Safety

The most important security issue
RFID - illegal tracking of RFID tags. Privacy of personal
location may be violated if
allow arbitrary reading of the label. Duplication or cloning of RFID tags -
next question. Due to the fact that many RFID tags can be scanned from a distance, and without
notifications to the label owner, they may be vulnerable to unauthorized duplication. For example, such a specific situation
may occur when the tag is embedded in a contactless card,
which is used to access secure buildings.
Or if RFID is used in the payment system,
such as in casinos or gas stations. Against
technology is also played by the fact that for "quick passes" most often
use tags manufactured by Texas Instruments that include a weak
encryption scheme. In 2005, RSA Labs and Johns Hopkins University researchers
completely hacked the applied algorithm and were able to clone quick skip tags.
Deal with encryption issues however
quite difficult - due to limited computing resources. Standard encryption techniques require more resources than are available in most low cost RFID devices.
At the moment there are several
solutions, but none of them to name
complete and reliable enough
it is forbidden.

In 2004, Lukas Grunwald released the RFDump computer program, which, with the right hardware, allowed the reading and reprogramming of the metadata contained in an RFID tag, although
and did not change the serial number. The author says that consumers will be able to use this program to protect themselves, although
with its help it is possible and "correct"
use in, shall we say, selfish
purposes.

Private life

“How would you like it if, for example, one day you find that your underwear tells where you are?”
— California State Senator Deborah Bowen, 2003.

The use of RFID technology has given rise to significant
legal disputes, sometimes it came
even to an outright food boycott. Many problems
arise from the fact that RFID tags attached to products retain their properties even after the customer has purchased the product and taken it home, which can be used for surveillance and other purposes unrelated to their inventory functions in the supply chain . Although RFID tags are intended for use only over short distances, they can be
read from long distances with an antenna
and special equipment. Ignoring
attention to "long-range"
scanning can be said that even reading from a short distance -
cause for concern. Imagine if all detected items are registered in the database each time a person walks past the reader, or if this is done
for criminal purposes (for example, a robbery using a handheld scanner to get
instant assessment of the viability of potential victims). With permanent RFID serial numbers,
any object emits invalid information about a person even after cleaning; For example,
an item that we have resold or given away,
can be used to control
human social connections.

Documentation

It was proposed to implant RFID tags in
new passports to promote efficiency
reading biometric information. Security expert Bruce Schneier said of these plans: “This is a pure threat to personal security. Simply put, it's a bad idea."
The US State Department rejected from the very beginning
this venture for the reason stated above.
It was originally assumed that RFID passports
can only be read from a distance of 10 cm, but
numerous demonstrations have proven that professional equipment can read test passports from
distances of about 10 meters.

In the US, in the state of Virginia, it was decided to put RFID tags on driver's licenses. The Virginia General Assembly also hopes that tagging will increase the use of counterfeit documents.
difficult. Technology was first
presented to the public in 2002, but it is still
has been discussed for a while.

California lawmakers postponed
bill to ban
documents containing RFID chips. Bill,
nominated by Senator Joe Simitian,
proposed a three-year moratorium on
implementation of state documents and
identity cards used in
as authentication
radiochips. At the same time, the law
proposed to introduce a special article,
punishing secret
interception of the RFID signal. The advent of the law
contributed to concerns about possible
abuse of such a system as
sides of government structures and
special services, and from potential
attackers. However, this law was
blocked by an influential lobby,
representing the interests of manufacturers
electronics.

RFID is a special identification technology that provides users with great opportunities. The most common RFID tags, as well as barcodes, are self-adhesive rfid tags. But if on barcodes all information is stored in a graph. form, data is entered on the label using radio waves.

Application methods

RFID technology (radio frequency identification) is based on the use of electromagnetic radio frequency radiation. RFID is used to account for objects.

RFID tag is a miniature device. Rfid active tags consist of a microchip that stores information and antennas, through which the tag can transmit or receive data. Such an RFID tag has its own power supply, but most tags do not need power (passive).

A unique number and various information are stored in the memory of such a system. If the tag falls into the place of registration, this information is received by the RFID reader.

For transmission, passive tags use the energy of the reader. Having accumulated energy, the tag starts data transmission. The registration distance for passive tags is 0.05 - 10 meters, depending on the RFID reader and tag device. It should also be taken into account that there are different types of RFID tags.

