RFID Technology, Security Vulnerabilities, and Countermeasures

Radio frequency identification (RFID) is a means of automatic identification that uses radio waves to detect, track, identify, and thus manage a variety of objects. The purpose of an RFID system is transmitting data from a portable device, called a tag, to an RFID reader to execute a particular application based on the tag provided identification or location information (Graafstra, 2006; O' Brien, 2006). RFID technology has been around for about 60 years and was originally developed for improving warfare technologies. The first application was developed by Britain as the Identify Friend or Foe (IFF) system, which was used to distinguish friendly aircraft from enemy aircraft during World War II (Landt, 2001). The second era of RFID technology began with the commercial activities in the 1960s. An early application was the development of electronic article surveillance (EAS) equipment to counter theft in retail stores. EAS as an early forerunner to RFID uses a ‘1-bit’ signal to represent the presence or absence of a tag (Landt, 2005). The third era of RFID technology started in 1999, when the Auto-ID Centre was established at MIT to investigate new ways for improving bar code technology and implementing RFID technology in various commercial applications. The 1990's were a significant decade for RFID because of increased commercialization of RFID systems and the standardization activities on RFID technologies. Electronic toll collection systems were widely deployed in the United States; RFID tags were affixed to over 3 million rail cars in North America; and the International Organization for Standardization (ISO) developed several standards in the RFID field, including, for example, the ISO 18000 series of standards that define the air interfaces, collision detection mechanisms, and communication protocols for different frequency bands (Knospe & Pohl, 2004). In the 21st century, with the development of RFID standards, decreasing prices, and mandates from large organizations such as Wal-Mart and the U.S. Department of Defense (DoD), RFID has become “the first important technology of the twenty-first century” (Garfinkel & Rosenberg, 2005). An RFID system has three key components: the tag, the reader, and the backend system. RFID tags, also known as transponders, are identification devices that are attached to objects. Each tag typically consists of an antenna constructed from a small coil of wires; a microchip used to store information electronically about the object (e.g. a vehicle or a container); and encapsulating material to enclose the chip and the coil. Like there are various types of barcode, RFID tags are available with different memory sizes and encoding O pe n A cc es s D at ab as e w w w .in te ch w eb .o rg