The new passports, with their metal linings and shared-key encryption, address most of the concerns that have been raised by privacy advocates and security professionals. Specifically, the lining prevents the RFID chips from being read while the passport is closed, and the encryption makes attempts to clone the RFID chips less attractive, since the data that’s being copied is encrypted and can’t be altered by the cloner.
As it turns out though, these security measures undermine the rationales given by the government for opting for contactless RFID instead of plain old smart cards in the new passports. Originally, the attraction of RFID is that it could be read at a distance with the passport closed, thereby speeding the ID checking process. Now that users not only will have to present and open passport, but they’ll also have to have the passport’s public encryption key read by an optical scanner, they might as well just be swiped through a contact-based scanner.