Dr. Dobb's Journal November 2003
After hanging around for nearly 60 years, RFID is finally showing signs of life. How can you tell? Well, mainly because the implementation and application of the technology is stirring up lots of controversy. In particular, security and privacy advocates are rightfully in a tizzie over the use of RFID (short for "Radio Frequency Identification") to capture consumer retail purchasing information unbeknownst to the user. For that matter, retail businesses themselves are vulnerable to corporate spies with unauthorized RFID readers that capture store inventories, or thieves who replace (or rewrite) RFID tags. The possibilities are endless (or is that "wireless"?).
Developed in the 1940s to distinguish between friendly and enemy aircraft, RFID wasn't patented until 1973. Since then, it's been used for tracking everything from livestock and nuclear material to turnpike and bridge tolls. And as RFID has moved into the commercial arena, it's been used to track package deliveries, airport luggage, and even household pets. (RFID is used to identify individual dogs participating in the annual Alaskan Iditarod dogsled race, for instance.)
But big business is about to jump on RFID technology in a big way. By being able to use radio signals to efficiently track products from distribution centers to consumer's kitchens, companies like Procter & Gamble, Gillette, Unilever, Wal-Mart, Target, and Home Depot, to name a few, see RFID as a next-generation replacement for the now-familiar barcodes. Moreover, companies such as Crosslink (http://www.crosslinkinc.com/), for instance, have developed RFID systems that monitor the air pressure of truck tires. Mounted inside individual tires, the RFID device sends information to truck drivers automatically as the vehicle passes through particular entrance gates. On another front, the European Central Bank is reportedly working with Hitachi to embed RFID tags into the fibers of Euro bank notes by 2005. RFID enabling the bank notes will hopefully thwart counterfeiters, as well as speed-up common banking tasks such as counting money. Hitachi's RFID microchip, measuring just a third of a millimeter in width, can transmit a 128-bit number; with Euros, this would include serial numbers, country of origin, and denomination.
RFID systems basically consist of a tag (transponder) that's programmed with unique identification data, a reader (transceiver/decoder) that reads/writes tag data, and a database that collects and uses tag data collected by readers. Tags, which can be either active or passive, usually consist of a microchip and antenna. Reader antennas, on the other hand, can be built into anything from doorframes or tollbooths to handheld devices, and emit radio signals to activate tags, then read/write data to them. In one familiar application, a tollbooth reader is constantly emitting signals to oncoming automobiles. As an RFID-enabled automobile approaches the tollbooth, the tollbooth reader activates the car's RFID device, which tells the tollbooth who it is. The tollbooth reader checks whether the car's debit account has enough money to pay for the toll, deducts the appropriate amount, and lets the car through—all in a matter of seconds.
The distance or range of the radio signals depends on the type of tag. Low-frequency (30-500 KHz) systems are commonly used in security access, animal identification, and other applications that only require a range of a few inches. High-frequency (850-950 MHz and 2.4-2.5 GHz) systems, are used in applications that require long read ranges (100 feet or more) and high-speed reading rates. The Crosslink tire system, for instance, uses 915-MHz passive tags with a read range of up to 30 feet. The tire tags store 8 KB of data, including serial numbers, temperature/pressure readings, and the like.
No real standards currently exist for RFID implementations. That may be changing, however, with the recent announcement by the Uniform Code Council and EAN International to form Auto-ID (http://www.autoidcenter.org/), a not-for-profit organization for developing commercial and technical standards for the Electronic Product Code Network. Founded in 1999, the Auto-ID Center is a consortium of nearly 100 companies and five research universities such as the Massachusetts Institute of Technology. Alas, Auto-ID is off to a rocky start, what with the inadvertent publication of confidential documents on its web site that detailed, among other things, Auto-ID plans to "pacify" RFID opposition (see http://www.leaked.info/rfid-docs/rfid-docs.htm and http://cryptome.org/rfid-docs.htm).
There's no question that concerns about privacy are real. If embedded in bank notes, for instance, RFID makes it possible to track where, when, and what transactions take place. If embedded in shoes, packs of razor blades, soft-drink cans, and the like, marketers will be able to track all of your buying habits. Or if you drive on a turnpike from Point A to Point B above the maximum legal speed, you can automatically be issued a speeding ticket and have the fine applied to your credit card.
Addressing these concerns, companies such as RSA Security are developing "blocker tags" and other schemes to protect individual privacy while still enjoying the benefits of RFID tags (http://www.rsasecurity.com/rsalabs/staff/bios/ajuels/publications/blocker/blocker.pdf).
Like it or not, RFID will happen, and in the near future, it will be the type of ubiquitous, wireless computing that surreptitiously affects more people than ever imagined. That's the good news—and the bad.
Jonathan Erickson
editor-in-chief
jerickson@ddj.com