RFID Tags For The Rich

Greedo writes "While reading this piece about designing 'experiences' in the Globe and Mail, I came across this interesting tidbit: If you're a frequent Prada shopper (and who on /. isn't?), the loyalty card in your wallet or purse contains a RFID tag that announces your arrival in the store. When you encounter a saleswoman, her handheld computer brings up your tastes, buying history, vital statistics and personalized suggestions from in-stock and coming inventory; the handhelds also place orders and book change rooms. Every item for sale bears an RFID tag. The RFID tags are courtesy of IDEO, and their website has a nice write-up of all the RFID-powered stuff at Prada, including the changeroom! I'm guessing this isn't coming to Wal*Mart's changerooms when they implement RFID. (Another write-up can be found here.)"

Re:Messing with thier system

[skink1100]

I've worked with several RFID implementations, and all of the (silicon-based) solutions have decent encryption to prevent "capture" of IDs or other data. Usually a shared-key system -- not unbreakable, of course, but pretty difficult to intercept on the sly.

S

Re:Messing with thier system

[Serious+Simon]

I've worked with several RFID implementations, and all of the (silicon-based) solutions have decent encryption to prevent "capture" of IDs or other data.

Bullshit.

Proximity cards based on ISO14443 have encryption, but very limited reading range due to the larger power consumption of the chip. Popular types of vicinity (up to about 1 m reading range) cards such as I*Code, Tag-it, ISO 15693 use no encryption at all. I designed low-level firmware for a reader to read these, so I should know...

Things to think about

In response to many of the posts above, this anonymous coward who has worked extensively with supply chain rfid solutions would like to submit the following:

_ WalMart was testing RFID retail solutions on individual products BEFORE they pulled back from the gillette tag project. See http://www.rfidjournal.com/article/articleview/654 /1/2/ for more info and a link to a major newspaper story

_ Data collected by RFID in the retail environment is pretty inocuous compared to what is already collected. Wheter you use a 'club card' or not, if you've ever payed for a purchase with a credit card there is a name & address associated to your detailed purchases.

_ RFID tags can't be read by potential theives or evil conmen. The technology as-is is pretty crappy right now, and the range required to read tags small enough to fit on an individual product is within a couple inches. Portals/readers have to be specifically tuned to certin tag formats as well. Suffice to say, unless the 'evil doers' have the ability to hold the actual item -- and the right hardware to read the specific tag, they dont have a shot in hell at reading it. If that doesn't address your concerns, then how about this: newer tags implement self-destructing features, that allow a 'die now' command to be sent when scanning to render them useless -- just to be safe.

_ RFID tags function poorly around metals and machinery from interference. They're pretty bad around water and paper/wood too.

_ Everyone touts the Prada store's accomplishments for the past two years. Its old news -- and no one ever mentions that the stuff never works. Go by the store, ask for a demonstration. Watch the employees cross their fingers or laugh. Go on... The Prada store is only functional as a PR piece.

All of the outcry and reservations about RFID is just plain stupid -- the technology only makes current supply chain tasks easier. The only negative effect on consumer privacy they exert, is detracting attention from the invasive climate THAT ALREADY EXISTS.