report on rfid
DESCRIPTION
TRANSCRIPT
RFID Technologies: Emerging Issues,Challenges and Policy Options
Authors: Marc van Lieshout, Luigi Grossi, Graziella Spinelli, Sandra Helmus, Linda Kool, Leo Pennings, Roel Stap, Thijs Veugen,
Bram van der Waaij, Claudio Borean.Editors: Ioannis Maghiros, Pawe Rotter, Marc van Lieshout
EUR 22770 EN - 2007
l
The mission of the IPTS is to provide customer-driven support to the EU policy-making process by
researching science-based responses to policychallenges that have both a socio-economic and a
scientific or technological dimension.
European CommissionJoint Research Centre
Institute for Prospective Technological Studies
Contact information
Address: Edificio Expo. c/ Inca Garcilaso, s/n. E-41092 Seville (Spain)
E-mail: [email protected].: +34 954488318Fax: +34 954488300
http://www.jrc.eshttp://www.jrc.ec.europa.eu
Legal Notice
Neither the European Commission nor any personacting on behalf of the Commission is responsible for the
use which might be made of this publication.
A great deal of additional information on the Euro-pean Union is available on the Internet.
It can be accessed through the Europa serverhttp://europa.eu/
JRC PUBSY 6957
EUR 22770 ENISBN 978-92-79-05695-6
ISSN 1018-5593
Luxembourg: Office for Official Publications of theEuropean Communities
© European Communities, 2007
Reproduction is authorised provided the source isacknowledged
Printed in Spain
2007
RFID Technologies:Emerging Issues,Challenges and Policy Options
Institute for ProspectiveTechnological Studies
EUR 22770 EN
RFI
D te
chno
logi
es
3
Tech
nica
l Rep
ort S
erie
s
Editors:
Ioannis Maghiros, European Commission – DG JRC – IPTS
Pawel Rotter, European Commission – DG JRC – IPTS
Marc van Lieshout, TNO
Authors:
Marc van Lieshout, TNO
Luigi Grossi, Telecom Italia
Graziella Spinelli, Telecom Italia
Sandra Helmus, TNO
Linda Kool, TNO
Leo Pennings, TNO
Roel Stap, TNO
Thijs Veugen, TNO
Bram van der Waaij, TNO
Claudio Borean, Telecom Italia
Other Contributors:
Other experts participating in the validation workshop which took place on 3 October 2006 in Ams-terdam:
Gaynor Backhouse, Intelligent Content, UK
Ruud Beugelsdijk, College Bescherming Persoonsgegevens, The Netherlands
Massimo Bolchini, INDICOD, Italy
Paula Bruening, Center for Democracy and Technology, USA
Lew Claiborne, RF SAW Inc., USA
Bruno Crispo, Free University Amsterdam, The Netherlands
Florent Frederix, European Commission
Richard Foggie, Department of Trade and Industry, UK
Jeroen van den Hove, Technical University of Delft, The Netherlands
Britta Oertel, Institut for Zukunftstudien und Technologiebewertung, Germany
Bart Schermer, ECP.nl and RFID Platform, The Netherlands
Jeroen Terstegge, Royal Philips BV, The Netherlands
Daniel Tijink, Department of Economic Affairs, The Netherlands
Acknowledgements
RFI
D te
chno
logi
es
5
Tech
nica
l Rep
ort S
erie
s
Table of contents
List of figures.................................................................................................................................. 9
List of tables ................................................................................................................................... 11
List of boxes ................................................................................................................................... 13
Executive summary ........................................................................................................................ 15
Preface ........................................................................................................................................... 21
Structure of the report ................................................................................................................... 23
Part one: RFID technologies........................................................................................................... 27
1. RFID technologies: system features and future technologies...................................................... 29
1.1. Introduction........................................................................................................................ 29
1.2. RFID system features .......................................................................................................... 30
1.3. RFID Infrastructure elements............................................................................................... 34
1.4. RFID middleware ............................................................................................................... 35
1.5. Organizations developing international standards............................................................... 36
1.6. Future tagging technologies ................................................................................................ 37
1.7. Potential challenges of RFID implementation ..................................................................... 40
2. Spectrum Allocation................................................................................................................... 41
2.1. Regulatory status for using RFID ......................................................................................... 42
2.2. Efficient use of spectrum allocation (RFID, WiFi, ZigBee).................................................... 43
3. RFID Standards .......................................................................................................................... 45
3.1. EPCglobal ........................................................................................................................... 45
3.2. International Organization for Standardization (ISO)........................................................... 47
3.3. ISO/IEC 14443.................................................................................................................... 50
3.4. European Telecommunications Standardization Institute – ETSI .......................................... 50
3.5. Conformance testing........................................................................................................... 52
3.6. Interoperability Issues ......................................................................................................... 52
4. RFID technologies: RFID system features................................................................................... 53
4.1. The RFID systems perspective............................................................................................. 53
4.2. RFID system perspective..................................................................................................... 54
4.3. RFID lifecycle description................................................................................................... 61
4.4. Typology of RFID usages..................................................................................................... 64
4.5. RFID usage in business domains......................................................................................... 70
4.6. Summary and conclusions.................................................................................................. 71
Tabl
e of
con
tent
s
6
Tech
nica
l Rep
ort S
erie
s
Part two: Market perspectives and socio-economic issues ............................................................. 73
5. RFID market perspectives .......................................................................................................... 75
5.1. Actors and stakeholders ...................................................................................................... 75
5.2. Market key drivers .............................................................................................................. 85
5.3. Strengths, weaknesses, opportunities, threats ...................................................................... 88
5.4. Market forecasts and trends ................................................................................................ 89
5.5. RFID patents ....................................................................................................................... 92
5.6. RFID and SMEs................................................................................................................... 94
6. Socio-economic aspects of RFID ................................................................................................ 95
6.1. Framework of the study ...................................................................................................... 95
6.2. Methodology and reading guide ......................................................................................... 95
6.3. Theoretical framework on adoption and diffusion of technology ........................................ 96
6.4. Trust and acceptance of RFID technology ........................................................................... 99
6.5. Diffusion and adoption of RFID .......................................................................................... 104
6.6. RFID: Employment, training and education ........................................................................ 112
6.7. Conclusions and recommendations .................................................................................... 115
7. Privacy aspects of RFID.............................................................................................................. 119
7.1. Introduction........................................................................................................................ 119
7.2. The sensitivity of RFID towards privacy infringements ........................................................ 119
7.3. Privacy in RFID systems...................................................................................................... 121
7.4. Privacy threats within the tag-reader system ....................................................................... 123
7.5. Privacy threats at the backend of the RFID system .............................................................. 124
7.6. Open and closed RFID systems .......................................................................................... 125
7.7. Strategies to cope with the privacy threats .......................................................................... 126
7.8. Privacy laws ....................................................................................................................... 126
7.9. Self–regulation.................................................................................................................... 128
7.10. Technical solutions ........................................................................................................... 130
7.11. Conclusions ...................................................................................................................... 132
8. Security aspects of RFID ............................................................................................................ 133
8.1. General overview of RFID security threats .......................................................................... 133
8.2. Security threats for the tag .................................................................................................. 133
8.3. Security threats for the air interface..................................................................................... 133
8.4. Security threats for the reader ............................................................................................. 134
8.5. Security measures for the tag .............................................................................................. 135
8.6. Security measures for the air interface ................................................................................ 136
8.7. Security measures for the reader ......................................................................................... 136
8.8. Security measures for other parts of RFID systems............................................................... 137
8.9. General security evaluation of RFID ................................................................................... 137
8.10. RFID security challenges in a broader perspective ............................................................ 139
RFI
D te
chno
logi
es
7
Tech
nica
l Rep
ort S
erie
s
8.11. Security aspects of RFID in EU-research projects............................................................... 142
8.12. Conclusion ....................................................................................................................... 146
Part three: RFID case studies.......................................................................................................... 149
9. Searching the dynamics of RFID-practices ................................................................................. 151
9.1. Selecting the appropriate cases ........................................................................................... 152
9.2. Main conclusions from the case-studies.............................................................................. 154
10RFID in animal tagging .............................................................................................................. 159
10.1. Overview RFID in animal tagging..................................................................................... 160
10.2. Illustrative examples ......................................................................................................... 163
10.3. EU activities in animal tracking ........................................................................................ 163
10.4. European legislation ......................................................................................................... 168
10.5. Discussion of EU approach............................................................................................... 170
10.6. US approach to electronic identification........................................................................... 170
10.7. Discussion........................................................................................................................ 172
11. RFID in healthcare ................................................................................................................... 175
11.1. Description of cases.......................................................................................................... 176
11.2. RFID applied to objects: medication and equipment traceability....................................... 176
11.3. RFID applied to objects: services operation support .......................................................... 178
11.4. RFID for people identification and localization in healthcare............................................ 179
11.5. Lessons to learn ................................................................................................................ 181
11.6. Recommendations for European policy............................................................................. 182
12. RFID in the ICT-sector.............................................................................................................. 183
12.1. Description of cases ......................................................................................................... 183
12.2. Drivers and barriers: lessons to learn for Europe ............................................................... 187
13. RFID in identity cards .............................................................................................................. 189
13.1. Overview of RFID in identity cards ................................................................................... 189
13.2. RFID in e-passports........................................................................................................... 191
13.3. RFID and identity cards in EU........................................................................................... 197
13.4. Financial institutions cards ............................................................................................... 199
13.5. Discussion........................................................................................................................ 201
14. RFID in Public transport........................................................................................................... 205
14.1. RFID in public transport ................................................................................................... 206
14.2. Case 1: the Netherlands.................................................................................................... 208
14.3. Case 2: London ................................................................................................................ 213
14.4. Case 3: Venice.................................................................................................................. 217
14.5. Discussion........................................................................................................................ 218
Tabl
e of
con
tent
s
8
Tech
nica
l Rep
ort S
erie
s
Part four: Policy analysis and recommendations ............................................................................ 223
15. Policy analysis and recommendations ...................................................................................... 225
15.1. European RFID stakeholders and markets ......................................................................... 225
15.2. EU-wide benefit of RFID................................................................................................... 227
15.3. Issues for public policy intervention ................................................................................. 229
15.4. Policy options to further research needs............................................................................ 235
15.5. Policy recommendations .................................................................................................. 237
Annex 1: References....................................................................................................................... 243
Annex 2: Acronyms ........................................................................................................................ 249
Annex 3: Regulatory status RFID in the UHF spectrum.................................................................. 251
Annex 4: Self regulation: guidelines and code of practices............................................................. 255
Annex 5: European activities in E-passports ................................................................................... 259
Annex 6: Overview on ID documents in Europe ............................................................................ 261
Annex 7: RFID in European public transport projects .................................................................... 263
Annex 8: RFID pilots and trials within the EU and the US.............................................................. 265
Annex 9: Full contents.................................................................................................................... 267
