Also, what general rules can I use to know whether we have a tag with sufficient security for our use case? Is there a good online tool to help suggest options that might be a fit?
The ISO 14443 standard for passive high-frequency (HF) RFID was designed specifically for financial transactions. It has a short read range to reduce the possibility of eavesdropping on tag-to-reader communication, and it supports encryption. Near Field Communication (NFC) is based on this standard, so you can use either air-interface protocol. NFC might allow you to create an app so people can control their locker with their phone.
As for your other questions, I am unaware of any online tool that would allow you to determine the tag with the best security for your application. Generally speaking, HF tags using ISO 14443 are the most secure for transactions, since they support both a short read range to prevent eavesdropping on the tag-to-reader communication and they support encryption.
Vendors have added security to passive ultrahigh-frequency (UHF) tags, but this has been mainly to thwart the cloning of tags, in order to prevent tagged items from being counterfeited. Some toll-collection agencies employ UHF tags, but by and large, most financial transactions are handled via passive HF tags based on ISO 14443.
—Mark Roberti, Founder and Editor, RFID Journal
Which Countries Are Adopting RFID Most Quickly? »