Radio frequency identification (RFID) is one element of ubiquitous computing. It is also a highly publicized technology, receiving an unprecedented amount of attention from research, business, and privacy watch groups. The capabilities, range, applications, standards, hype, and security/privacy concerns of RFID have only increased since this paper appeared in mid-2003. The author presents a broad overview of and introduction to the technology, the potential applications of it, and some of the security/privacy concerns surrounding its use and deployment.
The potential uses for passive, semi-active, and active RFID are vast and varied. The author enumerates several of the most popular uses; however, these devices are finding their way into ever more obscure applications. This is especially true when the capabilities expand and cross over into sensor network scenarios. The standards, communication, and security capabilities of RFID have progressed a great deal from those noted in this paper, given the brief amount of time that has elapsed.
With regard to security and privacy concerns, the outrage over item-level tagging noted in the paper has spurred industry to adopt “kill-tag” capabilities. However, this is far from the only, or most invasive, security concern. Indeed, since the paper was published, such wide-scale systems as ExxonMobil’s SpeedPass have been vulnerable to cryptographic attacks [1].
If this paper is able to raise awareness of the security and privacy issues that are becoming apparent in RFID systems, it has served a valuable purpose. Too many papers on the topic expound the virtues of RFID, while glossing over the inherent risks in identifying and exposing so much information in the digital world.