RFID Security

Contributed by Joanne C. Kelleher

RFID Update has been running a series of articles called “9 Things RFID Will Be Remembered for in ’08.”  The December 18th, 2008 issue covers Part 3.

Coming in at number three is this blog’s favorite topic – RFID Security. It was nice to see recognition for the work that AIM Global, the RFID Security Alliance, SecureRF, and others are doing to be more positive about addressing RFID security issues.

#3 — Providers Proactive About Security
RFID security and privacy topics were often in the news during 2008, but — perhaps for the first time — the news was more about progress than problems. The RFID Security Alliance officially formed to provide market education and encourage collaboration on RFID security development, and had 11 members by year’s end. Three of the founding members, NeoCatena Networks, Veratag and Verayo, are startups who also introduced new technology during the year to enhance RFID device and network security. A fourth founder, SecureRF recently earned a grant to develop tag authentication and encryption technology for the US Air Force.

Unfortunately, there remains a good market for products that improve security for RFID systems and public confidence in them. Researchers reported that the MIFARE Classic high frequency RFID chips that are used in billions of contactless fare cards could be hacked, putting numerous public transportation systems around the world at risk. There were also conflicting reports regarding the safety of using RFID systems around medical equipment. Industry association AIM Global is stepping in to conduct balanced research to resolve that issue.

Several US states, federal government agencies and the European Union continued their ongoing efforts to develop legislation to regulate RFID. There was also considerable activity in the US pharmaceutical industry regarding electronic pedigrees to improve supply chain security. However, California postponed its implementation requirements, making widespread pharmaceutical industry use of RFID-based security systems seem farther away than it did at the start of the year.

Source: RFID Update, 12/18 issue or 9 Things RFID Will Be Remembered for in ’08, Part 3 article

It was also interesting to see that most of these items to be remembered around RFID security were covered in this blog.

RFID Bill Passes in California
FTC’s RFID Workshop on Consumer Privacy and Data Security
Media Reactions: RFID Kills but Cell Phones Don’t?
Secure RFID For Drug E-pedigree
Safeguarding America’s Pharmaceuticals
Mifare hacks and risk assessments

Here is toast to continued positive activity around RFID security in 2009 and to an improvement in the economy, which rounded out the top spot in RFID Update’s list.