RFI
D te
chno
logi
es
9
Tech
nica
l Rep
ort S
erie
s
Figure 1-1 Diagram describing operation of the RFID system. .................................................... 30
Figure 1-2 Passive and active RFID tags packages ...................................................................... 31
Figure 1-3 Frequency used by RFID systems............................................................................... 32
Figure 1-4 RFID middleware – ALE layer as defined by EPCGlobal ............................................ 35
Figure 1-5 Surface Acoustic Wave (SAW) Tags............................................................................ 38
Figure 3-1 RFID frequencies and relevant standards ................................................................... 45
Figure 4-1 Positioning of RFID-system........................................................................................ 53
Figure 4-2 Classification of technologies around RFID ............................................................... 55
Figure 4-3 NFC architecture ....................................................................................................... 59
Figure 4-4 RFID lifecycle........................................................................................................... 62
Figure 4-5 3-tier reference model ............................................................................................... 64
Figure 4-6 Application usage model........................................................................................... 67
Figure 5-1 RFID value chain....................................................................................................... 76
Figure 5-2 Map of RFID offering actors....................................................................................... 77
Figure 5-3 RFID applications evolution ...................................................................................... 86
Figure 5-4 Average TAG price per application 2006-2016.......................................................... 87
Figure 5-5 Technologies appropriate to the different level of TAG cost and volume.................... 87
Figure 5-6 RFID hype cycle........................................................................................................ 89
Figure 5-7 RFID, worldwide size and growth, 2004-2010 .......................................................... 90
Figure 5-8 Total RFID market projections 2006-2016 ................................................................. 91
Figure 5-9 RFID tag market forecast ........................................................................................... 91
Figure 5-10 IDTechEx (elaboration) and Gartner forecasts comparison ......................................... 92
Figure 5-11 Total spend on RFID systems, service and tags by territory......................................... 92
Figure 6-1 Innovation diffusion process theory ........................................................................... 97
Figure 6-2 Revised innovation diffusion model........................................................................... 98
Figure 6-3 Technology acceptance model .................................................................................. 98
Figure 6-4 Unified theory of acceptance and use of technology ................................................. 99
Figure 7-1 Abstract view on privacy risks in EPC network .......................................................... 122
Figure 8-1 A general RFID architecture....................................................................................... 134
Figure 8-2 Relationship of RFID research projects to policy issues.............................................. 143
Figure 8-3 RFID projects by application area.............................................................................. 143
Figure 8-4 Roadmap: towards a RFID policy in Europe .............................................................. 145
Figure 9-1 Expected diffusion of RFID tags, 2006-2016. ............................................................. 151
Figure 9-2 Expected value of RFID tags in different application domains.................................... 153
List of figures
List
of f
igur
es
10
Tech
nica
l Rep
ort S
erie
s
Figure 11-1 Functionality of the Assetrac system .......................................................................... 177
Figure 11-2 Attitude of patients towards monitoring vital functions .............................................. 180
Figure 12-1 CocaCola RIFD equipped automate, ready for NFC use ............................................ 185
Figure 12-2 Functionalities of JTON mobile wallet ....................................................................... 186
Figure 14-1 Actors involved in RFID in Dutch public transport .................................................... 209
Figure 14-2 Various service levels as distinguished by TLS (PoS: Point of Sale) ............................. 211
Figure 14-3 Actors in the London oyster transport ticketing project .............................................. 215
Figure 14-4 Venice public transport boat...................................................................................... 217
Figure 15-1 Position of EU countries in adopting RFID................................................................. 226
Figure 15-2 SWOT analysis of EU-wide implementation of RFID ................................................. 228
Figure 15-3 RFID systems approach ............................................................................................. 229
RFI
D te
chno
logi
es
11
Tech
nica
l Rep
ort S
erie
s
List of tables
Table 1-1 Frequency bands and applications ............................................................................ 31
Table 2-1 RFID frequency bands and applications .................................................................... 41
Table 2-2 EU27 UHF spectrum allocation................................................................................. 42
Table 2-3 UHF spectrum allocation in other Europe countries .................................................. 43
Table 3-1 EPCglobal protocol.................................................................................................... 46
Table 4-1 RFID tag types versus identification, location and state.............................................. 62
Table 5-1 SWOT analysis of RFID market perspectives ............................................................. 88
Table 5-2 Patent ownership summary (RFID Journal Live) ......................................................... 93
Table 6-1 Phases in the development of innovation diffusion processes .................................... 97
Table 6-2 Factors contributing to trust ....................................................................................... 101
Table 6-3 Factors contributing to perceived risk ........................................................................ 102
Table 6-4 Overview of retailer advantages and disadvantages................................................... 106
Table 6-5 Overview consumer benefits and drawbacks............................................................. 108
Table 6-6 Potential benefits of RFID-applications in various application areas .......................... 110
Table 7-1 Consumer concerns related to RFID. ......................................................................... 120
Table 7-2 The impact on privacy from RFID vs other technologies – Europe ............................. 121
Table 7-3 Direct and indirect privacy threats, originating from RFID-systems ............................ 123
Table 8-1 Summary of security evaluation................................................................................. 138
Table 8-2 Security risks per application area ............................................................................. 140
Table 9-1 Distribution of cases over societal domains ............................................................... 151
Table 9-2 Characteristics of RFID application domains ............................................................. 152
Table 9-3 Summary of findings from the case-studies ................................................................ 154
Table 10-1 Distribution of cases in animals and farming over worldwide regions........................ 160
Table 10-2 Distribution of cases in animals and farming within countries of Europe ................... 161
Table 10-3 European cases animal identification and tracking. .................................................. 162
Table 10-4 Overview of electronic identification devices used in IDEA project ........................... 164
Table 10-5 European regulations and directives on (electronic) identification ............................. 168
Table 11-1 Evolution of RFID use in healthcare........................................................................... 175
Table 11-2 Distribution of cases of RFID in healthcare................................................................ 176
Table 12-1 Distribution of RFID cases over worldwide region..................................................... 184
Table 13-1 Applications domains for RFID in identity cards. ....................................................... 190
Table 14-1 Distribution of Sony FeliCa card in public transport in Asia....................................... 206
Table 15-1 Overview of issues for public policy intervention ...................................................... 230
Table 15-2 Overview of actor related policy issues .................................................................... 234
Table 15-3 Overview of research issues ...................................................................................... 236
RFI
D te
chno
logi
es
13
Tech
nica
l Rep
ort S
erie
s
List of boxes
Box 7-1 1980 OECD guidelines on the protection of privacy and transborder flows of personal data. ..................................................................... 126
Box 7-2 Privacy guidelines by centre for democracy and technology working group on RFID. ................................................................... 129
Box 7-3 Enforcement of compliance of RFID with fair information principles ......................... 131
RFI
D te
chno
logi
es
15
Tech
nica
l Rep
ort S
erie
s
Radio Frequency Identification (RFID) technology, an enabling technology for automatic identificationbased on radio waves, will impact the daily lives of European citizens in many different ways. Minusculedevices, called RFID tags are attached to objects and emit information which aptly positioned readers maycapture wirelessly. Such tags and readers come in various shapes and forms, have technological capabili-ties that can open up new application areas and are already in use to improve efficiency and reliability. Theyalso facilitate the coupling of the physical reality to the virtual world, infusing it with digital functionalityand triggering the move towards the so called Knowledge Society.
The technology is complex but mature enough for immediate deployment. However, due to its en-abling character, it is still under constant evolution – as is evidenced by the increasing number of RFID re-lated patents (65% increase in 2004). The RFID market is still in its infancy with most applications not beinglarge-scale and the forecasted economic benefits (Return-on-Investment) still unclear. However, the tech-nology providers’ market for RFID is global and Europe houses a few of the world’s strongest RFID suppli-ers. At the same time the end-user market is specialised in diverse application areas, mainly local andusually dependent on emerging opportunities in the public sector domain. Technology Consultants IDTechExpredict that in 2007 a total of 1.7 billion tags will be sold and that the global RFID market value (includingall hardware, systems, integration etc) will be 3.8 billion Euros, rising to 21,3 billion Euros by 20171.
Many Europeans already use RFID-equipped cards to access, for instance, their work premises or payfor their public transport fare. The technology is also successfully used for animal tagging, in order to pro-tect the consumers from a host of animal diseases or help them trace their lost pets, and as anti-fraud pro-tection in luxury items. RFID technology is forecasted to spread rapidly over the next decade as soon as tagcosts fall enough to allow item-level-tagging. In addition to private sector activities, there are ongoing ini-tiatives both at European and Member State level which demonstrate, on the one hand, an overall compa-rable activity to that of the US but on the other considerable differences (in magnitude and speed of uptake)among EU countries. Early adopters are expecting to gain considerable experience on which they antici-pate commercial profits, while laggards hope to be able to avoid ‘teething problems’.
However, the massive adoption of RFID introduces challenges such as concerns over possible eaves-dropping over the air interface or over the potential danger of privacy abuses as a result of the ubiquitous,silent and invisible character of the technology. The European Consultation process (over 2000 participants)highlighted the fact that inadequate privacy safeguards will impact acceptance of RFID negatively; trust isthus a major issue. There are also other issues to be addressed at European level: those related to raisingconsensus on standards, achieving cross-border and cross-sector interoperability and adequate spectrum al-location in order to increase the agility of the market. It is very important for Europe to be prepared forrapid deployment in RFID and also to implement initiatives which will allow European citizens to benefitfrom this new technology while avoiding the risks it carries.
Objective and scope of the RFID study
A study on “RFID-Technologies: Emerging issues, Challenges and Policy options” was commissionedby the European Commission’s DG Joint Research Centre, Institute for Prospective Technological Studies(DG JRC-IPTS) to further investigate RFID technologies and their socio-economic implications. The studylooked at technological, market, societal and legal issues so as to identify and analyse barriers and oppor-
Executive summary
1 Data published at: http://www.the-infoshop.com/study/ix49177-rfid.html
tunities for Europe, in order to propose policy options focussing on European citizens’ needs. The summarythat follows presents the major policy options proposed, a European SWOT analysis, the main issuesanalysed and the structure of the report that follows.
European SWOT for RFID deployment
The study has identified, mainly through the analysis of the specific application areas, related strengths,weaknesses, threats and opportunities for Europe. Although, it is unlikely that all EU countries will be ableto equally benefit from item-level-tagging applications due to the diversity in the structure of their manu-facturing sectors, it is expected that they will all be able to profit from human-centred applications. In health,public transport and animal tracking areas, RFID enable the alignment of information processes that allowconsiderable efficiency gains and improved end-user convenience (e.g. increased safety in the sensitivehealth area, more efficient supply and use of public transport means, locating animals). Law enforcementis driving RFID take up in animal tracking and more secure travel documents and RFID is expected to havea positive impact on national security and the fight against terrorism. The table below summarises the find-ings:
Strengths Weaknesses
Exec
utiv
e su
mm
ary
16
Tech
nica
l Rep
ort S
erie
s
- Europe houses part of the big RFID suppliers;
- High market potential;
- Leading EU countries with RFID focused attention (UK,France, Germany, The Netherlands, Italy);
- Focus of attention comparable to USA.
- Many European countries with only marginal attentionfor RFID;
- No level-playing field for RFID across countries;
- No harmonised frequency policy in the EU;
- Vulnerable image of RFID - Trust issue.
- Increasing efficiency of production, trade and services;
- Creation of new services, new workplaces;
- Spur for economic development
- Increased convenience in citizens’ everyday life;
- Increased security, reliability and trust;
- Stimulation of research and development of relatedtechnologies (enabling, enhancing and concurrent).
- High initial and high transition costs;
- Rapid technological evolution may help displace atechnology before it is widely adopted;
- High hidden costs (societal and organisational such asfor training and education);
- Possible job losses due to wide deployment;
- If not implemented properly, RFID may bring a num-ber of threats to privacy and security (Function creep,surveillance capacity).
Opportunities Threats
On the other hand, market integration seems to be the first challenge for Europe to tackle while bal-ancing the efficiency gains for businesses with the perceived benefits for citizens emerges as the next chal-lenge. However, Europe’s responsibility goes beyond achieving very low cost tags which would enable afuture where item-level-tagging is possible; the opportunity comes from developing high-end, added-valuemarket applications promising accurate and actual data-based quality, improved personal safety and secu-rity and extensive convenience. The biggest opportunity for Europe in embracing this technology seems tobe the realisation of the vision of an integrated physical and virtual world life where RFID technology is theubiquitous, always-on, seamless bridge to and from both worlds.
Emerging issues and challenges
With RFID out of the laboratory and into the mainstream of business and society, a debate as to thelikely and desired implications of the technology on the socio-economic fabric should take place. The studyidentified a lot of opportunities but also challenges that need to be openly debated. To begin with, the studyidentified many technical challenges (e.g. in developing advanced RFID tags, linking to wireless networks,merging with sensor devices, improving reliability, setting standards, and testing and certification) and somemarket ones (e.g. high initial investment costs, uncertainty as to which standards or which technologies
will persist, adoption issues as a result of low trust, etc…). Nevertheless, the study would like to draw at-tention to a number of issues for which consensus will be needed before decisions on the scope and thefocus of future initiatives may be taken. Some of them are described below:
1. Currently, a major drawback to wide-spread deployment of RFID systems is the overall attitude ofpeople towards them. In general today, social acceptance and trust of RFID is quite low – as a re-sult of insufficient privacy and security safeguards and also the lack of awareness – and may impedetake up of RFID technology. However, it is not sufficient to make the technology secure and reliable.The perception of security depends on the individual’s reaction to both the risks and the countermea-sures adopted. Individuals will need to be appropriately educated if their perceptions are to closelymatch deployed RFID security reality.