Where applicable

The scope of application is constantly expanding. This technology is often in demand in industries that require object control and intelligent automation solutions, as well as the ability to work in the most severe conditions, error-free and reliable.

• In RFID-enabled factories, raw materials are accounted for and those are controlled. operations, provide the principles of JIT and FIFO. RFID solutions provide a high level of reliability and quality stability.
• The RFID warehouse tracks the movement of goods in real time, speeds up the shipment process, increases the reliability of operations and reduces the human factor. RFID solutions provide excellent protection against product theft.
• In the consumer industry merchandise and retail RFID systems track merchandise along the way, from the manufacturer to the counter. The product is delivered to the shelf, not stale in the warehouse and sent to the store, where there is a high demand for it.
• RFID tags have interesting applications - for example, in a library, RFID will help you find books in the store and issue books, and prevent theft. The queues for issuance also disappear. The time for selecting and searching for the desired publication is reduced.
• RFID tags are also used in marking fur coats and other fur products. Each such product is marked with a Control (or special identification) mark with a label embedded in it. At the same time, the cost of rfid tags is mere pennies.

Many areas of business can be improved with new RFID technology. The potential of RFID is huge.

Active and passive rfid tags

Active identifying devices can be characterized by a high reading range, unlike passive ones, as well as the ability to better recognize and read all the necessary data when such a tag moves at high speed. The disadvantage of active tags is the price and bulkiness.

Types of RFIDs

High-frequency RFID tags operating at frequencies of 13.56 MHz;
Ultra-high frequency tags operating at frequencies of 860-960 MHz. This range is used in Europe.

Ways to write to an identifier

1. ReadOnly devices, on which you can write information once, and further change or deletion of information is impossible;
2. WORM devices are RFID radio tags that allow you to write and read all data once. Initially, no information is stored in memory, all data is entered by the user, however, after recording, it is impossible to overwrite or delete information;
3. R / W-devices that allow you to read or write information. This is a more progressive group of devices, since these tags allow you to overwrite and delete even various unnecessary information. Rfid tags are recorded with their own help.

RFID technology tags and applications - used in manufacturing, trade, management and access control systems, document forgery protection systems and other areas.

How to choose an RFID reader?

The choice starts with setting the application goals and understanding the function that the RFID reader performs. And only after that you can buy rfid tags.

• Desktop reader. This type is used for labeling books/documents in libraries, personalization when labeling fur coats and fur products (using an RFID tag on clothes), to control the authenticity of purchased products. The RFID reader is installed on the table and connected to the computer via USB.
• Mobile RFID reader. These devices are actively used in warehouses, libraries and archives. They are used in work even outdoors, where there is no power. The mobile reader is often used for group search and inventory, identification in the field (repair work, product control).
• portal reader. Its main purpose is an anti-theft function in libraries, warehouses and other facilities. Portal readers are used to better identify vehicles, to account for the movement of people or objects (exhibitions, factories). Also uses the RFID rewritable function.
• Ceiling RFID. Duplicates the function of a classic portal RFID reader, but unlike it, it is installed in place with a wide passage, behind a false ceiling, at objects of cultural value.
• You can also use android (there is a built-in adapter).

RFID key fob

For marking keys, an RFID tag was developed in a plastic case-key fob based on the TwinTag-Mini system.

The TwinTag RFID tag has been designed for permanent use in solutions that require the registration of objects in 3 planes (3D format).

Such a key fob can be used as an identifier and verifier of the electronic signature of a cashier in a bank branch and serviced at a point of sale.

Marking objects:

• Keys.
• Bags.
• Cashier ID.
• Identifier of the on-duty collector.

What is RFID on clothes?

Now stores often sell clothes with chips. These chips are based on markers (RFID), i.e. for the possibility of identification at a distance. Such chips are deliberately placed on clothing so that the consumer does not notice them and continues to wear the clothing with the chip in their daily life.

FID transponders for marking are made on the basis of a silicon chip. Such a chip will increase the service life of the radio tag and provide functional advantages. A clothing RFID tag is a label with a programmable chip containing information about the product.

