|
History of RFID tags In 1946 Léon Theremin invented an espionage tool for the Soviet government which retransmitted incident radio waves with audio information. Soundwaves vibrated a diaphragm which slightly altered the shape of the resonator, which modulated the reflected radio frequency. Even though this device was a passive covert listening device, not an identification tag, it has been attributed as the first known device and a predecessor to RFID technology. The technology used in RFID has been around since the early 1920s according to one source (although the same source states that RFID systems have been around just since the late 1960s).••• A more similar technology, the IFF transponder, was invented by the British in 1939 *, and was routinely used by the allies in World War II to identify airplanes as friend or foe. Transponders are still used by military and commercial aircraft to this day. Another early work exploring RFID is the landmark 1948 paper by Harry Stockman, titled "Communication by Means of Reflected Power" (Proceedings of the IRE, pp 1196–1204, October 1948). Stockman predicted that "...considerable research and development work has to be done before the remaining basic problems in reflected-power communication are solved, and before the field of useful applications is explored." Mario Cardullo claims that his U.S. Patent 3,713,148 in 1973 was the first true ancestor of modern RFID; a passive radio transponder with memory. 3 The first demonstration of today's reflected power (backscatter) RFID tags, both passive and active, was done at the Los Alamos Scientific Laboratory in 1973. 2 Types of RFID tags RFID cards are also known as "proximity" or "proxy" cards and come in three general varieties: passive, semi-passive (also known as semi-active), or active. Passive Passive RFID tags have no internal power supply. The minute electrical current induced in the antenna by the incoming radio frequency signal provides just enough power for the CMOS integrated circuit in the tag to power up and transmit a response. Most passive tags signal by backscattering the carrier signal from the reader. This means that the antenna has to be designed to both collect power from the incoming signal and also to transmit the outbound backscatter signal. The response of a passive RFID tag is not necessarily just an ID number; the tag chip can contain non-volatile EEPROM for storing data. The lack of an onboard power supply means that the device can be quite small: commercially available products exist that can be embedded in a sticker, or under the skin. As of 2006, the smallest such devices measured 0.15 mm × 0.15 mm, and are thinner than a sheet of paper (7.5 micrometers). * The lowest cost EPC RFID tags, which are the standard chosen by Wal-Mart, DOD, Target, Tesco in the UK and Metro AG in Germany, are available today at a price of 5 cents each. The addition of the antenna creates a tag that varies from the size of a postage stamp to the size of a post card. Passive tags have practical read distances ranging from about 10 cm (4 in.) (ISO 14443) up to a few meters (EPC and ISO 18000-6) depending on the chosen radio frequency and antenna design/size. Due to their simplicity in design they are also suitable for manufacture with a printing process for the antennas. Non-silicon tags made from polymer semiconductors are currently being developed by several companies globally. Simple laboratory printed polymer tags operating at 13.56 MHz were demonstrated in 2005 by both PolyIC (Germany) and Philips (The Netherlands). If successfully commercialized, polymer tags will be roll printable, like a magazine, and much less expensive than silicon-based tags. The end game for most item level tagging over the next few decades may be that RFID tags will be wholly printed - the same way a barcode is today - and be virtually free, like a barcode. However, substantial technical and economic hurdles must be surmounted to accomplish such an end: hundreds of billions of dollars have been invested over the last three decades in silicon processing, resulting in a per-feature cost which is actually less than that of conventional printing. Active Unlike passive RFID tags, active RFID tags have their own internal power source which is used to power any ICs that generate the outgoing signal. Active tags are typically much more reliable (e.g. fewer errors) than passive tags due to the ability for active tags to conduct a "session" with a reader. Active tags, due to their onboard power supply, also transmit at higher power levels than passive tags, allowing them to be more effective in "RF challenged" environments like water (including humans/cattle, which are mostly water), metal (shipping containers, vehicles), or at longer distances. Many active tags have practical ranges of hundreds of meters, and a battery life of up to 10 years. Some active RFID tags include sensors such as temperature logging which have been used in concrete maturity monitoring or to monitor the temperature of perishable goods. Other sensors that have been married with active RFID include humidity, shock/vibration, light, radiation, temperature and atmospherics like ethylene. Active tags typically have much longer range (approximately 300 feet) and larger memories than passive tags, as well as the ability to store additional information sent by the transceiver. The United States Department of Defense has successfully used active tags to reduce logistics costs and improve supply chain visibility for more than 15 years. At present, the smallest active tags are about the size of a coin and sell for a few dollars. The RFID system An RFID