RFID – Radio Frequency IDentification

Saturday, January 19th, 2019 (No comments yet)

An RFID tag hidden under a label

An RFID tag is nothing more than a little chip attached to a paper-thin antenna. The chip's basic function is to store and transmit a small amount of information, usually just a unique identifier. What good is that? Well:

Pros

• RFID attached to shipping pallets can make it easier for companies to track and monitor shipments.
• By replacing UPC codes with RFID labels on individual products (like a can of soda), stores can track inventory, prevent shoplifting, and develop systems that automatically charge you for whats in your cart without you having to stop and scan each item.
• As a cheap short-range wireless transmission system, RFID is perfect for making printers who can tell you if you install the wrong ink or toner cartridge or cars that can sense the air pressure in your tires.
• Because RFID doesn't require physical contact, pass cards like those used for secure door access or subway systems will last far longer than those that use magnetic stripes. Further, because the cards only need to be waved in front of a reader, people can get through the control points a few seconds faster. Multiply by tens or hundreds of people a day and the over-all efficiency skyrockets.
• RFID chips can be implanted under the skin of animals to make them easy to identify if they become lost or stolen.
• Chips implanted in humans can be used in place of the medical alert bracelets which can come off or become hard to read over time.

Though there hundreds of visionary and useful things you can do RFID, because they typically lack strong security controls there are serious risks that come with them too!

Cons

Don't underestimate how easy it would be to track and monitor people by the poorly-secured RFID tags they carry
(See online!)

• If someone steals a pallet full of products from a warehouse, but leaves the RFID chip, the company probably wouldn't know for days or weeks afterward (however long it takes for a real human to go looking).
• A shoplifter with a handheld RFID blaster can remove the tags and walk right out of the store.
• RFID enabled printers coffee machines can prevent you from reusing or buying off-brand replacement supplies.
• Those quickpay and access RFIDs can be easily copied from a distance. Now the bag guy gets free tolls, free gas, or can walk right into your building while the systems assign the responsibility to you.
• RFID has been debated for mandatory implantation in Alzheimer's patients, illegal aliens, and even the military. Because the chips aren't protected, once implanted, they can be used to track the movements and activities of the subjects causing serious privacy concerns. In addition to the possible cancer risks, the chips have been known to tunnel through the skin over time causing damage as well as making it impossible for you to get an MRI in the future if you should need one.

US passports now have RFID that researchers used to trigger an RFID smart bomb
• And how about the fact that your unsecured RFID chip could get hacked and become a tool for spreading viruses?
• Cameras can be programmed to look for specific kinds of RFID or specific people and snap a photo when you go by
• RFID can and WILL be used to track humans and their daily activities. Research is ongoing
• Making yourself "machine readable" makes it possible for someone to program a bomb with your "number" on it.

Making RFID Safe

On the plus side again, RFID can help prevent infant abduction or hospital mixups.

RFID, like most technology, isn't something that can (or necessarily should) be stopped. Intstead, we need to harness and direct the technology to reduce the threat. To do this, we need to look at three risk aspects of RFID:

1. Poor authentication

One of the primary issues with RFID and the main thing that makes all the nightmare scenarios possible is that unsecured RFID broadcasts to anyone and everyone. For any implementation of RFID to be acceptable, the chips must be programmed only to speak to proper readers who authenticated themselves first.

For example, say you have a refrigerator that scans the food inside. When you put food inside, the fridge should program the food with a one-time code that makes it impossible for the chips in the packaging to respond to any other reader.

Think no one cares what the contents of your fridge are? Think again.

2. Poor (or no) encryption

Even after a chip authenticates a reader, if it sends the data out in the open, anyone else nearby (or not so nearby) can read it too. All communications between a chip and authenticated reader must be encrypted to prevent eavesdropping by others.

3. Use of Long-term RFID

Implantation is permanent. Passports are good for 10 years. Companies plan to replace UPC barcodes with RFID that will transmit ID codes for the life of the product (from creation to landfill and beyond).

Every RFID implementations will eventually be hacked by someone. All it takes is one person in the world to find a way to break the system and the security is no good anymore (like the millions and millions of pounds wasted with the UK passports). Secure implementations can slow it down or help, but the best defense is NO RFID.

I can't see implants ever making sense and you definitely want to be sure the products you wear and carry around can't be used to wirelessly communicate with the world around them.

Share This