Although still in its early research stage, RSA Security Inc. demonstrated a prototype of the RSA Blocker Tag technology at its data security conference in San Francisco on Tuesday. According to the company, when completed, the tag will enforce consumer privacy when dealing with radio frequency identification (RFID) tags.
RFID technology is much like that of the more familiar bar code data collection technology. It uses electronic tags to store identification data and a wireless transmitter gun to collect it. Unlike the more traditional bar code, however, the RFID tags can hold much more information than just a product or account number.
Without any disruption to normal RFID operation, the Blocker Tag — which is a form of an RFID tag — was designed to prevent readers from performing unwanted scanning and tracking of people or goods, according to the company.
RSA said in a statement that “in a naive, RFID-enabled world without technical forethought” RFID blocking technology is essential to disallow anyone that happens to have an RFID reader to gain access to sensitive information.
The blocker technology works by “spamming” any RFID reader that, without the proper authorization, tries to scan the tags, creating a hostile environment for the reader, RSA said. The company added that when the blocker tag is removed from a product, the RFID tags would work normally, but when RFID tags are in the coverage area of a blocker tag, the RFID tag and the information it contains would be shielded from the reader.
Jeff Woods, a New York-based analyst with Gartner Inc., said that there are some legitimate concerns in the market with RFID technology. He said the initial response from retailers regarding these worries is that the RFID tags will be killed or disabled once the sale has been made, but according to Woods, this isn’t a very good response.
He said that although disabling the tags would eliminate all of the privacy concerns, it also eliminates all of the consumer benefits or post-sale benefits that enterprises were going to get from using RFID tags.
“For example, if I kill all the tags when I sell the customers the products, I can’t use the tags to track returns, which actually in consumer electronics was turning out to be one of the more interesting scenarios,” Woods said. “And figuring out what is an authorized return versus what is an unauthorized return.”
He added that although RSA’s blocker technology will be fairly effective at minimizing consumers’ concerns about the security issues tied with RFID technology, theoretically, there are exploits in the system.
“What remains to be seen is does it provide enough security, is it workable enough, is it usable enough that people will actually use it?” Woods noted. “There is some degree of user interface that has to worked out in terms of how users will activate the blocker, how they will partition the blocker and how the blocker will co-exist with legitimate commercial applications
RFID has been monopolizing headlines since Wal-Mart made public its demand that all of its top 129 suppliers be outfitted with RFID tags by the beginning of 2005. However, the technology itself has been around since 1948, according to Shrouds of time: The history of RFID published by The Association for Automatic Identification and Data Capture Technologies Inc. (AIM) in 2001.
In a breakdown of the timeline of the technology in its report, AIM reported that the “explosion” of RFID development happened between 1970 and 1980, the commercial applications of the technology began entering the mainstream between 1980 and 1990 and the emergence of RFID standards came to market with the turn of the century.