system may consist of several components: tags/transponsders, tag readers, antenna, middleware/application software. The purpose of an RFID system is to enable data to be transmitted by a mobile device, called a tag, which is read by an RFID reader and processed according to the needs of a particular application. The data transmitted by the tag may provide identification or location information, or specifics about the product tagged, such as price, color, date of purchase, etc. The use of RFID in tracking and access applications first appeared in 1932, to identify aircraft as friendly or unfriendly ("identify friend or foe" (IFF)). RFID quickly gained attention because of its ability to track moving objects. As the technology is refined, more pervasive and possibly invasive uses for RFID tags are in the works. In a typical RFID system, individual objects are equipped with a small, inexpensive tag. The tag contains a transponder with a digital memory chip that is given a unique electronic product code. The interrogator, an antenna packaged with a transceiver and decoder, emits a signal activating the RFID tag so it can read and write data to it. When an RFID tag passes through the electromagnetic zone, it detects the reader's activation signal. The reader decodes the data encoded in the tag's integrated circuit (silicon chip) and the data is passed to the host computer. The application software on the host processes the data, and may perform various filtering operations to reduce the numerous often redundant reads of the same tag to a smaller and more useful data set. Take the example of books in a library. Security gates can detect whether or not a book has been properly checked out of the library. When users return items, the security bit is re-set and the item record in the Integrated library system is automatically updated. In some RFID solutions, a return receipt can be generated. At this point, materials can be roughly sorted into bins by the return equipment. Inventory wands provide a finer detail of sorting. This tool can be used to put books into shelf-ready order. Current usage
RFID in inventory systems An advanced automatic identification technology such as the Auto-ID system based on the Radio Frequency Identification (RFID) technology has two values for inventory systems. First, the visibility provided by this technology allows an accurate knowledge on the inventory level by eliminating the discrepancy between inventory record and physical inventory. Second, the RFID technology can prevent or reduce the sources of errors. Benefits of using RFID include the reduction of labour costs, the simplification of business processes and the reduction of inventory inaccuracies. RFID mandates Wal-Mart and the United States Department of Defense have published requirements that their vendors place RFID tags on all shipments to improve supply chain management *. Due to the size of these two organizations, their RFID mandates impact thousands of companies worldwide. The deadlines have been extended several times because many vendors face significant difficulties implementing RFID systems. In practice, the successful read rates currently run only 80%, due to radio wave attenuation caused by the products and packaging. In time it is expected that even small companies will be able to place RFID tags on their outbound shipments. Since January, 2005, Wal-Mart has required its top 100 suppliers to apply RFID labels to all shipments. To meet this requirement, vendors use RFID printer/encoders to label cases and pallets that require EPC tags for Wal-Mart. These smart labels are produced by embedding RFID inlays inside the label material, and then printing bar code and other visible information on the surface of the label. Human implants Implantable RFID chips designed for animal tagging are now being used in humans. An early experiment with RFID implants was conducted by British professor of cybernetics Kevin Warwick, who implanted a chip in his arm in 1998. Night clubs in Barcelona, Spain and in Rotterdam, The Netherlands, use an implantable chip to identify their VIP customers, who in turn use it to pay for drinks *. In 2004, the Mexican Attorney General's office implanted 18 of its staff members with the Verichip to control access to a secure data room. (This number has been variously mis-reported as 160 or 180 staff members, though the correct number is actually 18. *) Many books published about RFID are aimed at medium to large businesses implementing RFID technology to track shipments or livestock; however, until the publication of RFID Toys * by Amal Graafstra in 2006 little information was available for the enthusiast. Shortly after the book's publication, the Seattle Center On Contemporary Art * hosted a live implant procedure performed on Phillip Beynon, a student from Vancouver Canada. Security experts are warned against using RFID for authenticating people due to the risk of Identity Theft. For instance a Mafia Fraud Attack would make it possible for an attacker to steal the identity of a person in real-time. Due to the resource-constraints of RFIDs it is virtually impossible to protect against such attack models as this would require complex distance-binding protocols. Potential uses RFID tags are often envisioned as a replacement for UPC or EAN barcodes, having a number of important advantages over the older barcode technology. They may not ever completely replace barcodes, due in part to their higher cost and in other part to the advantage of more than one independent data source on the same object. The new EPC, along with several other schemes, is widely available at reasonable