ABSTRACT
Existing solutions to protect consumer privacy in RFID either put the burden on the consumer or suffer from the very limited capabilities of today's RFID tags. We propose the use of physical RFID tag structures that permit a consumer to disable a tag by mechanically altering the tag in such a way that the ability of a reader to interrogate the RFID tag by wireless mean is inhibited. In "clipped tags", consumers can physically separate the body (chip) from the head (antenna) in an intuitive way. Such a separation provides visual confirmation that the tag has been deactivated. However, a physical contact channel may be used later to reactivate it. Such a reactivation would require deliberate actions on the part of the owner of the RFID tag to permit the reactivation to take place. Thus reactivation could not be undertaken without the owner's knowledge unless the item were either stolen or left unattended. This mechanism enables controlled reuse after purchase, making clipped tags superior to other RFID privacy-enhancing technologies.
- ARTICLE 29 Data Protection Working Party. Working document on data protection issues related to RFID technology. EU 10107/05/EN WP 105, Jan. 2005. europa.eu.int/comm/internal_market/privacy/docs/wpdocs/2005/wp105_en.pdf.Google Scholar
- J. Brito. Relax, don't do it: Why RFID privacy concerns are exaggerated and legislation is premature. UCLA Journal of Law and Technology, 8(2), Fall 2004. www.lawtechjournal.com/articles/2004/05_041220_brito.pdf.Google Scholar
- A. Cavoukian. Tag, you're it: Privacy implications of radio frequency identification (RFID ) technology. Feb. 2004. www.ipc.on.ca/scripts/index_.asp?action=31&P_ID=15007Google Scholar
- K.P. Fishkin, S. Roy, and B. Jiang. Some methods for privacy in RFID communication. In Security in Ad-Hoc and Sensor Networks (ESAS 2004), Lecture Notes in Computer Science 3313, pg. 42--53. Springer, 2004. Google ScholarDigital Library
- C. Floerkemeier, R. Schneider, and M. Langheinrich. Scanning with a purpose -- supporting the fair information principles in RFID protocols. In Ubiquitous Computing Systems (UCS 2004), Lecture Notes in Computer Science. Springer, 2005. Google ScholarDigital Library
- R.A. Fusaro. None of our business? Harvard Business Review, 82(12):33--38, Dec. 2004.Google Scholar
- A. Juels, R.L. Rivest, and M. Szydlo. The blocker tag: selective blocking of RFID tags for consumer privacy. In Computer and Communication Security (CCS'03), pg. 103--111. ACM Press, 2003. Google ScholarDigital Library
- D. Luckett. The supply chain. BT Technology Journal, 22(3):50--55, July 2004. Google ScholarDigital Library
- M. McGinity. RFID: Is this game of tag fair play? Commun. ACM, 47(1):15--18, 2004. Google ScholarDigital Library
- D. Molnar and D. Wagner. Privacy and Security in Library RFID: Issues, Practices, and Architectures. In Computer and Communications Security (CCS'04), pg. 210--219. ACM Press, 2004. Google ScholarDigital Library
- R. Want. RFID: A key to automating everything. Scientific American, pg. 46--55, Jan. 2004.Google Scholar
- S. Weis, S. Sarma, R.L. Rivest, and D. Engels. Security and privacy aspects of low-cost radio frequency identification systems. In Security in Pervasive Computing, Lecture Notes in Computer Science 2802, pg. 201--212. Springer, 2003.Google Scholar
- A. Weiss. Me and my shadow. ACM netWorker, 7(3):24--30, 2003. Google ScholarDigital Library
Index Terms
- Disabling RFID tags with visible confirmation: clipped tags are silenced
Recommendations
Visible and controllable RFID tags
CHI EA '10: CHI '10 Extended Abstracts on Human Factors in Computing SystemsRadio frequency identification (RFID) tags containing privacy-sensitive information are increasingly embedded into personal documents (e.g., passports and driver's licenses). The problem is that people are often unaware of the security and privacy risks ...
On two RFID privacy notions and their relations
Privacy of RFID systems is receiving increasing attention in the RFID community. Basically, there are two kinds of RFID privacy notions in the literature: one based on the indistinguishability of two tags, denoted as ind-privacy, and the other based on ...
A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags
SAC'05: Proceedings of the 12th international conference on Selected Areas in CryptographyThe ability to link two different sightings of the same Radio Frequency Identification (RFID) tag enables invasions of privacy. The problem is aggravated when an item, and the tag attached to it, changes hands during the course of its lifetime. After ...
Comments