RSA introduces RFID blocker technology

Although still in its early research stage, RSA Security demonstrated a prototype of the RSA Blocker Tag technology at its data security conference in San Francisco on Tuesday. According to the company, when completed, the tag will enforce consumer privacy when dealing with radio frequency identification (RFID) tags.

RFID technology is much like that of the more familiar bar code data collection technology. It uses electronic tags to store identification data and a wireless transmitter gun to collect it. Unlike the more traditional bar code, however, the RFID tags can hold much more information than just a product or account number.

Without any disruption to normal RFID operation, the Blocker Tag -- which is a form of an RFID tag -- was designed to prevent readers from performing unwanted scanning and tracking of people or goods, according to the company.

RSA said in a statement that "in a naive, RFID-enabled world without technical forethought" RFID blocking technology is essential to disallow anyone that happens to have an RFID reader to gain access to sensitive information.

The blocker technology works by "spamming" any RFID reader that, without the proper authorization, tries to scan the tags, creating a hostile environment for the reader, RSA said. The company added that when the blocker tag is removed from a product, the RFID tags would work normally, but when RFID tags are in the coverage area of a blocker tag, the RFID tag and the information it contains would be shielded from the reader.

Jeff Woods, an analyst with Gartner, said that there are some legitimate concerns in the market with RFID technology. He said the initial response from retailers regarding these worries is that the RFID tags will be killed or disabled once the sale has been made, but according to Woods, this isn't a very good response.

He said that although disabling the tags would eliminate all of the privacy concerns, it also eliminates all of the consumer benefits or post-sale benefits that enterprises were going to get from using RFID tags.

"For example, if I kill all the tags when I sell the customers the products, I can't use the tags to track returns, which actually in consumer electronics was turning out to be one of the more interesting scenarios," Woods said. "And figuring out what is an authorized return versus what is an unauthorized return."

He added that although RSA's blocker technology will be fairly effective at minimizing consumers' concerns about the security issues tied with RFID technology, theoretically, there are exploits in the system.

"What remains to be seen is does it provide enough security, is it workable enough, is it usable enough that people will actually use it?" Woods noted. "There is some degree of user interface that has to worked out in terms of how users will activate the blocker, how they will partition the blocker and how the blocker will coexist with legitimate commercial applications

RFID has been monopolizing headlines since Wal-Mart Stores made public its demand that all of its top 129 suppliers be outfitted with RFID tags by the beginning of 2005. However, the technology itself has been around since 1948, according to Shrouds of time: The history of RFID, published by The Association for Automatic Identification and Data Capture Technologies (AIM) in 2001.

In a breakdown of the timeline of the technology in its report, AIM reported that the "explosion" of RFID development happened between 1970 and 1980, the commercial applications of the technology began entering the mainstream between 1980 and 1990 and the emergence of RFID standards came to market with the turn of the century.

Join the CSO newsletter!

Error: Please check your email address.

More about Consumer ElectronicsGartnerRSA, The Security Division of EMCWal-Mart

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lindsay Bruce

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts