New RFID Technologies Announced at RFID World Boston
October 1, 2007
RFID technologists, distributors and thinkers from around the world joined together last week at RFID World in Boston, MA. Sessions and the show floor focused on the real-world relevance of RFID and how to safely, securely and successfully apply the technology.
Show speakers discussed certain roadblocks to the implementation of RFID technology — some precautionary, some logistical and some paranoid. The main security concern with RFID is a person operating a malicious reader could read information off a tag without the owner knowing.
David Husak, co-founder and CTO of Reva Systems, was most concerned with how RFID readers interact with and distract each other. “You have to deploy a lot of them and you have to deploy them in very close proximity to one another and when you turn them on, they don’t play nice with each other,” said Husak, who has a background in networking. “One of Reva’s very fundamental innovations is that we connect all those readers in a network, but we look at them and operate them as one unified system not as a bunch of standalone autonomous readers working on their own,” he said.
Reva recently worked with Metro Group of Germany to implement an RFID system in its Galeria Kaufhof store. Metro’s system involves a “magic mirror” and “smart dressing rooms” that allow customers to gain information about the products they are considering when they are in proximity of these RFID-enabled devices. Husik has realistic objectives when it comes to his company and RFID technology. “Our goal is to be at least as good as barcodes,” he says.
Bert Moore, director of communications for the Association for Automatic Identification and Mobility (AIM), addressed issues regarding the value of data and security measures that can help to secure data. He explained that there should be no more data on an RFID tag than necessary and that most malicious attacks on RFID systems should provide very little gain for the attacker beyond individual annoyance or inconvenience for the user.
In most cases, according to Moore, in order to get to the “fun places” with RFID authentication, there is a lot more required than a simple reader. For instance, he said, if someone were to steal BoeingSenior Manager of Supply Chain Technology for Integrated Defense Systems Steven G. Georgevitch's RFID badge, they could get into the building, but in order to get to the “fun places” there would be extra security measures like a retinal scan or fingerprint authentication and a security guard who would know who is allowed access.
In regard to the practicality of malicious users stealing information for actual gain, Moore gave another example of an RFID-assisted theft that involved countless hours of preparation, expensive equipment, a fraudulent point of sale terminal and a corrupt employee to capture financial information. He then positioned the scenario against a more common scenario of giving a credit card to a server at a restaurant and how all a criminal would need to steal information is a pen and paper. Much more effort is required for RFID theft.
Marc Doyan, technology engineer for Quatred, LLC, talked about the validity or invalidity of these and more security concerns. One topic that received a lot of attention was the implementation of RFID tags in American passports. Doyan discredited concerns for data collection on a number of levels.
According to Doyan, when closed, the outer cover of the book prevents the RFID tag from being interrogated by a reader. Also, the information on the tag is the exact same as the information available on the inside of the book, so there is no additional information that someone could gain from reading the tag that they couldn’t get by opening to the first page of the book. Furthermore, the tag is encrypted and requires an access key, which is printed on the first page of the book; this code is read by customs agents using an optical scanner to speed up the process and to keep lines moving.
Doyan also addressed concerns of RFID-enabled products in retail stores. The fear is the company would know what a shopper buys and be able to use or sell this information. Doyan pointed out that through customer rewards programs, stores already have this information, so there is no need for them to deploy an expensive system to collect information they already have.
Other speakers at RFID World included Sayan Chkraborty, CTO and VP of engineering and operations for SkyTek Inc., Pete Martin, president of AAID Security Solutions Inc. and Tony Sabetti, vice president of RF solutions for Sirit Inc. Visit the RFID World website to view a full speaker list and download presentations from the conference.
You May Also Like