2. Ethical issues are also at stake (e.g. over the use of RFID implants) and the development of Europeangood ethical practice is a first step towards addressing them. Due to the complexity of advanced RFIDsystems, a process needs to be defined which will identify and counter emerging security and pri-vacy threats, prior to the deployment of RFID systems.
3. The foreseen wide-spread use of RFID applications and its enabling capacity raise various securityand privacy concerns. Most of them are being dealt with through improved technological design,taking into account security and privacy throughout the value chain and also by judging the sensi-tivity of the case to security and privacy issues. Various initiatives, at EU level, to tackle RFID pri-vacy and security concerns already exist; for example, the Article 29 Working Party has expressedits views on minimising data collection and preventing unauthorised forms of processing through im-proved use of the technology. However, it is the appropriate mix of self-regulation, through the cre-ation of codes of conduct and of legislation that would need to be enforced that is at the heart of thedebate on further initiatives required.
4. The impact on employment is not clear and should be monitored. Pessimistic forecasts say that de-ployment of RFID technology may result in about 4 million job losses (over a 10 year period in theUS). However, no major disruption of the labour market is expected, apart from the forecasted short-age of skilled professionals which will impact rapid deployment. Moreover, RFID will create newjobs, related to data processing and service-related jobs and the overall resulting economic growthmay also contribute to the creation of additional workplaces. It is clear that training activities willbe needed as new kinds of skills will be required both for professional workers (development) andend-users (customisation).
5. High initial costs for setting-up RFID systems, uncertainty on the future of the most promising tech-nologies of today, the lack of well established standards and finally hidden societal, and organiza-tional costs (e.g. training) are well-known barriers for smaller companies which are reluctant toadopt the technology.
6. Dependability of RFID information systems, especially in sensitive application areas such as health,signals the need to design appropriate fallback procedures in case there are system failures. This ob-viously adds to the costs of deployment and represents yet another barrier.
7. There is a clear gap between leaders and followers in RFID adoption in Europe. This may limit theforeseen benefits of a larger European market and constrain the development of high-end applica-tions which promise to enable a new generation of services for citizens. Moreover, closing the gaphas positive growth implications as ‘local’ European firms will play an important role in the challeng-ing ICT transformation processes that RFID brings.
8. The direction a European harmonized frequency policy should take is still under debate. However,the question as to whether reserved spectrum bandwidth in the EU will be sufficiently large for fu-ture applications is already important. For comparison purposes, the US administration has reservedbandwidth that is 10 times larger.
RFI
D te
chno
logi
es
17
Tech
nica
l Rep
ort S
erie
s
9. As a result of the wireless and invisible nature of RFID information exchange enhanced testing andcertification procedures are needed in order to ensure that, for example, requirements concerningprivacy and security are fulfilled (e.g. kill command works according to specification). A vendor-neu-tral solution to the establishment of certification of providers, approved system integrators, RFIDconsultants and trainers is needed.
10. Although there are many available technical standards (ISO, EPCGlobal), semantic interoperabilityis also needed so as to allow the structured exchange of information in RFID-based systems as in-formation is application specific. This type of standard would increase usability of information storedon tags and produced by sensor networks. Insufficient semantic interoperability of RFID systemsmay restrict benefits from their deployment, especially for globally operating systems.
11. RFID systems produce a lot of data locally and collision avoidance is a practical requirement thatneeds to be addressed. Advanced RFID systems, serving geographically distributed needs, generatehuge amounts of data which are difficult to manage in real time and which are expected to createa new burden on the global network infrastructure; especially when the system architecture foreseescentralised data storage. Moreover, in today’s complex business processes where the value chain iscomposed of different companies, issues related to data ownership, control and liability will needto be addressed.
Proposed policy options
The study looked at a number of RFID issues in general and also focused on the analysis of five selectedapplication areas (animal tagging, healthcare, public transport, identity documents and the ICT sector)where implementation in Europe is well advanced, in order to draw conclusions as to what is at stake forEurope. As technological evolution is continuous, achieving a balance between reaping the benefits andavoiding the pitfalls associated with its implementation is inevitably a moving target. Given the enormoussocio-economic potential of this particular technology, a debate on what role Europe should play in thisareas has been launched. Whatever the result of this debate, Europe ought to tread a fine line between is-sues that are considered to be of vital importance for the market players, and the interests of the citizens.Moreover, the EU should take up this opportunity to drive the realisation of the vision of a European Infor-mation Society where services integrating the real and the virtual worlds are on offer.
Bearing in mind that there are various intervention instruments (technological, legal, or through stim-ulation of self-regulation) at the disposal of the policy maker, the study presents the following policy options:
1. Europe will benefit from stimulating cross-border take up of RFID applications primarily throughsetting-up a harmonised frequency policy and then through stimulating consensus on standards andinteroperability issues. Moreover, promotion of best practice, financial support of cross-border pilotand trial programmes, and fostering SME participation in the area will contribute to helping fight mar-ket fragmentation and bringing all EU Member States closer to the European Information Society vi-sion.
2. The Internet of Things (the billions of tagged objects that will enable access to back-end informationsystems) will require a service for registering and naming identities, the Object Name Service (ONS),which should be interoperable, open and neutral to particular interests. Europe should position it-self in the appropriate international fora to exercise its responsibilities in this area.
The report has also identified the need to establish a debate on RFID in Europe as well as the need forfurther technological and legal research as primary recommendations for action.
1. European society needs an information campaign on RFID systems to raise awareness as to the likelybenefits and possible risks of the wide-spread application of this technology. A debate should also belaunched with a view to making the preferred and ethical use of the technology more explicit to all.
Exec
utiv
e su
mm
ary
18
Tech
nica
l Rep
ort S
erie
s
2. A closer look at the existing legal framework is deemed essential. Further study is also needed to de-velop a process for establishing guidelines and best practices which aim to build safeguards againstemerging RFID risks.
3. As a result of the enabling character of the technology and its multi-sensor data integrating capabil-ities, there is a clear need for further technological research to improve efficiency, robustness andsecurity. More research will be needed into:
a) advanced tag-reader systems;
b) the enhancing of security and ‘privacy by design’ for complex applications;
c) the impacts of almost permanent exposure to very low intensity radio waves produced by ubiq-uitous always-on RFID devices;
d) the re-skilling of the professional population to foster market expansion;
e) how to foster creativity and innovation spirit to help create additional and more advanced linksbetween the physical and the virtual worlds.
RFI
D te
chno
logi
es
19
Tech
nica
l Rep
ort S
erie
s
Preface
RFI
D te
chno
logi
es
21
Tech
nica
l Rep
ort S
erie
s
This report is the result of a study on RFID, commissioned by the Institute of Prospective TechnologyStudies (IPTS), of the Directorate General Joint Research Centre (DG JRC) of the European Commission.The objective of the study is to inform the policy process within the European Union on the socio-eco-nomic and technological developments taking place with respect to RFID, analysing prospects and barri-ers to RFID technologies, and the broader technological, economic, social and legal challenges, to cometo a well-founded set of research and policy recommendations. The scope and detailed specification of re-search has been prepared by IPTS. The study has been performed by two research organisations: TNO (TheNetherlands) and Telecom Italia (Italy) in cooperation with IPTS, between December 2005 and January2007. During this period, the European Commission has organised an open public consultation process onRFID and issued a communication on the subject.
The study has been clustered around a number of research challenges:
• the presentation of a state of the art overview regarding RFID technologies, the relation of RFIDtechnologies with a broader set of ICTs (existing and emerging networks), the analysis of the state-of-the-art concerning frequency allocation and standards, and an analysis of usage typologies ofRFID;
• the analysis of market perspectives and socio-economic aspects; the latter were narrowed down toaspects concerning users and trust relations, privacy and security;
• the analysis of the introduction of RFID in a number of application areas; the application areas cho-sen were: the use of RFID for animal tagging, the use of RFID in the health sector, the use of RFIDwithin the ICT-sector itself, the use of RFID in identity cards, and the use of RFID within publictransport systems; this was a deliberate choice, given the surplus of attention for and informationabout RFID within logistic processes;
• the analysis of the results of the previous steps in terms of policy relevance and the formulation ofpolicy recommendations.
To validate the findings of the project team, a validation workshop has been held on October 2006.The results of the validation workshop have been used to enrich and complement the report.
Many authors have contributed to make this report possible. Marc van Lieshout was overall projectleader of the project. More in detail: Marc van Lieshout has written chapters 8, 10, 11 and 16 and togetherwith Sandra Helmus chapter 15; Luigi Grossi has written chapters 4 and 6 and together with Claudio Boreanchapters 2 and 3; Graziella Spinelli has written chapters 12 and 13; Leo Pennings has written chapter 14and together with Linda Kool chapter 7; Thijs Veugen has written chapter 9; and finally chapter 5 was writ-ten by Roel Stap and Bram van der Waay.
Structure of the report
RFI
D te
chno
logi
es
23
Tech
nica
l Rep
ort S
erie
s
The report that follows is composed of four parts. The first part details the technological dimension ofRFID systems including the situation on standards and spectrum allocation. The second part presents RFIDmarket parameters and raises socio-economic issues. The third part presents five case studies from differ-ent application sectors and draws conclusions as to the specific areas of development as well as for thewhole RFID market in Europe. The last part analyses the situation and presents recommendations for fur-ther initiatives in Europe. The contents of the first four parts are presented in more detail below:
Part 1: RFID technologies
The state-of-the-art in RFID technology is presented as well as other technologies which: (i) enableRFID usage (e.g. Ethernet or Bluetooth); (ii) enhance it by adding further functionality to basic RFID capa-bilities (like Near-Field-Communication (NFC) or functionalities offered by middleware); (iii) are compet-ing with it (such technologies are divided into those which enable identification, location or informationon state).
The report provides a prospective analysis of alternative tagging technologies, which may replace RFIDin the future, like Surface Acoustic Waves, optical tags or DNA tags. It also describes technological limita-tions of RFID (for example, those resulting from the physical properties of radio waves) and possible solu-tions to these problems.
The currently available spectrum allocation and frequency regulatory status for using RFID in the EUand world-wide is presented, as well as a description of the most common standards on the market (EPCGlobal, ISO and ETSI).
The first part ends with a proposal for a typology of RFID applications, which considers business usecriteria as well as the sensitivity of application areas in terms of privacy protection. It uses this typology todraw conclusions about the drivers for further development of intelligent applications facilitating globalcollaboration and automation.
Part 2: Market perspectives and socio-economic issues
The main forces driving the RFID market evolution are presented in an inventory which provides in-formation about the main actors on the global RFID market, such as tag manufacturers, system integrators,software providers and consultants. It also provides web links to their sites. This is followed by an analysisof the RFID market showing that the change of application profile is largely driven by the tag price. Appli-cation areas where a relatively high tag price is acceptable (e.g. e-documents, e-payment, access control)have already been developed, and in the next few years the rapid development of applications demandinglow-cost tags, (e.g. asset management, supply chain and retail logistics) should be expected.
The pros and cons of RFID usage are analysed from both the retailer’s and the user’s perspective. Lackof regulation for spectrum allocation in some countries, limitations of technology (e.g. interference of radiosignal with metals and water), possible carriers for SMEs (e.g. high initial investment) and forecasts of im-pact of RFID on employment and likely implications are also presented.
Finally, an exhaustive analysis of privacy and security challenges are also included. Privacy threats, like‘sniffing’ the tag information, using tags to track a person, function creep and strategies to counter them areanalysed. Threats to security and countermeasures are also discussed as is a methodology of security eval-uation, based on the relation between the costs of attack and the cost of countermeasures.
Part 3: Case Studies of RFID implementation
Five application areas were selected to describe state-of-the-art deployment in Europe of RFID tech-nology: animal tagging, healthcare, public transport, identity cards and the ICT sector itself. Analysis in therespective areas is organised around key criteria such as: drivers/barriers, threats/opportunities, role of stake-holders including Member State governments, the technology involved and the likely role for Europe as awhole. The in-depth analysis of such criteria helped determine the drivers and barriers for future RFIDusage, the stakeholders’ perspectives on the identified drivers and barriers and the perceived European mar-ket potential and length of time to adoption. The main issues shaping the policy evaluation include the di-versity in stakeholder strategies due to variations in Member State markets and structure of the economy,the perceived EU-wide benefit and the role of the public sector in helping to achieve these benefits.
