RFID: How Big is the Security Risk?By Brian P. Watson | Posted 2006-05-08 Email Print
WEBINAR: Live Date: December 14, 2017 @ 1:00 p.m. ET / 10:00 a.m. PT
Modernizing Authentication — What It Takes to Transform Secure Access REGISTER >
Critics blast the privacy risks of RFID; but industry executives say that, as privacy risks go, RFID is more controllable than some.Critics of radio frequency identification technologies are just making noise, and technology executives shouldn't fear RFID's capabilities, a Symbol Technologies executive said late last week.
Responding to concerns over RFID's security and potential for privacy invasions, Joe White, Symbol's vice president for product management and tag engineering, said that newer productsand even the older onesare more secure than most people think.
"When you look at all the things you carry that can expose your privacy, there's a lot of control over RFID tags," he said after briefing Baseline on the Holtsville, N.Y.-based company's release of Generation 2 RFID transponders and metal mount tags, which are designed to handle rugged environments.
In March, a group of programmers from Vrije Universiteit in Amsterdam presented a paper titled "Is Your Cat Infected with a Computer Virus?" on how data from RFID tagswhich can be used to help keep track of animalscan be used to infect a company's back-end computers with worms and viruses.
Stateside, as Wal-Mart and other big-box retailers ramp up their demands on suppliers' RFID capabilities, some have complained that corporations and government organizations could track buyers' whereabouts after purchasing items with embedded tags.
But those concerns are overblown, according to White. Passive tags, which don't have an internal power source, can only be read within 30 feet, he said, limiting their prospect for intrusion. He also said that frequently used 96-bit tags don't have enough capacity to handle executable code, so they pose little threat to a company's internal systems.
As technology advances, however, tags will be able to process executable code, which could lead to problems for an enterprise, White said. But he believes those advances are "still several years away."