The size of the antennas has been reduced, which will allow them to be produced with small dimensions. The chip is convenient to use in clothes: fur coats, children's clothing, underwear and other goods. Also used are rfid stickers and rfid labels on clothing and other products.

Thanks to the Gen 3 rfid, the chip in the clothes has an increased memory capacity and is equipped with an additional encryption/serial number generation function. This makes rfid tags reliable devices for accounting and protecting goods. In addition, it is possible to make an rfid tag with your own hands (fortunately, this is not very difficult) and store it in everyday clothes.

The RFID chip will allow you to repeatedly add or overwrite data in its memory. RFID tags are easy to read through the packaging, making them easy to place. The RFID tag reading range is several tens of meters.

How to write data to a label

For work, you can use the standard library included in the Arduino, but there is another library written for the module - MFRC522. Both libraries are very convenient, but MFRC522 has more special functions that allow you to shorten the program code.

Where can I buy RFID tags

Based on the selection, you can choose a set of labels for yourself. You can buy it in many online stores. It contains several types of labels for different accounting units. You can test the operation of such equipment with a specific tag in real conditions.

More recently, a fundamentally improved version of theft of funds has been discovered, a new method of stealing money from cards equipped with PayWave and PayPass technologies - criminals intercept signals from such bank cards “over the air” using handicraft readers.

Plastic cards with contactless RFID chips can be used just by applying them to a PoS bank terminal. At the same time, such cards in the PoS terminal are “not rolled” and are not inserted.

Last year, attackers already managed to steal about two million rubles using such hacker devices. In addition, methods have appeared to steal money from credit cards using the latest smartphone models, in which there is a modification of a kind of RFID technology - an NFC device. To withdraw funds from a card, hackers only need to know its full card number and the month/year of service expiration.

PayPass chips are equipped with cards of the international system Mastercard, and chips with the name PayWave are equipped with cards of the Visa payment system. At the same time, both companies allow their contactless technologies to be used both on magnetic stripe cards and on newer cards with a square chip.

The convenience of using the Mastercard-PayPass and Visa-PayWave systems lies in the simplification and acceleration of payments in stores. When making payments up to a thousand rubles with cards with RFID chips, there is no need to sign a cash receipt and enter your PIN code into the PoS terminal.

The meaning of fraudulent schemes is to intercept NFC signals using illegal reader devices. In terms of their technical stuffing, RFID interceptors are highly advanced analogues of conventional contactless POS card terminals with increased functionality that capture and process electromagnetic waves. Such a device is usually equipped with an antenna, a special controller, connectors for extracting information from the reader and pirated computer software.

To read payment data, it will be enough for a fraudster to bring the reader about ten centimeters to the victim’s card.

That is, in the subway or ground transport during rush hour, this will be done very easily and imperceptibly. The stolen information is subsequently transferred to other participants, whom the performer often does not even know. And those already produce clones-duplicates of bank cards, which are used to cash out black cash.

The cost of an illegal RFID reader for attacking PayWave and PayPass cards is about a hundred dollars, while the “kulibins” can make them from components that can be ordered on eBae or Aliexpress.

So how can you protect your money from a contactless card hack?

The easiest and most effective way to protect your card from a contactless reader is to carry it along with other non-payment contactless cards, such as the Strelka or Troika transport card. When trying to read data, the scammer's device will not be able to copy the information correctly, since the incoming signal will be sent simultaneously from several cards and it will not be processed correctly.

You can purchase a special blocking RFID wallet with read protection. Or there are other cards that you need to put in your wallet next to your credit cards. It is also recommended to enable notification of account balance changes using SMS messages or PUSH notifications. Alternatively, you can further reduce the amount that can be used when paying by card without specifying a PIN.

Also, a significant drawback of NFC readers is the fact that the fraudster needs to place this device almost close to the original bank card, which already allows for sufficient protection against reading. Well, if there are several pieces of contactless cards in your purse, then this circumstance will also complicate the criminal intent.

Be careful!

Credit and debit cards with an embedded radio frequency identification (RFID) tag are now the norm. But this is only one area where RFID technology is used.

There are many other places where you use RFID technology, perhaps without even realizing it.

So what is RFID?