For each of these application areas conclusions as to future developments of RFID systems are drawnand presented briefly below:
• Animal tracking is potentially a huge market segment. The overarching incentive for the introductionof animal ID is that it would enable quick response in animal disease crises (e.g. Foot and Mouth Dis-ease, or Avian influenza). Barriers and opportunities for further development are presented.
• In healthcare, RFID may be used to track medicines, prevent patients from taking the wrong drugsor track hospital assets. This would prevent theft and allow optimal usage of equipment. RFID mayalso be used for patient identification and localisation (e.g. in a crowded environment). In general,RFID can considerably improve performance and reduce costs of healthcare but it also creates newchallenges.
• RFID is already used in the area of public transport. RFID-based tickets and public transport cardsincrease efficiency and convenience and are well received by the users. Main barriers are the mas-sive financial investments and the high complexity of such systems leading to costly down-times.
• In the area of identity cards, the main driver for RFID use was the need for increased security (e-passport) in the fight against terrorism. Today, both security and privacy concerns drive further tech-nology improvements. Perhaps, the more positive reaction of consumers towards contactless creditcards is a hopeful message indicating future acceptance likelyhood.
• In the ICT sector, many companies have started to explore ways to manage and track assets in theICT department in order to optimize professional personnel work. NFC technology is forecasted tospread widely with its incorporation in mobile devices to be used in contactless payments or con-tact-less ticketing. No significant barriers to RFID deployment in this sector are foreseen.
Part 4: Policy analysis and recommendations
Finally, the report presents an analysis of all data presented. This leads into conclusions and recommen-dations which aim to address a number of overarching questions and thus set the basis for a debate in Eu-rope on RFID applications. The impact on EU market integration and what role the public sector plays instimulating and supporting the realisation of EU-wide benefits is discussed. Research initiatives are also dis-cussed and proposed in this section. In essence, the report proposes a way through which Europe may stim-ulate initiatives to address the issues presented and thus reap the foreseen benefits of the wide-spreaddeployment of RFID technology.
Stru
ctur
e of
the
repo
rt
24
Tech
nica
l Rep
ort S
erie
s
Annexes
The report has a number of annexes which present:
1. List of references
2. List of acronyms
3. A word-wide inventory of regulatory status of RFID in the UHF spectrum;
4. A description of selected guidelines and code of practices regarding the implementation and useof RFID technologies;
5. An overview of European activities in e-passports
6. An overview of European activities in other type of e-documents (national ID cards, electronicsignature cards, healthcare identity cards, electronic documents for social insurance)
7. RFID in European projects related to public transport
8. Statistics of RFID pilots and trials within the EU and the US divided by application areas.
9. Full table of contents to facilitate reading and procedural and organisational details of this fairlycomplex process.
RFI
D te
chno
logi
es
25
Tech
nica
l Rep
ort S
erie
s
RFID technologiesPa
rt o
ne
1. RFID technologies: system features and futuretechnologies
RFI
D te
chno
logi
es
29
Tech
nica
l Rep
ort S
erie
s
1.1. Introduction
RFID stands for Radio Frequency Identifica-tion. The main goal of an RFID system is to carrydata on a transponder (tag) that can be retrievedwith a transceiver through a wireless connection.The ability to access information through a non-line-of-sight storage in a tag can be utilized for theidentification of goods, locations, animals, andeven people. Discerning specific information fromthese tags will have profound impacts on how in-dividuals in commerce and industry keep track oftheir goods and each other. Early use of this tech-nology concerned the evolution of barcode appli-cations, changing the application scenarioperspective (the main differences with barcodeswill be investigated in Section 1.2.4).
The acronym RFID, Radio Frequency IDenti-fication, encompasses a number of technologiesusable to identify objects by means of radio waves.The origin of the technique is the “IdentificationFriend or Foe” IFF system used in World War II bythe Royal Air Force, that was able to get a codeback only from “friendly” aircrafts identified withRADAR. Under this very wide umbrella the term istoday mainly referring to systems where electronicequipment can “read” information from a multi-tude of “tags” by means of radio waves. The RFIDtag can come in various shapes e.g. as a papersticker, just as barcode tags are, as a plastic CreditCard, or even as a rugged, chemicals and heat re-sistant, plastic capsule. The tag might be evenpowered by a very small battery to support localfunctions such as storing temperature readings orenhancing the reach of the radio communication.
Although RFID is a mature technology, it tookseveral years for a large scale implementation tooccur. The first ones were in the United States. Theimplementation eventually included supply chain,freeway toll booths, parking areas, vehicle track-
ing, factory automation, and animal tagging. Themost common application of RFID technologytoday is for tracking goods in the supply chain,tracking assets, and tracking parts from a manufac-turing production line. Other application areas in-clude the control of access to buildings, networksecurity, and also payment systems that let cus-tomers pay for items without using cash.
Nevertheless some technology related issuesstill condition the possible applications. As an ex-ample, liquids, water especially, absorb radiationswhile metals reflect it. This means that passive tagsapplied to bottles of water or to aluminium canscan be hardly read though placed very carefullywith respect to the reader antenna and with dielec-tric support. This is due to the properties of the ra-diations in relation to their wavelength It is true forHF tags but even more relevant for UHF tags.
The three basic components of a typical RFIDsystem are an antenna or coil, a transceiver(reader with decoder), and a transponder (RFIDtag) with electronically programmed information.In an RFID system, an antenna continuously emitsradio signals at a given frequency. When atransponder (that is set to detect that specific fre-quency) comes into contact with these signals, thebadge is activated and communicates wirelesslywith the reader through the modulation of trans-mittance frequencies. Through the use of an an-tenna, the information that is stored on thetransponder can be read or written from thetransponder. Typically, the antenna is packagedwith the transceiver into a larger structure calleda reader (interrogator) that is in charge of the sys-tem’s data communication and acquisition. Thedata that is obtained and analyzed by the readercan then be transported to a computer. The gen-eral design of a simple RFID system is displayedthrough the following figure:
Figure 1-1: Diagram describing operation of the RFID system.
1. R
FID
tech
nolo
gies
: sys
tem
feat
ures
and
futu
re te
chno
logi
es
30
Tech
nica
l Rep
ort S
erie
s
2 Aloha, developed in the 1970s for a packet radio network by Hawaii University: sender finds out if there is a collision with transmitteddata and retransmits data after some time in case there is collision. In case of Slotted Aloha, time is slotted and data can be transmittedat the beginning of one slot so reducing the collision duration.
A very important feature of the reader is thecapacity to avoid collisions among the RFID tagsusing specific methods. By using collision avoid-ance a reader can perform multiple readings ac-celerating the overall reading process incomparison with barcode systems. The perform-ance of collision avoidance systems are evaluatedin number of readings per seconds. The typicalcollision avoidance systems are based on Alohaand slotted Aloha process,2 well known in litera-ture. The use of an efficient collision avoidancesystem is essential to calculate the data transmis-sion rate of the reading process.
1.2. RFID system features
1.2.1. Passive, semi-passive, active
RFID tags can be characterized as either ac-tive or passive. Traditional passive tags are typi-cally in “sleep” state until awakened by thereader’s emitted field. In passive tags, the reader’sfield acts to charge the capacitor that powers thebadge. Due to the strength of the signal that is re-quired, passive tags are most often used for shortread-range applications (<1.5 m) and require ahigh-powered reader with antenna capable ofreading the information. Passive tags are often very
light, compact, and have unlimited life spans.
The contactless smartcards, plastic with acredit card size that can be accessed through aradio reader device, are often confused with pas-sive RFID. Although the communication methodis quite the same, the contactless smartcards haveon-chip processing and memory capability that isnot needed on RFID. RFID just holds an identifierwhile contactless smartcards might hold personalidentification data, complex encryption capabili-ties, or application specific logic.
The active tags are typically powered by aninternal battery (that lasts several years but whoseduration strictly depends upon the application)and are utilized for long read-range applicationsup to 100 m. Active badges can continuously emita detectable signal and are typically read/writewith a higher total memory. Due to these in-creased capabilities, active tags are heavier, moreexpensive, and have limited life spans.
Another category of tags is commonly referredto as semi-passive (also called semi-active and/orbattery assisted RFID). These tags communicatewith the reader as if they were passive tags buthave a battery on board in order to support spe-cific functions, e.g. to store periodic temperatureinformation from an onboard temperature sensor.
Figure 1-2: Passive and active RFID tags packages
RFI
D te
chno
logi
es
31
Tech
nica
l Rep
ort S
erie
s
1.2.2. Frequency
The capabilities of the RFID system are alsovery dependent on the carrier frequency at whichinformation is transported. Due to governmentregulation, different parts of the electromagneticspectrum are assigned for different purposes. This
results in a number of frequency bands in usearound the world for RFID application. A com-monly accepted scheme categorizes these fre-quencies in four ranges that are summarized in thetable hereafter including also typical system char-acteristics and areas of application.
Table 1-1: Frequency bands and applications
LF HF UHF Microwave
Frequency Range < 135 KHz 10 ... 13.56 MHz 860 … 960 MHz 2.4 … 5.8 GHz
Read Range ~10 cm ~1 m 2 ~ 5 m ~100 m
Coupling Magnetic, Electric Magnetic, Electric Electromagnetic Electromagnetic
Frequency bands used by RFID systems areassociated to different part of ISO 18000 standardas described in Section 3.2.1. Different frequen-cies have to be used for different applications: arule of thumb for this is that lower frequencies can
be used to increase the penetration into materialsand water, but give shorter range (inductive cou-pling). Higher frequencies can increase the range(so called UHF backscattering RFID tags) but be-come very sensitive to environmental conditions.
Figure 1-3: Frequency used by RFID systems
1. R
FID
tech
nolo
gies
: sys
tem
feat
ures
and
futu
re te
chno
logi
es
32
Tech
nica
l Rep
ort S
erie
s
3 In the following reference will be made always to magnetic coupling as electric coupling is far less applied.
1.2.3. Factors affecting reading capability
It has to be made clear that though the tech-nology promises a number of fancy characteris-tics, its real application is not straightforward. Thepossibility of reading RFID tags is conditioned bycritical and sometimes rather non-deterministicfactors. It is intuitive that if the tag is “too far”from the reader then no reading can take place.On the contrary it might be extremely useful toexactly know how to increase the reading dis-tance up to what is needed by a specific applica-tion. Another myth is that anything might betagged with an RFID, but the truth is that certainmaterials have characteristics affecting the read-ing capability.
Trying to put some order in these factors theycan be summarized in:
• Radio technology and reading distance
LF and HF passive tag systems use electricand magnetic3 coupling; this means that thereader yields a magnetic field and the tag iscapable of modifying it in a way that thereader can sense. The magnetic field shouldhave enough “intensity” to power the tag
circuitry. It can be shown that the intensityof the magnetic field decreases in intensitywith distance through a factor that can beapproximated to one over the cube of thedistance 1/d.3 This means that doubling thedistance, the capability of reading the tagwith the same reader is decreased to 1/8. Inother words to read a tag at a distance twicethe original distance the reader should yielda magnetic field with power eight times theoriginal power used.
UHF passive tag systems use the so calledbackscattering: once the tag is activated bythe reception of a radio wave, it activatesand “sends” back a radio wave with the an-swer message. In this case the factor that in-dicates the relation between the power ofthe reader and the reading distance is oneover the square of the distance 1/d.2 This iswhy UHF is used where the reading of pas-sive tags is needed at greater distances.
Active tags are powered by an internal en-ergy source and thus they do not need toextract power from a magnetic or electro-magnetic field. They are capable of over-coming the passive tags distance limitations
and support applications with a reading dis-tance of 100 m or even more.
• Radio frequency and tagged materials
Radio waves, as well as light, are absorbedby some materials, notably water, and re-flected by others, namely metals, in differ-ent ways depending on their frequency.This means that a passive RFID applied ona bottle of water or, worst case, on a beercan, might be hardly read. HF tags mightbe used to tag bottles of water better thanUHF. They can also be used on metal ob-jects by separating them from the metal bysome millimetres thick dielectric that al-lows the magnetic field to transit throughthe coils of the antenna (not being divertedby the metal of the tagged object).
