United States Passport Cards issued by the U.S. Department of State and EDLs (enhanced driver's licenses) from the state of Washington contain RFID (radio-frequency identification) tags that can be scanned at border crossings without being handed over to agents. Both were introduced earlier this year for border crossings by land and water only, and can't be used for air travel. New York is the only other U.S. state with an EDL, though others are in the works.

The information in these tags could be copied on to another, off-the-shelf tag, which might be used to impersonate the legitimate holder of the card if a U.S. Department of Homeland Security agents at the border didn't see the card itself, the researchers said. Another danger is that the tags can be read from as far as 150 feet away in some situations, so criminals could read them without being detected. Although the tags don't contain personal information, they could be used to track a person's movements through ongoing surveillance, they said.

Another danger is that hackers could cause EDLs to self-destruct by sending out a certain number, they said.

"It would be relatively easy for someone to read your passport card or EDL," said Tadayoshi Kohno, an assistant professor of computer science and engineering at the University of Washington.

Though there's no reason for panic, "Our hearts should start to beat a little faster," Kohno said. The risk to individual passengers is low, but the problems create systemic weaknesses in the border-crossing system, according to a of the report.