to check passports. Other countries will likely place quite some reliance on the technology – because otherwise, what would the point of having it be?

This trick will of course work on pretty much any country's ePassports, as by necessity they are all built to the same standard so they work worldwide.

In other exploiting ePassports news, because these RFID chips broadcast information, they can be located from afar. People intent on abusing you or your identity could wander around freely downloading bits of your passport information if you happened to have it in your pocket. Following concerns from "privacy activists" (also known as rational human beings), a couple of guys from Flexilis found that even when the passport was only ever so slightly open - as it may inadvertently be in a bag, or a pocket - data could be read from at least 2 feet away identifying that a person is carrying a passport, where they are carrying it and possibly such information as to their nationality.

Why would you be bothered? Well, if the critical privacy concerns don't wash with you, how about taking Flexilis' potential use-case? In these days of "symbolic" terrorism, it would be easily possible for example that a terrorist could build a bomb that would explode when, and only when, a tourist walked past – and possibly only when a specifically British tourist was in the vicinity.

For more information and a demonstration from Flexilis, watch the below video.