cost. The storage of data associated with tracking items will require many terabytes on all levels. Filtering and categorizing RFID data is needed in order to create useful information. It is likely that goods will be tracked preferably by the pallet using RFID tags, and at package level with Universal Product Code (UPC) or EAN from unique barcodes. The unique identity in any case is a mandatory requirement for RFID tags, despite special choice of the numbering scheme. RFID tag data capacity is big enough that any tag will have a unique code, while current bar codes are limited to a single type code for all instances of a particular product. The uniqueness of RFID tags means that a product may be individually tracked as it moves from location to location, finally ending up in the consumer's hands. This may help companies to combat theft and other forms of product loss. Moreover, the tracing back of products is an important feature that gets well supported with RFID tags containing not just a unique identity of the tag but also the serial number of the object. This may help companies to cope with quality deficiencies and resulting recall campaigns, but also contributes to concern over post-sale tracking and profiling of consumers. It has also been proposed to use RFID for POS store checkout to replace the cashier with an automatic system which needs no barcode scanning. However, this is not likely to be possible without a significant reduction in the cost of current tags and changes in the operational process around POS. There is some research taking place, however, this is some years from reaching fruition. Active RFID tags also have the potential to function as low-cost remote sensors that broadcast telemetry back to a base station. Applications of tagometry data could include sensing of road conditions by implanted beacons, weather reports, and noise level monitoring. Gen 2 GS1 and GS1 US operate the joint venture EPCglobal. EPCglobal is working on international standards for the use of RFID and the EPC in the identification of any item in the supply chain for companies worldwide. The organization's board of governors includes representatives from GS1, GS1 US, The Gillette Company, Procter & Gamble, Wal-Mart, Hewlett-Packard, Johnson & Johnson, Checkpoint Systems and Auto-ID Labs and others. One of the missions of EPCglobal was to simplify the Babel of protocols prevalent in the RFID world in the 1990's. Two tag air interfaces (the protocol for exchanging information between a tag and a reader) were defined (but not ratified) by EPCglobal prior to 2003. These protocols, commonly known as Class 0 and Class 1, saw significant commercial implementation in 2002-2005. In 2004 the Hardware Action Group created a new protocol, the Class 1 Generation 2 interface, which addressed a number of problems that had been experienced with Class 0 and Class 1 tags. The EPCglobal gen 2 standard was approved in December 2004, and is likely to form the backbone of RFID tag standards moving forward. This was approved after a contention from Intermec that the standard may infringe a number of their RFID related patents. It was decided that the standard itself did not infringe their patents, but it may be necessary to pay royalties to Intermec if the tag were to be read in a particular manner. EPC Gen2 is short for EPCglobal UHF Class 1 Generation 2. The Gen 2 standard was adopted with minor modifications as ISO 18000-6C in 2006. Patient identification In July 2004, the Food and Drug Administration issued a ruling that essentially begins a final review process that will determine whether hospitals can use RFID systems to identify patients and/or permit relevant hospital staff to access medical records. Since then, a number of U.S. hospitals have begun implanting patients with RFID tags and using RFID systems, more generally, for workflow and inventory management. The use of RFID to prevent mixups between sperm and ova in IVF clinics is also being considered *. In October 2004, the FDA approved the country's first RFID chips that can be implanted in humans. The 134 kHz RFID chips, from VeriChip Corp., a subsidiary of Applied Digital Solutions Inc., can incorporate personal medical information and could save lives and limit injuries from errors in medical treatments, according to the company. The FDA approval was disclosed during a conference call with investors. Shortly after the approval, authors and anti-RFID activists Katherine Albrecht and Liz McIntyre discovered a warning letter from the FDA that spelled out serious health risks associated with the VeriChip. According to the FDA, these include "adverse tissue reaction," "migration of the implanted transponder," "failure of implanted transponder," "electrical hazards" and "magnetic resonance imaging MRI incompatibility." Some in-home uses, such as allowing a refrigerator to track the expiration dates of the food it contains, have also been proposed, but few have moved beyond the prototype stage. Bird Flu It has been proposed that RFID technology could be useful to conduct surveillance of poultry movements, which could enhance efforts to control a bird flu outbreak among poultry, thereby reducing human exposure to infected poultry. Due to its promising capability in livestock tracking, several Asian countries consider the adoption of RFID technology for its poultry identification program in connection with the bird flu outbreak *. Subordination RFID technology has great potential for tracking the movements of political dissidents and thereby helping to reduce, but not eliminate, their threat to the State. Whether this is perceived as having a positive or