UHF passive tags applied to bottles of watercan be read only if they are applied on theside of the bottle turned towards the an-tenna of the reader: if the tag is on the otherside then the radio waves are weakened bytransiting through the water and the read-ing is compromised. In the case of metals,appropriate packaging is needed in order toavoid interference of the answer messagewith the waves reflected by the metal sub-strate.
• Reading geometry
The magnetic (or electromagnetic) fieldgenerated by the reader is somehow ori-ented by the reader antenna and power isinduced in the tag only if the orientation ofthe tag antenna is appropriate. A tag placedorthogonal to the reader yield field will notbe read. This is the reason that guided man-ufacturers to build circular polarized an-tenna capable of propagating a field that isalternatively polarized on all planes pass-ing on the diffusion axis. Linear antennasneed a more accurate positioning of the tagbut can operate at longer distances.
• Environmental factors
The sites where usually RFID are neededare never empty spaces: they are filled upwith metal shelves, heating water pipes,moisture, fork lifts moving around, andcommunication radio equipment. It is very
hard to predict what would be the behav-iour of a RFID system in such rugged situa-tions. Radio waves are reflected, absorbedand mixed with other radio waves. OneRFID technology might work better thanthe other and this can only be identifiedthrough field trials.
The described factors are the reason forwhich in most cases prime contractors sug-gest that after the business case has beenstated and the application process has beenengineered to benefit most from the RFIDapplication, a limited experiment is imple-mented in the actual place in order to bet-ter identify the technologies to be used.
1.2.4. RFID and barcodes
Although it is often thought that RFID and bar-codes are competitive technologies, they are in factcomplementary in some aspects. The primary ele-ment of differentiation between the two is that RFIDdoes not require line-of-sight technology. Barcodesmust be scanned at specific orientations to estab-lish line-of-sight, such as an item in a grocery store,and RFID tags need only be within range of a readerto be read or ‘scanned.’Although RFID and barcodetechnologies offer similar solutions, there are signif-icant advantages to using RFID:
• Tags can be read rapidly in bulk to providea nearly simultaneous reading of contents,such as items in a stockroom or in a con-tainer.
• Tags can be read in no-line-of-sight condi-tions (e.g. inside packaging or pallet).
• Tags are more durable than barcodes andcan withstand chemical and heat environ-ments that would destroy traditional bar-code labels. Barcode technology does notwork if the label is damaged.
• Tags can potentially contain a greateramount of data compared to barcodes,which commonly contain only static infor-mation such as the manufacturer and prod-uct identification. Therefore tags can beused to uniquely identify an object.
• Tags do not require any human interventionfor data transmission.
RFI
D te
chno
logi
es
33
Tech
nica
l Rep
ort S
erie
s
• Changing the data is possible on some RFIDtags
It is easy to see how RFID has become indis-pensable for a wide range of automated data col-lection and identification applications. The distinctadvantages of RFID technology, however, intro-duce an inevitably higher cost. RFID and barcodetechnologies will continue to coexist in responseto diverse market needs. RFID, however, will con-tinue to expand in markets for which barcode orsimilar optical technologies are not as efficient.
1.2.5. Security
Security encryption methods can be embed-ded onto the tag to ensure that the information onit can only be read or written by authorized users.The creation of encryption specifications for RFIDtags by the standards organizations, now inprogress, is a vital step for ensuring widespreadprotection. Security encryption algorithms have al-ready been established for the 13.56 MHz-basedISO/IEC 14443 standard used for automatic farecollection in public transit applications.
In order to create high security RFID systemsa defence against the following individual attackswould be needed (see also Chapter 8):
• Unauthorised reading of a data carrier inorder to duplicate and/or modify data.
• The placing of a foreign data carrier withinthe interrogation zone of a reader with theintention of gaining unauthorised access toa building or receiving services withoutpayment.
• Eavesdropping into radio communicationsand replaying the data, in order to imitate agenuine data carrier (‘replay and fraud’).
When selecting a suitable RFID system, con-sideration should be given to crypto-logical func-tions. Applications that do not require a securityfunction (e.g. industrial automation, tool recogni-tion) would be made unnecessarily expensive bythe incorporation of cryptological procedures. Onthe other hand, in high security applications (e.g.ticketing, payment systems) the omission of cryp-tological procedures can be a very expensive mis-take if manipulated transponders are used to gainaccess to services without authorisation.
1.3. RFID infrastructure elements
Once a tag is placed, the basic componentsneeded to collect the tag information and pass it tothe proper application are the readers and theRFID middleware. The readers are the devices ca-pable of activating the tags and having them pro-vide their data. RFID middleware is the softwaresystem needed to perform a “sensible” reading, i.e.whenever a contemporary reading of multiple tagsis needed it discards duplicates and selects theonly data relevant to the application.
1.3.1. RFID readers
Though manufacturers pursue the possibilityof a universal reader capable of reading any kindof tag, the current situation is that each type of tagcan by read by dedicated equipment. This meansthat an HF Reader is needed to read an HF tag anda different reader is needed to read a UHF one.
A characterization of readers for passive andactive tags is presented below:
• Readers of Passive RFID tags:
- High power emitted (max 4W) in order toactivate passive RFID tags
- High power consumption (rank of Watts)
- Operating ranges of some meters
- Passive Readers can read simultaneouslya number n of RFID tag with a readingspeed of some seconds (n>100)
- Reader comprises the antenna, anti-colli-sion systems (microprocessor + software +memory), RF transceiver, network inter-faces (Ethernet, Wi-Fi, GSM, etc.)
• Readers of Active RFID tags:
- Low power emissions (10-20 mW)
- Reduced power consumption (rank ofmWatts) that allows integration in hand-held devices
- Long ranges (20-100 m)
- Active readers can read simultaneouslydifferent RFID tags (hundreds of RFID tags)with high reading speed (milliseconds)
- Readers include an antenna that can be in-tegrated, an anti-collision system (micro-processor + software + memory), a RF
1. R
FID
tech
nolo
gies
: sys
tem
feat
ures
and
futu
re te
chno
logi
es
34
Tech
nica
l Rep
ort S
erie
s
transceiver, network interfaces (Ethernet,Wi-Fi, GSM, etc.)
1.4. RFID middleware
The RFID Middleware is referred to, by soft-ware manufacturers (Forrester, 2005) and by EPC-global (EPCglobal, 2004), as the set of functions inbetween the pure RFID technology components,in first place the readers, and the business applica-tions capable of exploiting the value of the tech-nology.
These functions can be summarized in:
1. Filtering: thinking of a stream of tag-readevents generated by the readers, the filter-ing functions chooses, on the basis ofproper criteria, which ones deserve to beprocessed by the application layer; as anexample, in some cases, when a tag is readtwice by the same reader within a few sec-onds, only one event might have to be re-ported;
2. Routing: once the tag-read event has beenaccepted for forwarding by the filteringfunction, the Routing Function, on the basisof proper criteria, is capable of delivering itto the correct application;
RFI
D te
chno
logi
es
35
Tech
nica
l Rep
ort S
erie
s
Figure 1-4: RFID middleware – ALE layer as defined by EPCGlobal
3. Data Management: the accepted events areas well recorded on some storage in orderto allow for queries on e.g. the history andperformance monitoring;
4. Device Management includes the controland management functions of the readers:collects and handles alarms, allows for soft-ware download, configuration of frequen-cies and power emissions, etc.
5. Device Adaptors; at the moment there is noagreement upon the protocol interface (nei-ther official nor industry standard) to makereaders work with other systems; the De-vice Adaptors refer to the software codethat has to be provided in order to allow
readers be controlled by the other Middle-ware functions;
6. Application Adaptors: as in point 5 the Ap-plication Adaptors allow business applica-tions to interoperate with the RFIDMiddleware.
On the Middleware subject, a specificationactivity is being carried out by EPCglobal in orderto define the capabilities that have to be supportedby the ALE Layer (Application Level Events Layer)in order to allow for the EPCglobal Information andDiscovery Services (see Section 3.1). Figure 1-4 de-picts the RFID Middleware also with reference toALE Layer and Interface.
1.5. Organizations developinginternational standards
As RFID technology continues to expand, theneed for establishing global standards is increas-ing. Many retailers have completed RFID trialswithin their supplier communities, adding pressureon manufacturers and suppliers to tag products be-fore they are introduced into the supply chain.However, manufacturers cannot cost-effectivelymanage RFID tagging mandates from disparate re-tailers until global standards are established. Thisprocess requires the creation and acceptance ofdata standards that apply to all countries, and it re-quires scanners to operate at compatible frequen-cies.
1.5.1. EPCglobal
In 1998, researchers at the Massachusetts In-stitute of Technology (MIT) Auto-ID Center beganglobal research on RFID. The Auto-ID Center fo-cused on:
• Reducing the cost of manufacturing RFIDtags.
• Optimizing data networks for storing anddelivering large amounts of data.
• Developing open standards for RFID.
The work of the Auto-ID Center has helpedmake RFID technology economically viable forpallet and carton-level tagging. The Auto-ID Cen-ter closed in October 2003, transferring all its RFIDtechnology and information to the EPCglobal or-ganization.
EPCglobal is a member-driven organization ofleading firms and industries focused on developingglobal standards for the electronic product code(EPC) Network to support RFID. The EPC is at-tached to the RFID tag, and identifies specificevents related to the product as it travels betweenlocations. By providing global standards on howto attach information to products, EPC enables or-ganizations share information more effectively.The vision of EPCglobal is to facilitate a world-wide, multi-sector industry adoption of these stan-dards that will achieve increased efficienciesthroughout the supply chain—enabling companiesto have real-time visibility of their products fromanywhere in the world.
The purpose of EPCglobal is to provide thetechnology to increase efficiency and reduce er-rors in the supply chain, achieved by the use oflow cost RFID tags and a framework for global in-formation exchange (see Section 3.1 for the EPCstandards). EPCglobal is a joint venture of GS1 (for-merlyEAN International) and GS1 US™ (formerlyUniform Code Council, UCC).
1.5.2. Global data synchronization
Global Data Synchronization (GDS) is anemerging market in Supply Chain Management. Itis the foundation for next-generation applicationssuch as RFID-based tracking, and more. GDS isdesigned to keep supply chain operations synchro-nized by ensuring that basic product data, such asthe description and category stored by one com-pany, matches the data stored by its trading part-ners. Organizations submit product data in aspecific format to data pools around the globe, andthe data is then validated against a global data reg-istry.
Standards for GDS are guided by the GlobalCommerce Initiative (GCI), a collective group ofretailers and manufacturers. The standards arebeing developed by the European Article Number-ing Association International and The UniformCode Council (EAN and UCC). These standards as-sign attributes to product data that enables manu-facturers, suppliers, retailers, and other participantsin the supply chain to share product-related dataacross the globe. For example, manufacturerscould have their product catalogue accessibleworldwide, and retailers could search for any typeof product and take advantage of unlimited globalaccess.
1.5.3. International Organization forStandardization (ISO)
The International Organization for Standard-ization (ISO) is a network of national standards in-stitutes of 148 countries working in partnershipwith international organizations, governments, in-dustries, and business and consumer representa-tives. The ISO asserts jurisdiction over the AirInterface (the frequency spectra used for RFIDtransmission) through standards-in-developmentISO 18000-1 through ISO 18000-7. These are rep-resented in the United States by the American Na-
1. R
FID
tech
nolo
gies
: sys
tem
feat
ures
and
futu
re te
chno
logi
es
36
Tech
nica
l Rep
ort S
erie
s
tional Standards Institute (ANSI) and the FederalCommunications Commission (FCC).
The International Organisation for Standardi-sation (ISO) in collaboration with the InternationalElectrotechnical Committee (IEC) has produced aset of standards for the interface between readerand tag, operating at various radio frequencies. Asmentioned, these standards are numbered in theseries ISO/IEC 18000-n.
There is strong interest currently in the UHFfrequency band between 860 MHz and 960 MHz.The ISO standard, currently being published, isISO/IEC 18000-6, with options for two differingcommunications protocols, type A and type B. Itis likely that the recently agreed EPCglobal Gener-ation 2 standard will be incorporated into ISO18000-6 as type C.