RFID is the use of radio waves to read, capture and interact with the information stored in a tag/tag. Tags are usually attached to objects and can be read from several meters. Also, the tag does not always have to be in line of sight to initiate an interaction.

An RFID tag is an easy way to give an object a unique identifier. Plus, they don't need an internal power source, while the tag can be as small as a grain of black pepper. This means that they are easily implemented almost everywhere - hence their popularity.

How does RFID work?

The basic RFID system consists of two parts: a tag and a reader.

Label

The RFID tag has a built-in transmitter and receiver. The actual RFID component contained in the tag consists of two parts: an integrated circuit for storing and processing information, and an antenna for receiving and transmitting the signal. The RFID tag has non-volatile storage and may include either fixed or programmable logic to process transmission and sensor data.

Tags can be passive, active, or battery-powered passive.

Passive label is the cheapest option and does not contain a battery. The tag uses a radio transmission transmitted by the reader.

active label has a built-in battery that periodically transmits its credentials.

Rechargeable passive tag also equipped with a small built-in battery, but only activated when an RFID reader is present.

In addition, the label may be available only for reading or read/write. The read-only tag has a factory serial number used for identification in the database, while the tag read/write may have certain user data written to the label by the user.

Reader

An RFID reader is equipped with a two-way radio transmitter (transceiver), sometimes called an interrogator. The transceiver transmits an encoded radio signal to interact with the tag. The radio signal essentially wakes up or activates the tag. In turn, the tag's transponder converts the radio signal into usable power and responds to the reader.

We usually classify the type of RFID system by the type of tag and reader. There are three common combinations:

• Passive Reader Active Tag (PRAT): The reader is passive, it only receives radio signals from the active tag. Because the tag is powered by a battery, the receive/transmit range can be from 0 to 600m. Thus, PRAT is a flexible RFID solution.
• Passive Tag Active Reader (ARPT): the reader is active, transmitting a request radio signal, receiving authentication responses from passive tags.
• Active tag active reader (ARAT): the reader is active and interacts with active or battery passive tags.

In addition to the type of RFID system, RFID uses a set of adjustable frequency bands.

What is OPID?

Optical RFID (OPID) is an alternative to RFID that uses optical readers. OPID operates in the electromagnetic spectrum between 333 THz and 380 THz.

How much data?

The amount of information stored in an RFID tag varies. For example, a passive tag can only store up to 1024 bytes of information - that's just one kilobyte (KB). Ridiculous in terms of today's storage capacity, but enough to store a full name, ID number, birthday, SSN, credit card information, and more. However, the aerospace industry uses passive microwave RFID tags with 8K storage to track the history of parts over time. They can store a huge amount of personal data.

General use of RFID

RFID tags are everywhere. Since they are easily attached to almost anything, have no need for energy, they are used in all areas of life, including:

• Item management and tracking
• Observation of people and animals
• Contactless payments
• travel documents
• Barcodes and security labels
• Health data management
• Timing

RFID is also making waves in the ever-growing smart home market. In 2010, the cost of RFID dropped significantly. At the same time, the reliability of RFID has increased due to the global shift to RFID standards. All of a sudden there was an extremely reliable but economical tracking or identification system.

Safety

The sudden surge of RFID has also caused security concerns. More recently, contactless payment cards with RFID tags have appeared. Unscrupulous people hacked contactless cards using portable payment terminals while the RFID-enabled card was in the target's pocket or wallet.

In the UK, another example involves RFID tags stored in passports. When first entered, the password for the new UK passport was cracked within 48 hours. In addition, there have been reports that the criminals were stealing the mail containing the new passport, scanning the RFID tags for the data, and then sending it further down their path.

RFID is here to stay

RFID is a huge industry. We use it almost every day. The package that arrived at your home, the card you paid for your dinner, the key card that opened the door, the smart home, the hand implant, and more all use RFID technology.

What are you using RFID for? Do you use it in your smart home? Have you bought an RFID blocking wallet? Let us know it in the comments below!

RFID stands for Radio Frequency Identification. This chip-based security technology is used in a host of industries, as well as in credit cards and passports for storing personal information (can be transferred to a special scanner). Given the seriousness of the problem of this kind of theft, scientists are proposing the introduction of new technologies to ensure the security of RFID cards.