negative impact on society depends on the individual's support for a powerful and intrusive State vs. the individual's support for personal freedom. Regulation and standardization There is no global public body that governs the frequencies used for RFID. In principle, every country can set its own rules for this. The main bodies governing frequency allocation for RFID are: Low-frequency (LF: 125 - 134.2 kHz and 140 - 148.5 kHz) and high-frequency (HF: 13.56 MHz) RFID tags can be used globally without a license. Ultra-high-frequency (UHF: 868 MHz-928 MHz) cannot be used globally as there is no single global standard. In North America, UHF can be used unlicensed for 902 - 928 MHz (+/-13 MHz from the 915 MHz center frequency), but restrictions exist for transmission power. In Europe, UHF is under consideration for 865.6 - 867.6 MHz. Its usage is currently unlicensed for 869.40 - 869.65 MHz only, but restrictions exist for transmission power. The North American UHF standard is not accepted in France as it interferes with its military bands. For China and Japan, there is no regulation for the use of UHF. Each application for UHF in these countries needs a site license, which needs to be applied for at the local authorities, and can be revoked. For Australia and New Zealand, 918 - 926 MHz are unlicensed, but restrictions exist for transmission power. These frequencies are known as the ISM bands (Industrial Scientific and Medical bands). The return signal of the tag may still cause interference for other radio users *. Some standards that have been made regarding RFID technology include: A primary security concern surrounding RFID technology is the illicit tracking of RFID tags. Tags which are world-readable pose a risk to both personal location privacy and corporate/military security. Such concerns have been raised with respect to the United States Department of Defense's recent adoption of RFID tags for supply chain management *. More generally, privacy organizations have expressed concerns in the context of ongoing efforts to embed electronic product code (EPC) RFID tags in consumer products. A second class of defense uses cryptography to prevent tag cloning. Some tags use a form of "rolling code" scheme, wherein the tag identifier information changes after each scan, thus reducing the usefulness of observed responses. More sophisticated devices engage in challenge-response protocols where the tag interacts with the reader. In these protocols, secret tag information is never sent over the insecure communication channel between tag and reader. Rather, the reader issues a challenge to the tag, which responds with a result computed using a cryptographic circuit keyed with some secret value. Such protocols may be based on symmetric or public key cryptography. Cryptographically-enabled tags typically have dramatically higher cost and power requirements than simpler equivalents, and as a result, deployment of these tags is much more limited. This cost/power limitation has led some manufacturers to implement cryptographic tags using substantially weakened, or proprietary encryption schemes, which do not necessarily resist sophisticated attack. For example, the Exxon-Mobil Speedpass uses a cryptographically-enabled tag manufactured by Texas Instruments, called the Digital Signature Transponder (DST), which incorporates a weak, proprietary encryption scheme to perform a challenge-response protocol. Still other cryptographic protocols attempt to achieve privacy against unauthorized readers, though these protocols are largely in the research stage. One major challenge in securing RFID tags is a shortage of computational resources within the tag. Standard cryptographic techniques require more resources than are available in most low cost RFID devices. RSA Security has patented a prototype device that locally jams RFID signals by interrupting a standard collision avoidance protocol, allowing the user to prevent identification if desired. *. Various policy measures have also been proposed, such as marking RFID tagged objects with an industry standard label. USA RFID Legislation Defeated by members of the California state assembly June 25, 2005. Passed by the California Senate with a vote of 30 to 7 on August 31, 2006 (it was already passed by the State Assembly). Vetoed by Governor Arnold Schwarzenegger. Controversy How would you like it if, for instance, one day you realized your underwear was reporting on your whereabouts? — California State Senator Debra Bowen, at a 2003 hearing * The use of RFID technology has engendered considerable controversy and even product boycotts by consumer privacy advocates such as Katherine Albrecht and Liz McIntyre of CASPIAN who refer to RFID tags as "spychips". The four main privacy concerns regarding RFID are: Most concerns revolve around the fact that RFID tags affixed to products remain functional even after the products have been purchased and taken home, and thus can be used for surveillance and other nefarious purposes unrelated to their supply chain inventory functions. Such unattended RFID tags also pose environmental risks *. Although RFID tags are only officially intended for short-distance use, they can be interrogated from greater distances by anyone with a high-gain antenna, potentially allowing the contents of a house to be scanned at a distance, something distinctly Orwellian in nature. Even short range scanning is a concern if all the items detected are logged in a database every time a person passes a reader, or if it is done for nefarious reasons (e.g., a mugger using a hand-held scanner to obtain an instant assessment of the wealth of potential