For those of you that are keen to explore some of the ‘darker’ issues associated with contactless credit, debit, passport, ski-pass and door-entry security systems then the following resources may prove useful. Published here by kind permission of the author, are eighteen objective case studies (in six folders) that present both sides of the argument for RFID technology.
Download each (600KB PDF) by clicking on the associated images below.
If you wanted to reproduce these, I suggest making contact with the author/s.
Spychips has just reported that senior executives from American Express, have ‘taken a broadside’ with the discovery of the banking giants plans for people tracking. American Express representatives attended a meeting with CASPIAN (Consumers Against Supermarket Privacy Invasion and Numbering) in July 2011 to review the current situation. Since this meeting, American Express has committed to review its entire patent portfolio ensuring that, “…any people-tracking plans be accompanied by language requiring consumer notice and consent.”
A spokesperson for Spychips reported that American Express had filed a patent application entitled, “Method and System for Facilitating a Shopping Experience.” Spychips have described this patent as, “…a Minority Report style blueprint for monitoring consumers through RFID-enabled objects, like the American Express Blue Card.” Spychips also state the following in respect to the proposed patent:
According to the patent, RFID readers called “consumer trackers” would be placed in store shelving to pick up “consumer identification signals” emitted by RFID-embedded objects carried by shoppers. These would be used to identify people, track their movements, and observe their behavior.
The patent also suggested such people-tracking systems could “be located in a common area of a school, shopping center, bus station or other place of public accommodation.”
The UK banking sector appears pretty confident in its assertions that ‘contactless’ technology is 100% secure from unauthorised access, and similar claims are also made in respect of Britain’s e-passport. The argument goes something like this; without an ability to cross-reference information that has been ‘skimmed’ from a contactless device with a user profile that is held within a central database – then the data obtained by the ‘skimmer’ is meaningless. It’s a reasonable argument, one that makes sense and ought to offer us a very real measure of confidence in ‘contactless’ banking. However, with the announcement that Sony’s PlayStation has fallen victim to a serious hacking incident, leaving users vulnerable to ID theft, some may wonder just how many customer databases elsewhere have been compromised in recent years?
The results of a very ‘quick and dirty’ trawl through certain internet news portals, looking for examples of database hacking, makes for unsettling reading.
But do keep in mind there’s no need to worry unduly about contactless crime; as a number of products are already available that will allow any concerned carrier of RFID-enabled cards or passports to shield their data. For instance RFID Protect in the UK, offers a wide range of ‘anti-skim’ shielding products.
Unbranded, anti-skimming, RFID blocking, credit card and e-passport sleeves – at last there’s a UK supplier!!!
Until very recently it seemed impossible to purchase cheap unbranded paper-based Tyvek RFID sleeves from a UK supplier. BUT now multi-packs have arrived on eBay! (These fit all major UK passport, credit, debit, Oyster, transport and similar sized cards.)
This is a great development and certainly the best option for those on a really tight budget.
This is an extraordinary article that would appear to suggest that the US military takes the business of ‘skimming’ very seriously, not least in respect of its RFID enabled ID passes; issued to all personnel. You cannot help but ask the question, “…if contactless technology is 100% bulletproof against unauthorised attack – then why are the US Department of Defense introducing shielding sleeves?” Go figure!
On Wednesday 27th October, 2010 RFID News broke the following sensational story.
“Government officials in New Delhi will soon make it mandatory for all vehicles to be equipped with RFID cards that will be used to make road toll payments, according to Hindustan Times. The government accepted the recent proposal and said it will ensure that it is being implemented within 18 months. Initially it will be used for toll collection on national highways, subsequently it will be used for other purposes also, including toll collection on state highways,” said Kamal Nath, road transport and highways minister. “Commuters can preload whatever amount they want and make the payment when required. Officials have also instructed manufactures that all new vehicles will come with RFID chips installed.”
India is a country that has a clear sense of its own destiny, and one that has always been keen to position itself as a technological innovator. It used to be the case that Britain transfered its knowledge in the direction of emergent Eastern economies, in return for significant finanicial gain. Perhaps this article suggests we are at the beginning of a new chapter in the flow of information between countries, since widespread adoption of RFID enabled vehicle tracking in the UK is highly likely in years to come. Where India is leading on this, we seem likely to follow; which surely begs the question, “…do you want your every movement tracked by the State? If not, what can be done about this within the scope of our current legislative framework?”