Previously, only a relatively small amount ofbandwidth at restrictively low power was availablein Europe in the newly exploited band around 900MHz. This is because the frequency range be-tween 902 MHz and 928 MHz as used in NorthAmerica is assigned to the Global System for Mo-bile (GSM) services in Europe. The situation hasimproved immensely following the recent ap-proval by European standards bodies of the use often channels at 2 Watts Effective Radiated Power(ERP) in the band from 865.6 MHz to 867.6 MHz,together with five additional lower powered chan-nels. The European Telecommunications StandardsInstitute (ETSI) has recently produced and ap-proved technical standards to meet these parame-ters. While the available bandwidth may prove tobe a restriction in the long term, the increase ofradio frequency (RF) power to 80% of that allowedin North America means that the performance interms of range will be quite similar in both regions.
1.5.4. AIM Global
AIM Global is the global trade association forthe Automatic Identification and Mobility industrythat manages the collection and integration of datafor information management systems. Servingmore than 900 members in 43 countries, AIMGlobal is dedicated to accelerating the use of au-tomatic identification data collection (AIDC) tech-nologies around the world.
As the leader in developing internationalRFID standards, AIM Global strives to educate thecommunity. The company is participating as theRFID Association Sponsor for a series of sympo-siums worldwide to build consensus about stan-dards for using RFID technology on commercialairplanes. Aircraft manufacturers Boeing and Air-bus plan to collaborate; both companies are mov-ing toward RFID adoption based on the AirTransport Association (ATA) automated identifica-tion and data capture guidelines.
1.5.5. Ubiquitous ID Center
The Ubiquitous ID Center was created to de-velop technologies such as RFID and others thatwill enable the automatic recognition of items withthe ultimate objective of creating a ubiquitouscomputing environment. In April 2004, China,Japan, and Korea agreed to participate in Ubiqui-tous ID-related events, each signing agreements toconduct joint research with the goal of establishingUbiquitous ID Centers and T-Engine Developmentcentres in each country. T-Engine is the develop-ment platform for ubiquitous computing technolo-gies.
1.6. Future tagging technologies
Though radio technology for identificationpurposes has been a revolution with respect to theproven laser based barcode, future identificationtechnologies will not necessarily be using radiowaves. In the following an overview is given ofsome of the more promising automatic identifica-tion technologies currently under study or in veryearly industrial phase based on radio waves aswell as laser readers.
1.6.1. Surface Acoustic Waves (SAW) 4
The promise of the SAW technology is to beable to provide very low cost radio readable tags.The SAW tags are classified as “chipless” tags be-cause there is no need for a real processing chip tooperate them. Once the SAW tag receives theradio signal from the reader, a simple transducertranslates it into acoustic waves on the surface of
RFI
D te
chno
logi
es
37
Tech
nica
l Rep
ort S
erie
s
4 http://www.rfsaw.com
the tag. Metallic structures precisely built on thetag reflect, according to a definable scheme, theacoustic wave back to the transducer that convertsit again into a radio signal. The overall effect isvery similar to a conventional RFID but, having noneed of a processing chip, the cost is dramaticallyreduced. From experiments it seems that SAW tags
perform very well both on metals and water thusovercoming the constraints of HF and UHF RFID.The drawback is that the tag code is hard-codedby the tag manufacturer and is not modifiable.Moreover effective ways to avoid collisions haveyet to be identified.
1. R
FID
tech
nolo
gies
: sys
tem
feat
ures
and
futu
re te
chno
logi
es
38
Tech
nica
l Rep
ort S
erie
s
5 Examples of advanced research areas: a) Underskin Implant of RFID for personal identification, Amal Graafstra,http://www.bmezine.com/news/presenttense/20050330.html b) RFID embedded in cardboard boxes by Beamfetch, http://www.rfidjour-nal.com/article/articleview/1588/1/72 c) RFID embedded in tires by Michelin, http://www.rfidjournal.com/article/articleview/269/1/1/
Figure 1-5: Surface Acoustic Wave (SAW) Tags
1.6.2. Embedded tags
Tagging will move from being something at-tached to an object to become a standard part ofthe object “fabric”. RFID are technologies thatcan substitute the barcode as soon as 2007 in themass market. They are already replacing barcodeon pallets and in certain market sectors. Theirvalue in the production and distribution chain isvery big since they facilitate reading at a dis-tance. There are several flavours of RFID tags,passive, active, rewriteable, etc. For applicationwithin the area of person identification the onesthat fit better are the passive RFID. Being passivethere is no need for a battery and the chips canstay “dormant” for tens of years till an appropri-ate electromagnetic field activates them and readthe values stored. Although there are already anumber of people who have chosen to be taggedit is still an open question whether it will be amass-market identification or be restricted tosome niches. Pets and livestock in many coun-tries are already tagged (in livestock, tags are re-placing the branding). It is surely technologicallyand economically feasible to inject any newbornbaby with a RFID tag and from that moment on
to have a unique electronic signature of the per-son that can be used through a cross referencingdatabase in a number of ways.
Other identification techniques are at thehorizon, based on cellular tagging. The problemhere is that cells die and are shed so the tagswould need to be replaced continuously. Thiskind of tagging is likely to be used extensivelyfor medical treatment. It may provide tagging forthe duration of the cure. Tags are already used inmedical treatment to identify cancerous cells, oras a marker for guiding robots during surgical op-erations. Some leading edge technologies havealready demonstrated the possibility of associat-ing nano-antennas to the cell DNA. Nano mark-ers are also under consideration for medicaldiagnoses and they may be used for identifica-tion. However the possibility offered by RFIDtags, their low cost, easy implantation and read-ing are shifting the question to the social accept-ability rather than on finding alternativetechnologies. Research in this area is both inbasic science and in cross disciplinary ap-proach.5
1.6.3. UWB tags6
UWB (Ultra Wide Band) RFID tags transmitsignals over multiple bands of frequencies simulta-neously and transmit for a much shorter durationthan those used in conventional RFID. This type oftags consumes less power than conventional RFtags and can operate across a broad area of theradio spectrum. UWB tags can be used in closeproximity to other RF signals without causing orsuffering from interference because of the differ-ences in signal types and radio spectrum used.
Parco Wireless company has prepared ademo area to show UWB tag advantages. Thedemo area recreates a hospital environment. Byusing UWB tag patients can be localised as wellas medical and paramedical instruments.
With respect to passive tags, UWB tags do notinterfere with electronic equipment used in hospi-tals. The actual transfer speed (100 kbps) is goingto be 24 Mbps within 2 years according to ParcoWireless. Each tag emits its ID signal every secondand can be localised by a system of receivers with5 cm precision. Four antennas are enough to coveran area up to 2000 square meters depending onthe building structures in the area.
Today an UWB tag costs about 40 euros.
1.6.4. Optical tags7
Optical tags fall in the Physical One WayFunction (POWF) class. They have the drawbackof needing fairly complex arrangements to be read,namely the extremely precise positioning of the tagwith respect to the laser beam of the reader. Thismakes them not practical for most applicationswith respect to passive and active tags. A promis-ing characteristic is in the capability to provide dif-ferent codes to different angled readers thuseffectively partitioning information. This mightprove useful in several business applications withsupport for high security.
The prototypes (Massachusetts Institute ofTechnology) are currently built on an Eurocentsized piece of plastic that has a number of ran-domly positioned glass micro spheres. When thesystem is lighted by means of a laser beam it re-flects light with a very specific scattering pattern.The pattern is analysed by a system that can pre-cisely identify the single tag instance. The tag canbe hardly reverse-engineered: it is practically im-possible to build a tag with those micro spheres onthe basis of its scattering pattern. Moreover differ-ent readers might get different results thus allowingfor a robust certification of the identity of the tag.The costs are expected to be comparable to thoseof the barcode tags when mass produced.
1.6.5. DNA tags8
In order to develop anti-counterfeit systems anew technology is being explored: tags which useDNA fragments. There are already companies(such as the American Applied DNA Science)which are developing systems to embed botanicDNA fragments into tags; DNA is among the mostresistant code structures: Applied DNA Scienceguarantees that this type of tagging can be read-able for as long as 100 years. It is likely that mostbenefit will be realised when using this type of tag-ging directly in passports, bank checks, etc…
1.6.6. Software tags9
Software tags are also very promising. Thetechnology of software tags differs considerablyfrom other tags but software tags show great over-lap in functionality with other hardware basedtags. Software tags will for instance be used in tag-ging on-line information.
An example of software tags is given by Sema-pedia.org.10 Through a Semapedia application it ispossible to create a specific picture (resembling alarge square filled with little black squares) able to
RFI
D te
chno
logi
es
39
Tech
nica
l Rep
ort S
erie
s
6 http://www.rfidjournal.com/article/articleview/1285/1/1/7 http://www.sciencedaily.com/releases/2003/11/031113070248.htm
http://web.media.mit.edu/~brecht/papers/02.PapEA.powf.pdfhttp://www.trnmag.com/Stories/2002/100202/Plastic_tag_makes_foolproof_ID_100202.html http://web.media.mit.edu/%7Epappu/htm/res/resPOWF.htm
8 http://www.csmonitor.com/2004/0318/p14s02-stct.html, http://www.dnatechnologies.com/process/ 9 http://www2.districtadministration.com/viewArticle.aspx?articleid=12610 http://www.semapedia.org/
represent, and being associated to, an Internet link(Semapedia links to Wikipedia information). Oncethe picture is created it must be printed out andplaced on a physical object whose internet link isan address. The information about the physicaltagged object is then obtained by just taking a pic-ture with a cellular phone and processing itthrough simple software. By this technique it ispossible to place a simple small paper pictureclose to every monument and then reach the asso-ciated information on the Internet by taking a pic-ture of the tag and processing it.
1.7. Potential challenges of RFID implementation
In addition, to choosing the appropriatetag/reader technology in a specific applicationarea, the following list represents potential chal-lenges to consider when implementing an RFIDsolution:
• Large volumes of data–Readers scan eachRFID tag several times per second, whichgenerates a high volume of raw data. Al-though the data is redundant and discardedat the reader level, processing large vol-umes of data can be difficult.
• Product information maintenance – Whena high volume of RFID tags are processedby the reader, the attributes of each taggedproduct must be continually retrieved from
a central product catalogue database – aprocess that results in challenges for large-scale implementations.
• Configuration and management of readersand devices – When a large number ofreaders and related hardware devices aredeployed across multiple facilities, configu-ration and management can be challenging.The implementation of automated devicesfor these processes is essential.
• Data integration across multiple facilities –In an enterprise with multiple facilities thatare geographically distributed, it is increas-ingly difficult to manage data in real timewhile at the same time aggregating it intothe central IT facility—a process that canplace a significant burden on the networkinfrastructure.
• Data ownership and partner data integra-tion – When there are different companiesinvolved in business processes, such ascommonly found in the Retail supply chain,it can create issues pertaining to the owner-ship and integration of the data, therebycompromising the integrity of the solutionarchitecture.
• Data security and privacy – Depending onthe nature of the business application andthe solution scenario, security and privacychallenges could have a significant impacton the architecture.
1. R
FID
tech
nolo
gies
: sys
tem
feat
ures
and
futu
re te
chno
logi
es
40
Tech
nica
l Rep
ort S
erie
s
2. Spectrum allocation
RFI
D te
chno
logi
es
41
Tech
nica
l Rep
ort S
erie
s
The capabilities of the RFID system are verydependent on the carrier frequency at which in-formation is transported. The use of lower fre-quencies provides larger wavelength and acoupling effect between RFID tag and readermore similar to primary and secondary couplinginside inductors (see also Section 1.2). This causesthe range to be shorter in LF (~125 kHz) and HF(~13.56 MHz) bands than in UHF (~900 MHz)and microwave bands (>2.45 GHz): for UHF andmicrowave as a matter of fact, the coupling be-tween tag and reader is performed by backscat-tering (the electromagnetic wave is propagatedfrom the reader and reflected by the RFID andmodulated according to the specific informationof RFID tag). The range that can be achieved usingthe same radiated power as in case of LF is much
higher for UHF and microwave RFID system, de-pending on propagation conditions as well as onregulatory limits.
Due to government regulation, different partsof the electromagnetic spectrum are assigned todifferent use purposes. The three frequency rangesthat typically distinguish RFID systems are low, in-termediate, and high. There are currently four fre-quency bands in use around the world for RFIDapplications. Within these bands a number of fre-quencies are addressed by RFID standards andused by manufacturers in proprietary applications.These frequency ranges and associated informa-tion describing typical system characteristics andareas of application are presented through theTable 2-1.