victims). With permanent RFID serial numbers, an item leaks unexpected information about a person even after disposal; for example, items that are resold or given away can enable mapping of a person's social network. Another privacy issue is due to RFID's support for a singulation (anti-collision) protocol. This is the means by which a reader enumerates all the tags responding to it without them mutually interfering. The structure of the most common version of this protocol is such that all but the last bit of each tag's serial number can be deduced by passively eavesdropping on just the reader's part of the protocol. Because of this, whenever RFID tags are near to readers, the distance at which a tag's signal can be eavesdropped is irrelevant; what counts is the distance at which the much more powerful reader can be received. Just how far this can be depends on the type of the reader, but in the extreme case some readers have a maximum power output of 4 W, enabling signals to be received from tens of kilometres away. Technical note: the anti-collision scheme of ISO 15693 will render this rather implausible. To eavesdrop on the reader part of the protocol - and gather the 63 least significant bits of a uid - would require the reader to send a mask value of 63 bits. This can only happen when the reader detects a collision up to the 63rd bit. In other words: One can eavesdrop on the transmitted mask-value of the reader, but for the reader to transmit a 63 bit mask-value requires two tags with identical least significant 63 bits. The probability of this happening must be near zero. I.e. the eavesdropper needs two virtually identical tags to be read at the same time by the reader in question. The potential for privacy violations with RFID was demonstrated by its use in a pilot program by the Gillette Company, which conducted a "smart shelf" test at a Tesco in Cambridge, England. They automatically photographed shoppers taking RFID-tagged safety razors off the shelf, to see if the technology could be used to deter shoplifting. * This trial resulted in consumer boycott against Gillette and Tesco. In another incident, uncovered by the Chicago Sun-Times, shelves in a Wal-Mart in Broken Arrow, Oklahoma, were equipped with readers to track the Max Factor Lipfinity lipstick containers stacked on them. Webcam images of the shelves were viewed 750 miles (1200 km) away by Procter & Gamble researchers in Cincinnati, Ohio, who could tell when lipsticks were removed from the shelves and observe the shoppers in action. In January 2004 privacy advocates from CASPIAN and the German privacy group FoeBuD were invited to the METRO Future Store in Germany, where an RFID pilot project was implemented. It was uncovered by accident that METRO "Payback" customer loyalty cards contained RFID tags with customer IDs, a fact that was disclosed neither to customers receiving the cards, nor to this group of privacy advocates. This happened despite assurances by METRO that no customer identification data was tracked and all RFID usage was clearly disclosed. * The controversy was furthered by the accidental exposure of a proposed Auto-ID consortium public relations campaign that was designed to "neutralize opposition" and get consumers to "resign themselves to the inevitability of it" whilst merely pretending to address their concerns. * During the UN World Summit on Information Society (WCIS) between the 16th to 18th of November, 2005, founder of the free software movement, Richard Stallman, protested the use of RFID security cards. During the first meeting, it was agreed that future meetings would no longer use RFID cards, and upon finding out this assurance was broken, he covered his card in tin foil, and would only uncover it at the security stations. This protest caused the security personnel considerable concern, with some not allowing him to leave a conference room in which he had been the main speaker, and then the prevention of him entering another conference room, where he was due to speak. On July 22, 2006, Reuters reported that two hackers, Newitz and Westhues, at a conference in New York City showed that they could clone the RFID frequency from a human implanted RFID chip, showing that the chip is not hack-proof as was previously believed. * Religious Reaction to RFID There has been discussion by a small group of the Christian community that RFID tagging could represent the mark of the beast (666) mentioned specifically in the Book of Revelation (see Revelation 13:16). This subject is studied by those Christians interested in the fields of eschatology (last things) and dispensationalism. Previously, other forms of identification such as credit cards and UPC codes had been suggested as candidates for the mark. While the exact Mark of the Beast used in the Left Behind series (an imaginative work of fiction based loosely on the Book of Revelation) was not fully explained, the implanted chip exhibited behavior similar to a RFID tag. Viruses Ars Technica Reported in March 2006 an RFID buffer overflow bug that could infect airport terminal RFID Databases for baggage, and also Passport databases to obtain confidential information on the passport holder.• RFID Shielding A number of products are available on the market in the US that will allow a concerned carrier of RFID-enabled cards or passports to shield their data. Simply wrapping an RFID card in aluminum foil is claimed to make transmission more difficult, yet not be completely effective at preventing it. * Protection against RFID interception Various methods can be used to protect against RFID data interception: See also | |||||||||||
|
| ||||||||||||
 |
|
| |