Thefts (often referred to as "skimming") are thefts using a scanner to read or duplicate information from someone's RFID item without the knowledge of the owners. Although it is still quite rare, for example, on the street, researchers have demonstrated successful “attacks” (methods to steal information from RFID devices) and the use of these attacks can easily lead to card fraud and identity theft. That's what rfid protection is for.

How do RFID-protected wallets work?

The rfid wallet has all the necessary material (also referred to as stop rfid) for blocking signals, which is included in the lining.

Rfid wallet protection is how? While your cards or passport are wrapped inside this material, the scanner is not able to read all the information inside.

Are cards protected if the wallet is open?

Rfid protection of bank cards also depends on the design of the wallet, and you should check this moment with the seller of such a wallet. Signal blocking material only works effectively if your cards/passport has been wrapped in it. To do this, you will have to buy a protective rfid case for credit cards or purchase a purse with rfid protection. When making your choice, keep in mind that some wallets have the material already included in the inner panels (which may be a feature that allows you to better scan the card just by opening the wallet).

• Today, almost everyone has plastic cards and documents based on radio communication and with radio frequency tags. They are equipped with credit or payment cards, as well as water. certificates, identification cards, metro passes and more.
• The contactless form is really convenient - especially if Apple Pay and a similar system. You don’t even need to apply it to the terminal: bring it to a sufficient distance for communication, confirm the payment with a fingerprint and the payment went through.
• Despite the convenience, both technologies contain a lot of security holes that allow you to get confidential data. To steal data, smartphone passwords or copy a pass, you don't have to get close. But in this case there is rfid blocking.

Why RFID is dangerous

How dangerous is this situation in which you purchase an unsecured wallet?

At the moment, such thefts happen quite rarely. But nevertheless, security tests in the investigation of problems have shown successful attacks on some RFID systems with cards and passports. Hence rfid card case will be the best security solution. Those who make RFID tags and cards continue to upgrade the technology that they themselves use, and attackers continue to work and think about how best to hack it.

And yet, RFID theft is quite rare.

How do you know if your passport or card has RFID technology?

If your credit card uses RFID, this symbol must be visible on the front of that card. NFC is actually a variation of RFID, although it has a shorter range of only a few centimeters. However, this is only for factory devices.

It should also be remembered that British University researchers have learned to read NFC data at a distance of up to 50 cm. Spanish hackers have taught the new Android smartphone gadgets to turn into a real NFC signal repeater that distributes its own data. This approach will allow you to make payments directly through smartphones. But there are also other ways to do this.

For example, by connecting to NFC or a commercially available reader using the Banking card reader NFC application, you can get all the data from the cards used in transactions in the browser. Further, it will be enough for the hacker to find a store that allows you to pay without entering a code (there are such ones).

How to protect your money?

Read how to make a handmade wallet with rfid protection yourself. In order to exclude various unwanted contacts with various readers, only software tools may not be enough (more on this later). Therefore, it is better to turn to the old-fashioned ways, and cut off the path to your money on the map. Water and metal are ideal for this.

Of course, it is difficult to carry cards with water in one pocket. But here is a piece of simple food foil (suitable for a chocolate bar) completely blocks the signals.

This is a more efficient way. To create a wallet with protection against rfid scanning, it is enough to wrap the card with foil, and take it out only at the time of payment.

Afraid of appearing paranoid? Then ready-made solutions will come in handy.

How are employees protected? Many companies (no data on Russian ones) require their employees to purchase a protective rfid case for credit cards and appreciate the use of special wallets and document covers with the “Protected RFID” logo.

1. Identity Stronghold offers the largest selection of RFID blocking accessories available. Part of their range is made by order of Europe for civil servants. That's why more and more people are choosing to buy an rfid-protected wallet.
2. You can find a cheaper option - there are a lot of different card cases on AliExpress, for example, a case with rfid blocking of wallets with metal inserts. You can simply search by the “NFC protected” tag.

By the way, on the BetaBrand website you can even buy clothes with protection against external unauthorized access and learn more about rfid protection on it - what it is.

There are analogues. In addition, metallized fabric can be seen on sale and stitched into all pockets in clothes (too harsh DIY).

By the way, there are also backpacks protected from hacking - for example, Dash Keyboard.