|Home||Internet of Things||Aerospace||Apparel||Energy||Defense||Health Care||Logistics||Manufacturing||Retail|
The Consequences of Convenience
RFID payment devices might mean we'll spend less time in lines, but will they strengthen or weaken our privacy protections? That remains to be seen.
Jan 02, 2006—The holiday season is about reuniting with family. It's about the joy of giving. And it's about the drudgery of waiting in line—at the airport, the post office, the mall and everywhere else you go.
Right now, companies are inserting RFID inlays into credit cards, key fobs and cell phones to speed transactions. Meanwhile, merchants are adding RFID interrogators to their point-of-sale systems and accepting RFID payments, hoping to trim those lines by getting more consumers in and out of their stores more quickly. Many privacy advocates and technologists worry that convenience could come at the cost of our privacy if—or, as some say, when—a nefarious party were to find a way to use an RFID interrogator (reader) to snatch others' names and payment information, such as credit card or bank account numbers.
These authentication and anticounterfeiting features exist, and will be effective until someone finds ways around them. However, I don't completely agree that they make consumers' privacy more secure, or that safety is the reason RFID and biometric technologies are being deployed. The bigger motivation, from the point of view of the credit card associations, banks and merchants, is increasing throughput—more transactions, completed more quickly. Or, to use a term that looks better in marketing materials, increased "consumer convenience."
The organizations that have developed RFID payment devices are using long-standing and robust cryptography to protect the account information on the RFID tags. And the ISO air-interface protocol the devices follow require that a tag be within about 10 centimeters (4 inches) from the reader. These protections make RFID payments a very tough nut to crack—for counterfeiters, and also for those seeking to steal RF data from the devices. Nothing, however, is impossible.
The traditional magnetic stripe credit card can be counterfeited, and someday RFID credit cards will likely face the same problem. Ditto for RFID-enabled passports. Of course, what sets old-school credit cards and passports apart from their RFID-enabled analogs is the very thing that has so many people creeped out: RF communication. And the discovery of a weakness in the encryption of data in Texas Instruments tags used for Mobil's Speedpass payment device proves that data is secure only until someone figures out how to hack into it.
Login and post your comment!
Not a member?
Signup for an account now to access all of the features of RFIDJournal.com!
SEND IT YOUR WAY
RFID JOURNAL EVENTS
ASK THE EXPERTS
Simply enter a question for our experts.