Retail, shipping and other businesses are increasingly using RFID tags as wireless bar codes that can contain more information than traditional printed ones. The growth of the technology is making the tools of RFID hacking more easily available, Kohno said.

In a cloning attack, a hacker could read the information off a card's RFID tag, either while the cardholder was passing by or as the official card reader was picking up the data. The attacker could then encode a generic RFID tag with that same data, Kohno said. With that newly encoded tag, someone could slip through the border by appearing to the RFID reader to have a legitimate identification card, as long as no one asked to look at the actual card.

By themselves, the RFID vulnerabilities don't mean someone will get away with cloning or other attacks, Kohno pointed out.

"In reality, the system involved in border crossings is much greater than just the technical aspect," Kohno said. For example, authorities are likely to interview drivers and passengers crossing the border and look at their identification cards, he said. They may also use other measures against card-cloning near border crossings.

However, Kohno and three fellow researchers believe there are mechanisms available for the RFID tags that the U.S. and Washington governments aren't using.