History of RFID tags
Perhaps the first work exploring RFID is the landmark paper
by Harry Stockman, "Communication by Means of Reflected
Power", Proceedings of the IRE, pp. 1196-1204, October
1948. Stockman predicted that " ... considerable research
and development work has to be done before the remaining basic
problems in reflected-power communication are solved, and before
the field of useful applications is explored." It required
thirty years of advances in many different fields before RFID
became a reality.
Types of RFID tags
RFID tags can be either active or passive.
Passive RFID tags do not have their own power supply: the
minute electrical current induced in the antenna by the incoming
radio-frequency scan provides enough power for the tag to
send a response. Due to power and cost concerns, the response
of a passive RFID tag is necessarily brief, typically just
an ID number (GUID). Lack of its own power supply makes the
device quite small: commercially available products exist
that can be embedded under the skin. As of 2004, the smallest
such devices commercially available measured 0.4 mm ×
0.4 mm, and thinner than a sheet of paper; such devices are
practically invisible. Passive tags have practical read ranges
that vary from about 10 mm up to about 5 metres.
Active RFID tags, on the other hand, must have a power source,
and may have longer ranges and larger memories than passive
tags, as well as the ability to store additional information
sent by the transceiver. At present, the smallest active tags
are about the size of a coin. Many active tags have practical
ranges of tens of metres, and a battery life of up to several
years.
As passive tags are much cheaper to manufacture, the vast
majority of RFID tags in existence are of the passive variety.
As of 2004 tags cost from $0.25. The aim is to produce tags
for less than $0.05 to make widespread RFID tagging commercially
viable.
There are four different kinds of tags commonly in use, their
differences based on the level of their radio frequency: Low
frequency tags (between 125 to 134 kilohertz), High frequency
tags (13.56 megahertz), UHF tags (868 to 956 megahertz), and
Microwave tags (2.45 gigahertz).
See also for some Transponder devices which deliver a similar
function, and contactless chipcards.
Current usage
Low-frequency RFID tags are commonly used for animal identification,
beer keg tracking, and automobile key-and-lock, anti-theft
systems. Pets are often embedded with small chips so that
they may be returned to their owners if lost. In the United
States, two RFID frequencies are used: 125kHz (the original
standard) and 134.5kHz, the international standard.
High-frequency RFID tags are used in library book or bookstore
tracking, pallet tracking, building access control, airline
baggage tracking, and apparel item tracking. High-frequency
tags are widely used in identification badges, replacing earlier
magnetic stripe cards. These badges need only be held within
a certain distance of the reader to authenticate the holder.
UHF RFID tags are commonly used commercially in pallet and
container tracking, and truck and trailer tracking in shipping
yards.
Microwave RFID tags are used in long range access control
for vehicles, an example being General Motors' OnStar system.
Some toll booths, such as California's FasTrak system, use
RFID tags for electronic toll collection. The tags are read
as vehicles pass; the information is used to debit the toll
from a prepaid account. The system helps to speed traffic
through toll plazas.
Sensors such as seismic sensors may be read using RFID transceivers,
greatly simplifying remote data collection.
In January 2003, Michelin announced that it has begun testing
RFID transponders embedded into tires. After a testing period
that is expected to last 18 months, the manufacturer will
offer RFID-enabled tires to car-makers. Their primary purpose
is tire-tracking in compliance with the United States Transportation,
Recall, Enhancement, Accountability and Documentation Act
(TREAD Act).
Cards embedded with RFID chips are widely use as electronic
cash, e.g. Octopus Card in Hong Kong and the Netherlands to
pay fares in mass transit systems and/or retails.
In August 2004, the Ohio Department of Rehabilitation and
Correction (ODRH) approved a $415,000 contract to trial the
tracking technology with Alanco Technologies. Inmates will
wear "wristwatch-sized" transmitters that can detect
if prisoners have been trying to remove them and send an alert
to prison computers. This project is not the first such rollout
of tracking chips in US prisons. Facilities in Michigan, California
and Illinois already employ the technology.
Potential uses
RFID tags are often envisioned as a replacement for UPC or
EAN bar-codes, having a number of important advantages over
the older bar-code technology. RFID codes are long enough
that every RFID tag may have a unique code, while UPC codes
are limited to a single code for all instances of a particular
product. The uniqueness of RFID tags means that a product
may be individually tracked as it moves from location to location,
finally ending up in the consumer's hands. This may help companies
to combat theft and other forms of product loss. It has also
been proposed to use RFID for point-of-sale store checkout
to replace the cashier with an automatic system, with the
option of erasing all RFID tags at checkout and paying by
credit card or inserting money into a payment machine. This
has to a limited extent already been implemented at some stores.
(http://www.ncr.com/repository/articles/pdf/sa_selfcheckout_integratedsolutions.pdf).
