Home Internet of Things Aerospace Apparel Energy Defense Health Care Logistics Manufacturing Retail

Access This Premium Content

Options To Access This Article:

What Subscribers Are Saying

  • "Probably the best investment I've ever made."
    Steve Meizlish, President & CEO, MeizCorp Services, Inc.
  • "I have found that RFID Journal provides an objective viewpoint of RFID. It you are looking for a resource that provides insights as to the application and implications of deploying RFID, RFID Journal will meet your needs, It gives you a broad perspective of RFID, beyond the retail supply chain."
    Mike O'Shea, Director of Corporate AutoID/RFID Strategies & Technologies, Kimberly-Clark Corp.
  • "No other source provides the consistent value-added insight that Mark Robert and his staff do. In a world dominated by press release after press release, RFID Journal is developing as the one place to go to make the most sense out of the present and future of RFID in commerce."
    Bob Hurley, Project Leader for RFID, Bayer HealthCare's Consumer Care Division
  • "RFID Journal is the one go-to source for information on the latest in RFID technology."
    Bruce Keim, Director, Hewlett-Packard
  • "RFID Journal is the only source I need to keep up to the minute with the happenings in the RFID world."
    Blair Hawley, VP of Supply Chain, Remington Products Company

RFID, Privacy and Corporate Data

Open standards for RFID systems hold great promise, but how do you prevent competitors from scanning sensitive data off of your RFID tags, or eavesdropping on communications between your tags and readers?
By Bob Violino
May 31, 2003—June 2, 2003 -- Corporate espionage is not a topic that gets a lot of coverage in the media because it's something no victim likes to talk about. Yet, it happens all the time. Companies want to know what their competitors are doing. Most do their snooping well within the confines of the law, but some resort to hiring "investigators" to sort through garbage, pay off employees, even steal laptops.

Radio frequency identification offers tremendous potential to cut waste and boost efficiency across supply chains, once standards are adopted. But open standards also raise the specter of competitors being able to read data off of your tags. In last week's feature, Creating an RFID Privacy Plan, we looked at the issues that need to be considered when developing strategies for protecting consumer privacy while maintaining the benefits of RFID tagging. This week, we look at the issues surrounding the need to secure corporate data and the integrity of products.

There are three primary issues surrounding RFID and the need to protect proprietary information: protecting data stored on the tag, protecting the integrity of the tag (and thus thee product), and securing data related to the serial number on a tag, which may be stored in a network database. None of these issues are impossible to overcome, but they require companies to make some tradeoffs, and the only way to make the right decisions is to understand the options available.

In many cases, companies may not need or want to secure RFID data. Information stored in tags on reusable plastic containers that stay within a company's own four walls probably doesn’t need to be secured. And in most cases, you don't need to protect data related to the manufacturer and stocking keeping unit. But what if you are tracking components for military aircraft? Or you're putting tags carrying an electronic manifest on containers being shipped to a customer? It's even possible that someone sitting in a car could point a device at your dock doors and pick up serial numbers from your readers.

When it comes to protecting data on the tags, there are two issues to be concerned about. The first is preventing someone from reading the tag, and the second is preventing someone from eavesdropping on the communication between the tags and readers. RFID committees working on standards under the aegis of the International Organization for Standardization have addressed both issues.

Two proposed standards, ISO 15961 and 15962, deal with how information should be structured and handled by RFID systems. Both are currently in committee draft ballot. They recommend that companies that need to protect data on the tag encrypt it before writing it to the tag. That can be done by a software application or by the reader.

"The chip is nothing more than a data carrier, so the information that it carries can be encrypted and stored on the tag," says Mike Guillory, who is director of industry relations for Intermec Technologies Corp. and a member of several RFID committees within ISO. "You can retrieve the information, and since it remains encrypted the whole time, there is no vulnerability."
To continue reading this article, please log in or choose a purchase option.

Option 1: Become a Premium Member.

One-year subscription, unlimited access to Premium Content: $189

Gain access to all of our premium content and receive 10% off RFID Reports and RFID Events!

Option 2: Purchase access to this specific article.

This article contains 2,499 words and 4 pages. Purchase Price: $19.99

Upgrade now, and you'll get immediate access to:

  • Case Studies

    Our in-dept case-study articles show you, step by step, how early adopters assessed the business case for an application, piloted it and rolled out the technology.

    Free Sample: How Cognizant Cut Costs by Deploying RFID to Track IT Assets

  • Best Practices

    The best way to avoid pitfalls is to know what best practices early adopters have already established. Our best practices have helped hundreds of companies do just that.

  • How-To Articles

    Don’t waste time trying to figure out how to RFID-enable a forklift, or deciding whether to use fixed or mobile readers. Our how-to articles provide practical advice and reliable answers to many implementation questions.

  • Features

    These informative articles focus on adoption issues, standards and other important trends in the RFID industry.

    Free Sample: Europe Is Rolling Out RFID

  • Magazine Articles

    All RFID Journal Premium Subscribers receive our bimonthly RFID Journal print magazine at no extra cost, and also have access to the complete online archive of magazine articles from past years.

Become a member today!

RFID Journal LIVE! RFID in Health Care LIVE! LatAm LIVE! Brasil LIVE! Europe RFID Connect Virtual Events RFID Journal Awards Webinars Presentations