OP here. It is trivial to create the missing checksum. It is detailed at https://shkspr.mobi/blog/2025/06/reading-nfc-passport-chips-...

Conscience

Considering how often it is done, not much?

The data are signed with the passport issuing authority's private key.

So you could implement a chip which reacts like an official passport. When the border guards see that the signature is invalid, you can explain how it's just a prank and you'll all have a jolly good laugh about it.

Besides the data being signed as already mentioned, the protocol is interactive and custom to passport documents. So you can’t just put it on any programmable NFC tag. I also doubt you can buy programmable ones implementing the passport protocols. But maybe you can find general purpose programmable ones you can implement the protocol on.

There are also optional subprotocols that allow the chip to be authenticated (i.e. proof it knows a private key). These prevent copying valid signed data to a different chip.

Countries like UK actually have publicly database for e-visas (share code) that can easily be verified via online API. So probably at least some foreign governments can cross validate some of passport data with each other.

Burning a zero day like that in front of border / travel officers will probably land you in prison very quickly.

The ICAO documents contain the complete specification. It is moderately complex and involves twiddling lots of bits. So I've no doubt that a passport reader somewhere isn't doing bounds checking properly.

But you could achieve much the same effect with a hammer.

You can transmit arbitrary data in certain steps of the passport reading process. The possibility of disruption depends on whether the reading system has bugs exploitable by the incoming data.

I've seen crashes in PKCS#11 drivers when reading cards with malformed data. So, the possibility, in theory, is always there.

Sounds fairly sensible to me

The passports contain a digital signature and a DSC (Document Signing Certificate). This DSC is signed by a CSCA certificate which you can download from the ICAO Public Key Directory. Link here: https://pkddownloadsg.icao.int/

Yes. There is even an active function that allows you sign arbitrary bits to check if the passport actually contains the private key. Otherwise you could spoof a passport by just replaying the government signed data.

Source: I have been working on a blockchain implementation in the past that was compatible with the cryptographic functions in an NFC passport. Basically using a standard NFC passport as a cold wallet.

Fun fact. The cryptographic system even differs per country.

E.g. the Dutch don't trust the NIST elliptic curves so use the brainpool curves instead. Some other countries are still using RSA iirc.

It seems every country that moves to electronic travel authorization has an app that requires me to verify my passport with this method. I have a fairly new passport, issued in the last few years, and a recent phone… and this process is a huge pain. I need to massage my passport with my phone for a minute, maybe I get a bite, hold it still… oops, start over… try again… okay, use our partner’s face ID recognition service instead… ugh it’s horrible.

I don’t know if the issue is the very low power chip in the passport, or some damage or what… but I dread the process any time I need to do it.