RFID

From Powerbase
Revision as of 20:11, 22 November 2008 by Barcin Uluisik (talk | contribs) (add section - unfinished)
Jump to: navigation, search

Radio frequency identification, or RFID, as defined by the RFID Journal, is “a generic term for technologies that use radio waves to automatically identify people or objects.” The most common practice of the technology is “to store a serial number that identifies a person or object, and perhaps other information, on a microchip that is attached to an antenna (the chip and the antenna together are called an RFID transponder or an RFID tag). The antenna enables the chip to transmit the identification information to a reader. The reader converts the radio waves reflected back from the RFID tag into digital information that can then be passed on to computers that can make use of it.”[1]


Background

RFID tags carry specific data about the objects they are attached to, and, unlike barcodes, they can be recognised and read by a reader as long as they are in the same range. The amount of data they can carry depends on the manufacturer and the form of application, but the current versions can carry up to 2KB of data[2], which is enough to store all the basic information about a product in a simple format.


Purposes of use

RFID is claimed to bring the advantage of every item being tagged with a unique proof of identification, making tracking of products so much easier and with fewer errors. This way, it is expected to improve production line efficiency for many companies.[3] The technology also helps companies in the way that it allows better access to product sales statistics. The main aim is stated to be “to reduce administrative error, labor costs associated with scanning bar codes, internal theft, errors in shipping goods and overall inventory levels.”[4]


Drawbacks

What actually has prevented the technology from being implemented is its cost. Although the tags are reusable in a certain system, say, in one company, they have to be very cheap to obtain to go out of the system as they cannot be used in another system unless all the systems work together and create a whole network of tracking.[5]


Therefore, the disadvantage is created by the absence of a universal system of RFID. Considering that the target now is to create a universal system, we come across some other, and much more serious, problems with respect to the practicable limitations of the whole network of RFID.


Technological problems

Easily copyable

The very first technical problem with the use of RFID tags on products is that they have proved to be easily copyable. Porter, in his article, states that he had the first hand experience after having been injected a chip under his skin. “It turns out that this futuristic device is rather unimpressive… It took… no time at all to pass a scanner over my arm, extract the information and clone the RFID.”[6]


Even for ID cards, the threat of being easily copied constitutes a big threat. Although the idea of embedding RFID tags in various types of ID cards bears the aim of making them “early impossible to forge or tamper with,” they are apparently functioning just in the opposite way.[7] “The hack was tested on a new European Union German passport, but the method would work on any country's "e-passport," since all of them will be adhering to the same ICAO standard. He obtained an RFID reader by ordering it from the maker - Walluf, Germany-based ACG Identification Technologies - but also explained that someone could easily make their own for about $200 just by adding an antenna to a standard RFID reader.”[8] Even the US authorities must have realised that fact that they have decided to also include a metal shield to protect them. “What they probably realise is that the covert reading of passport could represent a considerable threat, especially to those whose nationality terrorists want to target or those who may represent rich pickings for criminals.”[9]


Viral threats

The RFID technology has been presented to public as being fault-free and posing no technical problems. However, in addition to the problem of copying, they can also carry viruses that may well corrupt, if not all, a huge part of the system they are implemented in.


“Up until now, everyone working on RFID technology has tacitly assumed that the mere act of scanning an RFID tag cannot modify back-end software, and certainly not in a malicious way. Unfortunately, they are wrong. In our research, we have discovered that if certain vulnerabilities exist in the RFID software, an RFID tag can be (intentionally) infected with a virus and this virus can infect the backend database used by the RFID software. From there it can be easily spread to other RFID tags.”[10][11]


Implementation of such a vulnerable technology prone to viral attacks and hacking can be viewed as an economic threat, in the case of companies using it and spreading its use to enlarge their marketing system, as well as a security one, in the case of them being used with personal identification cards.[12] Many computer experts and science centres accept the fact that “RFID introduces new privacy and security risks -- and a whole new dimension to corporate espionage”[13], but also willing to work on the technology to prevent it: “Laboratories is now researching new techniques to help protect the privacy and security of businesses and consumers in RFID environments.”[14] Considering the fact that current genius Microsoft technology fails to protect our desktop computers from being infected by viruses, it appears to be either a rather naïve or an extremely evil state of mind to believe that the RFID tags can be protected from any kind of technical misuse, and trust them to carry unique information about anything, be it a product, a pet, or a person.


People getting chipped

The formal explanations of the system only includes pets and products; on the other hand, there are examples of people who have been “tagged” with RFID microchips.[15] The practice of inserting RFID devices into people for purposes of club memberships and payment procedures are not a dream – the ideas of employing the system actually dates back to at least 2004.[16]


Further applications of the system would present a more dreadful example of the NIR (National Identity Register) in the UK, where all the information of citizens is collected under a database. Porter, in his article, mentions the outcomes of a system being employed, and used by the state for social and political control of its people.[17]


Resources


Further Resources

Notes and References

  1. RFID Journal website, accessed 19 November 2008.
  2. RFID Journal website, accessed 19 November 2008.
  3. See the RFID Journal website for links to companies that have been using the technology.
  4. RFID Journal website, accessed 19 November 2008.
  5. RFID Journal website, accessed 19 November 2008.
  6. Henry Porter website, “Surveillance is really getting under my skin,” by Henry Porter, 19 November 2006, accessed 22 November 2008.
  7. Work Permit website, Global immigration news, “New hi-tech RFID passports hacked and cloned,” 04 August 2006, accessed 22 November 2008.
  8. Work Permit website, Global immigration news, “New hi-tech RFID passports hacked and cloned,” 04 August 2006, accessed 22 November 2008.
  9. Henry Porter website, “Surveillance is really getting under my skin,” by Henry Porter, 19 November 2006, accessed 22 November 2008.
  10. RFID Virus website, Vrije Universiteit Amsterdam, Department of Computer Science, “RFID Viruses and Worms,” by Melanie R. Rieback, Patrick N. D. Simpson, Bruno Crispo, Andrew S. Tanenbaum, last modified 02 March 2006, accessed 22 November 2008.
  11. See also RFID Virus website, “Is Your Cat Infected with a Computer Virus?” by Melanie R. Rieback, Bruno Crispo, and Andrew S. Tanenbaum, IEEE PerCom 2006, accessed 22 November 2008.
  12. ARS Technica website, “RFID chips can carry viruses,” 15 March 2006, accessed 22 November 2008.
  13. RSA Laboratories website, “RFID Privacy and Security”, accessed 22 November 2008.
  14. RSA Laboratories website, “RFID Privacy and Security”, accessed 22 November 2008.
  15. BBC News website, “Barcelona clubbers get chipped,” by Simon Morton, 29 September 2004, accessed 19 November 2008.
  16. Silicon website, “Schoolchildren to be RFID-chipped,” by Jo Best, 08 July 2004, accessed 19 November 2008.
  17. Guardian website, “Beware of card tricks,” by Henry Porter, 11 July 2006, accessed 19 November 2008.