During December’s RFID Security Alliance call, there was an open discussion on the effects of RFID readers becoming ubiquitous. This frank and useful discussion posed the following questions:
What will happen when RFID Readers become embedded in common every day devices that a non-expert can use?
One examples of RFID readers becoming embedded in a common device is with the Smart Phone that many of us own today. Such speculation is not baseless and while limited to the rumor mill at this point, it seems likely that some consumer devices will start to incorporate such reader technologies in the near future. How do we know this?
On the speculative side, the rumor mills are filled with suggestions that next generation Apple iPhone may include such technology:
On the more fact-based side, we know that NXP semiconductors and others are developing combo chips that combine Cell Phone and RFID technology into single devices. While this does not mean a product will certainly be on the market with this functionality, it seems a high probability.
How might such multi-function devices be used?
There could be many uses. Speculating a little, one rational would be to incorporate such RFID reading capability with bar code and other sensors to allow a device to read a product ID (and other information). This would then be used to locate information about the product (through the internet via the cell phone connection), possibly including price at varying local stores as well as a combination of other on-line retailers. Why? To enable a purchase from a different location than the one were you scanned the item. Motivation for purchasing elsewhere includes price, offering a value added purchase, offering related products and their improved availability or other factors (service, support etc). The goal would be to take a small service fee for the pleasure.
Another possible usage is to turn the iPhone into a ‘digital wallet” with RFID.
What will happen when RFID Readers are available to such users?
Phones are regularly hacked (e.g. “Jailbreaking” iPhone) or increasingly targeted for unscrupulous activities (e.g. identity theft etc). It will be no different with RFID reader enabled devices and the system and tags in question. One member suggested that applications that have value will be the first ones hacked and then hackers will pick on applications that will be fun to break or for bragging rights.
The RFID Security Alliance is looking carefully at such concerns and has decided to pull together a “Best Practices” white paper to address these concerns. Any solution must address the full spectrum of threats, RF security, physical tag security, reader security etc.
Contributed by Neil Mitchell, RFIDSA Vice Chair