At the Black Hat hacker conference in Las Vegas last month, a security consultant demonstrated a hack of such a passport and also described a relatively simple and inexpensive process for cloning one. The demonstration troubled many who have questioned the necessity for RFID technology, which transmits data wirelessly, in such personal documents.
The state's response, of course, is that the inclusion of RFID is only one more link in the chain of identify verification(and, supposedly, protection):
The State Department, however, highlighted its "multi-layered" approach to protecting the new e-passports and mitigating the chances of the electronic data being "skimmed" -- i.e., intercepted or stolen.
Supposedly, the new passports can't be read anywhere other than where you'd want them to be read, as they have RF-shielding metal embedded into the cover of the book, preventing someone from, say, scanning your wallet or purse. This was a big concern a few years back. The new passports also feature a security key and a randomization function that will make it difficult to track any one particular individual's movements. There's more to it, and though many people will be skeptical for years to come, any technology is open to exploit. Some say the nature of RFID lends itself to unattended check ins, which could be a detriment to safety. Can't please everyone.