An organization called EPCglobal is working on a proposed
international standard for the use of RFID and the Electronic
Product Code (EPC) in the identification of any item in the
supply chain for companies in any industry, anywhere in the
world. The organization's board of governors includes representatives
from EAN International, Uniform Code Council, The Gillette
Company, Procter & Gamble, Wal-Mart, Hewlett-Packard,
Johnson & Johnson, and Auto-ID Labs.
In July 2004, the Federal Drug Administration issued a ruling
that essentially begins a final review process that will determine
whether hospitals can use RFID systems to identify patients
and/or permit relevant hospital staff to access medical records.
Many somewhat far-fetched uses, such as allowing a refrigerator
to track the expiration dates of the food it contains, have
also been proposed, but few have moved beyond the prototype
stage.
Controversy
How would you like it if, for instance, one day you realized
your underwear was reporting on your whereabouts? (http://news.com.com/2100-1029_3-5065388.html)
- California Senator Debra Bowen, at a 2003 hearing
The use of RFID technology has engendered considerable controversy
and even product boycotts. The four main privacy concerns
regarding RFID are:
The purchaser of an item will not necessarily be aware of
the presence of the tag or be able to remove it;
The tag can be read at a distance without the knowledge of
the individual;
If a tagged item is paid for by credit card or in conjunction
with use of a loyalty card, then it would be possible to tie
the unique ID of that item to the identity of the purchaser;
and
Tags create, or are proposed to create, globally unique serial
numbers for all products, even though this creates privacy
problems and is completely unnecessary for most applications.
Most concerns revolve around the fact that RFID tags affixed
to products remain functional even after the products have
been purchased and taken home, and thus can be used for surveillance,
and other nefarious purposes unrelated to their supply chain
inventory functions. Although RFID tags are only officially
intended for short-distance use, they can be interrogated
from greater distances by anyone with a high-gain antenna,
potentially allowing the contents of a house to be scanned
at a distance. Even short range scanning is a concern if all
the items detected are logged in a database every time a person
passes a reader, or if it is done for nefarious reasons (e.g.,
a mugger using a hand-held scanner to obtain an instant assessment
of the wealth of potential victims). With permanent RFID serial
numbers, an item leaks unexpected information about a person
even after disposal; for example, items that are resold, or
given away, enable mapping of a person's social network.
Another privacy issue is due to RFID's support for a singulation
(anti-collision) protocol. This is the means by which a reader
enumerates all the tags responding to it without them mutually
interfering. The structure of the most common version of this
protocol is such that all but the last bit of each tag's serial
number can be deduced by passively eavesdropping on just the
reader's part of the protocol. Because of this, whenever RFID
tags are near to readers, the distance at which a tag's signal
can be eavesdropped is irrelevant; what counts is the distance
at which the much more powerful reader can be received. Just
how far this can be depends on the type of the reader, but
in the extreme case some readers have a maximum power output
(4 W) that could be received from tens of kilometres away.
The potential for privacy violations with RFID was demonstrated
by its use in a pilot program by the Gillette Company, which
conducted a "smart shelf" test at a Tesco in Cambridge.
They automatically photographed shoppers taking RFID-tagged
safety razors off the shelf, to see if the technology could
be used to deter shoplifting. (http://www.smalltimes.com/document_display.cfm?document_id=5363)
In January 2004 a group of privacy advocates was invited
to METRO "Future Store" in Germany, where a RFID
pilot project was implemented. It was uncovered by accident
that METRO "Payback" customer loyalty cards contained
RFID tags with customer IDs, the fact that was not disclosed
either to customers receiving the cards, or this group of
privacy advocates. This happened despite assurances of METRO
that no customer identification data was tracked and all RFID
usage was clearly disclosed. (http://www.spychips.com/metro/overview.html)
The controversy was furthered by the accidental exposure
of a proposed Auto-ID consortium public relations campaign
that was designed to "neutralize opposition" and
get consumers to "resign themselves to the inevitability
of it" whilst merely pretending to address their concerns.
(http://www.spychips.com/press-releases/security_gaffe.html)
The standard proposed by EPCglobal includes privacy-related
guidelines for the use of RFID-based EPC. These guidelines
(http://www.epcglobalinc.org/public_policy/public_policy_guidelines.html)
include the requirement to give consumers clear notice of
the presence of EPC and to inform them of the choice that
they have to discard, disable or remove EPC tags. These guidelines
are non-binding, and only partly meet the joint position statement
(http://www.spychips.com/jointrfid_position_paper.html)
of 46 multi-national consumer rights and privacy groups.
In 2004, Lukas Grunwald released a computer program RFDump
which with suitable hardware allows reading and reprogramming
the metadata contained in an RFID tag, although not the unchangeable
serial number built into each tag. He said consumers could
use this program to protect themselves, although it would
also have significant malicious uses.