Table 2-1: RFID frequency bands and applications
Frequency Band Characteristics Typical Applications Typical Range
Low Frequency 125-135 kHz Access control Few centimetres30-300 kHz Short to medium read range Animal IdentificationITU Band 5 Inexpensive Inventory control
Low reading speed Car immobilizer
High Frequency 13.56 MHz Access control Few centimetres (could 3-30 MHz Short to medium read range Smart Cards be slightly enhanced using ITU Band 7 Potentially inexpensive particular antennas)
Medium reading speed
Ultra High 433 MHz Railroad car monitoring Under 10 metersFrequency 860-960 MHz Toll collection systems300-3000 MHz 2.45 GHz ITU Band 9 Long read range
High reading speedLine of sight required for micro-wave backscattering systems Expensive
Super High 5.8 GHz Toll collection systems 100 m and overFrequency Line of sight required for UWB Localization3-30 GHz micro-wave backscattering ITU Band 10 systems
Expensive
Frequency bands used by RFID systems are associated to different parts of ISO 18000 standard as de-scribed in Section 3.2.1. Different frequencies have to be used for different applications: a rule of thumbfor this can be associated to the fact that lower frequencies can be used to increase the penetration into ma-terials and water, but give shorter range (inductive coupling). Higher frequencies can increase the range (socalled UHF backscattering RFID tags) but become very sensitive to environmental conditions.
2.1. Regulatory status for using RFID
Frequency bands are defined through nationalregulation: any RF equipment is allowed to bepowered only if complying with these regulations.This applies also to RFID applications in variousways. LF band is basically unregulated and thusLF RFID are freely used (e.g. electronic car key, au-tomatic coffee machines, etc.).The 13.56 MHz,433 MHz, 2.45 GHz frequencies were originallyallocated globally for Industrial, Scientific andMedical (ISM) non-commercial applications and,not considering possible local regulations, are li-cense-free.11
The UHF frequency range needed for EPC-global compliance (860-960 MHz) that is not a li-cense-free band has a different status. In this caseeach country has taken up the responsibility of
making the frequencies available for RFID appli-cations. This process is well underway worldwide.
Table 2-2 presents UHF spectrum allocationcharacteristics concerning the 27 EU MemberStates of the European Community and Table 2-3presents the spectrum allocation characteristics ofselected remaining countries in Europe. The statuscode “IP” means that no regulations are availableat the moment but work is in progress, while thecode “NA” stands for no information available. Inthe EU25 area it can be seen that issues in mostcountries should be solved during the year 2006,except in Italy and Hungary where some decisionsstill have to be taken. It should be noted that theunavailability of UHF frequencies in some coun-tries might heavily undermine their capacity in thefuture to keep the pace with international com-merce.
2. S
pect
rum
allo
catio
n
42
Tech
nica
l Rep
ort S
erie
s
11 To check the ISM Bands reference can be made to “European Radiocommunications Committee (ERC) within the European Conferenceof Postal and Telecommunications Administrations (CEPT)” at http://www.ero.dk/eca-change .
Table 2-2: EU27 UHF spectrum allocation
Country Status Frequency Power Protocol Comments
Austria OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since 2 February 2006
Belgium IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Bulgaria IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Cyprus IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
CzechRepublic OK 865.6-867.6 MHz 2 W erp LBT
Denmark OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since January 2005
Estonia IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006. License possible.
Finland OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since 3 February 2005
France IP 865.6-867.6 MHz 2 W erp LBT New regulations should be implemented in July 2006
Germany OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since 22 December 2004
Greece IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Hungary IP 865.6-867.6 MHz 2 W erp LBT Implementation is in progress
Ireland IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Italy IP 865.6-867.6 MHz 2 W erp LBT Conflict with band allocated to tactical relays military application. Temporary licenses available.
Latvia IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Lithuania IP 865.6-867.6 MHz 2 W erp LBT Individual license required. New regulations should be in place in 2006
Luxembourg IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Malta IP 865.6-867.6 MHz 2 W erp LBT Individual license required. New regulations should be in place in 2006
Country Status Frequency Power Protocol Comments
Netherlands OK 865.6-867.6 MHz 2 W erp LBT New regulations will be in place since 27 February 2006
Poland OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since October 24th 2005
Portugal IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Romania OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since April 7, 2006
SlovakRepublic OK 865.6-867.6 MHz 2 W erp LBT New regulations in place
Slovenia IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Spain OK 865.6-867.6 MHz 2 W erp LBT New regulations will be in place by January 2007
Temporary licenses available.
Sweden OK 865.6-867.6 MHz 2 W erp LBT New regulations approved 13 Dec 2005. In the law since 1 Jan 2006
UnitedKingdom OK 865.6-867.6 MHz 2 W erp LBT New regulations in place as of 31 January 2006
Table 2-3: UHF spectrum allocation in other European countries
Country Status Frequency Power Protocol Comments
BosniaHerzegovina NA
Croatia IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Iceland OK 865.6-867.6 MHz 2 W erp LBT
Macedonia,FYR NA
Norway IP 865.6-867.6 MHz 2 W erp LBT New regulations will be in place in 2006
Serbia NA
Montenegro NA
Switzerland OK 865.6-867.6 MHz 2 W erp LBT
Turkey IP 865.6-867.6 MHz 2 W erp LBT Conflict with band allocated to tactical relays military applications
RFI
D te
chno
logi
es
43
Tech
nica
l Rep
ort S
erie
s2.2. Efficient use of spectrum
allocation (RFID, WiFi, ZigBee)
The selection of the technology to be used ac-cording to the application scenario is a hard issueto solve because it has to take care of several fac-tors that rely upon the application requirementsbut also upon the availability of spectrum re-sources. By using passive RFID systems (tags andreaders) the tags do not need batteries but the over-all power emission radiating from the reader has tobe much higher than battery operated active RFIDsystems (where the power source of the tags itselfcan be used to send a response from an interroga-tion without waiting for an electromagnetic fieldcoming from the reader in order to enable the pas-
sive RFID). Considering this, it can be assumedthat the emitted power of active RFID systems (tagsand readers) is significantly lower than the emit-ted power related to passive RFID systems. Thedisadvantages connected to spectrum occupancyare related to the use of passive RFID for bandsthat can be used by other wireless system becausea passive reader may occupy a significant portionof the spectrum not allowing other systems to workproperly.
An example of this is the 2.45 GHz ISM bandwhere technologies like WiFi, Bluetooth and Zig-Bee coexist (see Section 4.2 for information aboutthese technologies). If active RFID tag technologyis used, the effect can be considered similar to hav-
ing multiple ZigBee networks situated in a limitedarea: in that case the spectrum can be crowded butthe power level can be maintained low enough toguarantee the correct functionality of the networks.If a 2.45 GHz passive RFID system is placed insidea WiFi network, it can seriously affect the WiFiperformance. So attention has be paid into thecombined use of active and passive RFID tech-nologies and the frequency band choice becausethe application behaviour can be affected by it.
In general the choice of the frequency bandhas to take into account the following points thatare strictly connected to application requirementsand cost of the final solution:
• Application requirements:
- Range of readings;
- Number of simultaneous readings per sec-ond;
- Frequency of readings (it can discouragethe use of active RFID tags);
- Types of material of the tagged objects
(problems with fluids)
- Operational environment (propagation
environment can significantly change its
effect according to the frequency range)
• Cost:
- Referred to the RFID tags;
- Referred to the RFID readers;
- Referred to the RFID system (middleware
and network infrastructure).
Therefore, in order to guarantee multiple
radio solutions in a limited area, attention has to
be paid to the choice among the passive RFID tag
solutions; the trade-off with active tags can be
found considering the cost of the active RFID tags
and the fact that battery operated systems could
require replacement (it strictly depends upon ap-
plication requirements and frequency of readings).
2. S
pect
rum
allo
catio
n
44
Tech
nica
l Rep
ort S
erie
s
3. RFID standards
RFI
D te
chno
logi
es
45
Tech
nica
l Rep
ort S
erie
s
12 EPCglobal ratified Standards can be downloaded at: http://www.epcglobalinc.org/standards_technology/ratifiedStandards.html
As RFID technology continues to expand, theneed for establishing global standards is increasing.Many retailers have completed RFID trials withintheir supplier communities, adding pressure onmanufacturers and suppliers to tag products beforethey are introduced into the supply chain. However,manufacturers cannot cost-effectively manage RFIDtagging mandates from disparate retailers untilglobal standards are established. This process re-quires the creation and acceptance of data stan-dards that apply to all countries, and it requiresscanners to operate at compatible frequencies.
Figure 3-1 provides an overview of the rele-vant RFID standards and their relationships with
special reference to EPCglobal standards. It has tobe noted that the electromagnetic power that is ra-diated by the reader in order to read the tags has arelevant impact on the maximum distance be-tween the reader and the tag: increasing power en-ables increasing the read distance and thetechnology exploitation potential. The radiatedpower can be measured in different ways. As anexample US standards allows a maximum radiatedpower of 4W EIRP (Equivalent Isotropic RadiatedPower) while European standards allow for 2WERP (Effective Radiated Power). If the power radi-ation characteristics have to be compared then itshould be noted that 2W ERP is equivalent to3.28W EIRP thus comparable to the US 4W.
Figure 3-1: RFID frequencies and relevant standards
3.1. EPCglobal12
EPCglobal is a member-driven organization ofleading firms and industries focused on developingglobal standards for the electronic product code(EPC) Network to support RFID (see also Section1.5.1) The EPC is attached to the RFID tag, andidentifies specific events related to the product asit travels between locations. By providing global
standards on how to attach information to prod-
ucts, EPC enables organizations to share informa-
tion more effectively. The vision of EPCglobal is to
facilitate a worldwide, multi-sector industry adop-
tion of these standards that will achieve increased
efficiencies throughout the supply chain—en-
abling companies to have real-time visibility of
their products from anywhere in the world.
The Board Of Governors of EPCglobal is com-posed by the following enterprises: P&G, GS1,Sony, Lockheed Martin, Wal*Mart, DHL, HP,Metro, Cisco, Novartis, Johnson&Johnson, OATSystems, USA DoD. It is composed by leader com-panies (20% user and 80% technology) that areusing RFID, most notably the giant U.S. basedWal*Mart supermarket chain, and houses very fewtechnology providers. This distribution mimics theintentions of EPCglobal in order to ensure that sup-ply chain process requirements, settled by usercompanies, lead the standardization process: RFIDshould be kept functional to supply chain pur-poses. In this situation the US do not have a dom-
inant position with respect to Asia or Europe: sup-ply chain requirements are the same all over theworld. On the other hand, probably in virtue of thenationwide availability of UHF frequencies, theUS appears to be in front of the others in terms oftrials and operational RFID automated installa-tions. Whereas Wal*Mart and the DoD play thestar role in the US, in Europe METRO and TESCOrun short behind.13
In Table 3-1 an overview of the different EPCprotocols is summarized: the recent EPCglobalGeneration 2 protocol (chosen by Wal-Mart for itsRFID adoption) is reported as Class 1 Version 2 ac-cording to EPC Protocol naming.
3. R
FID
sta
ndar
ds
46
Tech
nica
l Rep
ort S
erie
s
13 The organization has set itself tough targets in developing standards and interfaces for most of the elements of an RFID system, as follows:a) The Electronic Product Code (EPC), b) The standards for the ID System describing the functions, interfaces and communications pro-tocols for the reader and tag, c) EPC Middleware that will sit between RFID readers and enterprise applications, ensuring that erroneous,duplicated and redundant information is filtered out, d) The Object Name Service (ONS) that will be operated by Verisign under con-tract to EPCglobal, e) The EPC Information Service (EPC-IS) that will store, host and provide access to serial number specific informa-tion about products as they pass along a supply chain, f) The EPC Discovery Service providing subscribers to EPCglobal and EPC-IS withadditional information about individual items for tracking and tracing purposes.
