Jun 23, 2006This article was originally published by RFID Update.
June 23, 2006—There has been an ongoing challenge confronting retailers and consumer packaged goods (CPG) manufacturers: how to balance consumer privacy protection with the benefits of post-purchase RFID tagging. It is very appealing that an RFID tag store relevant information accessible in the event a consumer returns a tagged item. All sorts of possibilities arise for improved warranty and service processing, recall management, and returns handling. But to privacy advocates (and indeed much of the public), the idea that a purchased item would carry a live, readable RFID tag is objectionable. The Gen2 protocol allows for "kill" functionality, which permanently disables a tag at the point-of-sale. This addresses the privacy concerns but means that the retailers and CPG manufacturers lose the aforementioned post-purchase benefits of RFID tagging. In recent months there have been a number of solutions presented to the market that aim to overcome these challenges, including IBM's clipped tag and SmartCode's push-button tag.
The most recent comes from a Danish company called RFIDsec headquartered in Copenhagen, which has developed an RFID tag-software system that employs a number of techniques to protect privacy without handicapping valuable functionality. Rather than "killing" a tag forever, the RFIDsec solution "silences" it so that it can be reawakened later by an authorized party. Thus, when a customer purchases a tagged item and leaves the store, the tag is put into "silent mode", rendering the data totally unavailable for reading. Furthermore, the tag doesn't even respond to signals from unauthorized readers, so beyond just data protection, the very presence of the tag is hidden; it essentially becomes invisible.
Encryption is a key enabler of the technology. Specifically, the company developed a proprietary encryption method called the RFIDSec Secure Protocol (RSP). In addition to the silencing functionality, RSP allows all data passed between the tag and reader to be encrypted. Segmentation of the tag's memory area is also supported, so that certain sections are only accessible to certain parties. This could allow Company A to read and write sensitive information to a tagged item that is then passed to Company B without concern that Company B could read the data. All of this rich functionality is made possible by RFIDsec's accompanying software application, the Access Management Software Platform, which manages the security features of the tags and interfaces with the RFID readers.
Currently, RFIDsec is offering HF versions of the tag, though a Gen2 compliant UHF version is expected next year. The company's business model is built firmly around partnerships which will see systems integrators and RFID solutions providers developing customized solutions for their clients using RFIDsec technology. RFIDsec does not offer off-the-shelf or turnkey solutions. The company is led by CEO Henrik Granau, who was a director at Hitachi Data Systems Denmark & Norway for ten years, and before that managing director for Texas Instruments in Denmark.
Read the announcement from RFIDsec