14 The latest protocol is highlighted
Table 3-1: EPCglobal Protocol14
Protocol Frequency Description
Class 0 UHF Read-Only – Manufacturer pre-programming
Class 0 Plus UHF Read-Write
Class 1 HF/UHF Write-once, Read-Many (WORM)
Class 1 Ver. 2 UHF WORM
Class 2 UHF Read-Write Tag
With reference to the EPCglobal frameworkthe relevance of the specification activity beingcarried out to define the framework architectureshould be noted. This activity has the objective toallow for the worldwide retrieval of information,from manufacturing to retail, regarding some prod-uct item. Each organization involved in the man-ufacturing and distribution of some product mightpublish, by means of the “Information Service”component, information regarding the local treat-ment of the product item. During the wholeprocess down to the actual exploitation of theproduct item, this information can be made avail-able to consumers too, by means of the “Discov-ery Service” and the “Object Naming Service”(ONS) through a system similar to the DomainName Service-DNS of the Internet.
The recent EPCglobal Generation 2 protocol(chosen by Wal-Mart for its RFID adoption) is one
of the most discussed in the last year because itpromises good range and performances.
As a general consideration it should be saidthat the currently relevant EPCglobal specificationsare the low level technology, i.e. the tag radio in-terface, and the coding, i.e. the Electronic ProductCode –EPC. The first one is critical to allow thepossibility of reading worldwide the EPC tags andthe second one allows the possibility of having aunique worldwide way of coding the tags. Theother published specification, namely ALE, is to beconsidered as more manufacturer related in orderto foster the independent development of supplychain applications and RFID infrastructure. Stillunder development is the other relevant and prob-ably even more impacting EPC Information Ser-vices (EPC-IS) interface. When available this willallow the automation of supply chains among dif-ferent companies.
3.2. International Organization forStandardization (ISO)
The International Organization for Standard-ization (ISO) is a network of national standards in-stitutes of 148 countries working in partnership withinternational organizations, governments, indus-tries, and business and consumer representatives.The ISO asserts jurisdiction over the Air Interface(the frequency spectra used for RFID transmission)through standards-in-development ISO 18000-1through ISO 18000-7. Members15 of ISO are world-wide national organizations for standardization. Forexample the United States are members throughAmerican National Standards Institute (ANSI),France through Association Française de Normali-sation (AFNOR), Italy through Ente Italiano di Unifi-cazione (UNI).
International Organization for Standardization(ISO) in collaboration with the International Elec-trotechnical Committee (IEC) has produced a set ofstandards for the interface between reader and tag,operating at various radio frequencies. As men-tioned, these standards are numbered in the seriesISO/IEC 18000-n and detailed in the following.
3.2.1. ISO/IEC 18000 information tech-nology AIDC techniques - RFID foritem management - air interface
• 18000-1 Part 1 – Generic Parameters for theAir Interface for Globally Accepted Frequen-cies
• 18000-2 Part 2 – Parameters for Air InterfaceCommunications below 135 kHz
• 18000-3 Part 3 – Parameters for Air InterfaceCommunications at 13.56 MHz
• 18000-4 Part 4 – Parameters for Air InterfaceCommunications at 2.45 GHz
• 18000-5 Part 5 – Parameters for Air InterfaceCommunications at 5.8 GHz (Withdrawn)
• 18000-6 Part 6 – Parameters for Air InterfaceCommunications at 860 to 960 MHz
• 18000-7 Part 7 – Parameters for Air InterfaceCommunications at 433 MHz
The first part is the defining document that ex-plains how the standard works and the rest are di-vided by frequency. A revision to all the parts of18000 will include fixes to the standards based onactual issues discovered during the use of the stan-dards along with the addition of the capabilities touse batteries and sensors with the existing tech-nologies. Work has started on this area at the endof 2005.
3.2.2. 18000-1 Part 1 – generic parametersfor the air interface for globally ac-cepted frequencies16
ISO/IEC 18000-1:2004 defines the parametersto be determined in any Standardized Air InterfaceDefinition in the ISO/IEC 18000 series. The subse-quent parts of ISO/IEC 18000 provide the specificvalues for definition of the Air Interface Parame-ters for a particular frequency or type of air inter-face, from which compliance (or non compliance)with ISO/IEC 18000-1:2004 can be established.ISO/IEC 18000-1:2004 also provides descriptionof example conceptual architectures in whichthese air interfaces are often utilized.
ISO/IEC 18000-1:2004 limits its scope totransactions and data exchanges across the air in-terface at Reference Point Delta. The means ofgenerating and managing such transactions, otherthan a requirement to achieve the transactionalperformance determined within ISO/IEC 18000-1:2004, are outside its scope, as is the definition orspecification of any supporting hardware,firmware, software or associated equipment.
ISO/IEC 18000-1:2004 is an enabling stan-dard that supports and promotes several RFID im-plementations without making conclusions aboutthe relative technical merits of any available op-tion for any possible application.
RFI
D te
chno
logi
es
47
Tech
nica
l Rep
ort S
erie
s
15 The complete list of ISO members is available at:http://www.iso.org/iso/en/aboutiso/isomembers/index.html
16 http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=34112
3.2.3. 18000-2 Part 2 – parameters for airinterface communications below135 kHz17
ISO/IEC 18000-2:2004 defines the air inter-face for radio-frequency identification (RFID) de-vices operating below 135 kHz used in itemmanagement applications. Its purpose is to providea common technical specification for RFID de-vices to allow for compatibility and to encourageinter-operability of products for the growing RFIDmarket in the international marketplace. ISO/IEC18000-2:2004 defines the forward and return linkparameters for technical attributes including, butnot limited to, operating frequency, operatingchannel accuracy, occupied channel bandwidth,spurious emissions, modulation, duty cycle, datacoding, bit rate, bit rate accuracy, bit transmissionorder. It further defines the communications proto-col used in the air interface.
ISO/IEC 18000-2:2004 specifies:
• the physical layer that is used for communi-cation between the interrogator and the tag;
• the protocol and the commands;
• the method to detect and communicatewith one tag among several tags (“anti-col-lision”).
It specifies two types of tags: Type A (FDX) andType B (HDX). These two types differ only by theirphysical layer. Both types support the same anti-collision and protocol. FDX tags are permanentlypowered by the interrogator, including during thetag-to-interrogator transmission. They operate at125 kHz. HDX tags are powered by the interroga-tor, except during the tag-to-interrogator transmis-sion. They operate at 134.2 kHz. An alternativeoperating frequency is described.
An optional anti-collision mechanism is alsodescribed.
3.2.4. 18000-3 Part 3 – parameters for airinterface communications at 13.56MHz18
18000-3 ISO/IEC 18000-3:2004 providesphysical layer, collision management system and
protocol values for RFID systems for item identifi-cation in accordance with the requirements of ISO18000-1. It relates solely to systems operating at13.56 MHz.
ISO/IEC 18000-3:2004 has two modes of op-eration, intended to address different applications.The modes, whilst not interoperable, are non-in-terfering:
• Mode 1 is based on 15693 withadditions/changes to better suit the Itemmanagement market and improve the com-patibility between vendors;
- The Interrogator to Tag data rate is 1.65kbps (fc/8192) or 26.48 kbps (fc/512);
- The Tag to Interrogator data rate is 26.48kbps (fc/512). The protocol extension has aprecursor data rate ~ 52.97 kbps (fc/256)and a main reply data rate ~105.94 kbps(fc/128).
• Mode 2 is a high speed interface.
- The Interrogator to Tag data rate is 423.75kbps;
- The Tag to Interrogator data rate is105.9375 kbps on each of 8 channels.
Both of the MODES require a license from theowner of the Intellectual Property, which shall beavailable on terms in accordance with ISO Policy.
3.2.5. 18000-4 Part 4 – parameters for airinterface communications at 2.45GHz19
ISO/IEC 18000-4:2004 defines the air inter-face for radio-frequency identification (RFID) de-vices operating in the 2.45 GHz Industrial,Scientific, and Medical (ISM) band used in itemmanagement applications. Its purpose is to providea common technical specification for RFID de-vices that may be used by ISO committees devel-oping RFID application standards. ISO/IEC18000-4:2004 is intended to allow for compatibil-ity and to encourage inter-operability of productsfor the growing RFID market in the internationalmarketplace. ISO/IEC 18000-4:2004 defines the
3. R
FID
sta
ndar
ds
48
Tech
nica
l Rep
ort S
erie
s
17 http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=34113 18 http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=34114&ICS1=35&ICS2=40&ICS3 19 http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=34115
forward and return link parameters for technicalattributes including, but not limited to, operatingfrequency, operating channel accuracy, occupiedchannel bandwidth, maximum EIRP, spuriousemissions, modulation, duty cycle, data coding,bit rate, bit rate accuracy, bit transmission order,and where appropriate operating channels, fre-quency hop rate, hop sequence, spreading se-quence, and chip rate. It further defines thecommunications protocol used in the air interface.
ISO/IEC 18000-4:2004 contains two modes.The first is a passive tag operating as an interroga-tor talks first while the second is a battery assistedtag operating as a tag talks first.
Mode 1: Passive backscatter RFID system -The FHSS backscatter option or the narrow bandoperation RFID system shall include an interroga-tor that runs the FHSS backscatter option 1 RFIDprotocol or in narrow band operation, as well asone or more tags within the interrogation zone
Mode 2: Long range high data rate RFID sys-tem - This clause describes a RFID system, offeringa gross data rate up to 384 kbps at the air interfacein case of Read/Write (R/W) tag. In case of ReadOnly (R/O) tag the data rate is 76.8 kbps. The tagis battery assisted but back scattering. By using ofbattery powered tags such a system is well de-signed for long-range RFID applications.
This air interface description does not explicitclaim for battery assistance in the tag, also realpassive tags or tags for mixed operation are con-ceivable.
3.2.6. 18000-5 Part 5 – parameters for airinterface communications at 5.8GHz
This part has been withdrawn at the final vot-ing in 2003. No ISO 18000-5 standard is thusavailable and it will not become a standard unlessan ISO member puts forward a new proposal andstarts the lengthy standards process all over againIt is here mentioned for completeness. The lack ofthis standard will cause the emergence of non-in-
teroperable proprietary solutions but this might notbe a problem as the applications for active tag sys-tems are mostly localized. Other related standards,as those for DSRC20 (Dedicated Short Range Com-munications), might take over ISO.
3.2.7. 18000-6 Part 6 – parameters for airinterface communications at 860 to930 MHz21
ISO/IEC 18000-6:2004 defines the air inter-face for radio-frequency identification (RFID) de-vices operating in the 860 MHz to 960 MHzIndustrial, Scientific, and Medical (ISM) bandused in item management applications. Its pur-pose is to provide common technical specifica-tions for RFID devices that may be used by ISOcommittees developing RFID application stan-dards. ISO/IEC 18000-6:2004 is intended toallow for compatibility and to encourage inter-operability of products for the growing RFID mar-ket in the international marketplace. ISO/IEC18000-6:2004 defines the forward and return linkparameters for technical attributes including, butnot limited to, operating frequency, operatingchannel accuracy, occupied channel bandwidth,maximum EIRP, spurious emissions, modulation,duty cycle, data coding, bit rate, bit rate accu-racy, bit transmission order, and where appropri-ate operating channels, frequency hop rate, hopsequence, spreading sequence, and chip rate. Itfurther defines the communications protocol usedin the air interface.
ISO/IEC 18000-6:2004 contains one modewith two types. Both types use a common returnlink and are reader talks first. Type A uses Pulse In-terval Encoding (PIE) in the forward link, and anadaptive ALOHA collision arbitration algorithm.Type B uses Manchester in the forward link and anadaptive binary tree collision arbitration algorithm.
ISO/IEC 18000-6:2004 has been updated toinclude the EPCglobal Generation 2 specificationas Type C as well as fix issues in relation to TypesA and B. This is published as an Amendment to thestandard.22
RFI
D te
chno
logi
es
49
Tech
nica
l Rep
ort S
erie
s
20 More details are available at http://grouper.ieee.org/groups/scc32/dsrc/worldwide/inde.html 21 http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=34117 22 http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=43923
3.2.8. 18000-7 Part 7 – parameters for airinterface communications at 433MHz23
ISO/IEC 18000-7:2004 defines the air interfacefor radio-frequency identification (RFID) devices op-erating as an active RF Tag in the 433 MHz bandused in item management applications. Its purposeis to provide a common technical specification forRFID devices that may be used by ISO committeesdeveloping RFID application standards. This stan-dard is intended to allow for compatibility and toencourage inter-operability of products for thegrowing RFID market in the international market-place. ISO/IEC 18000-7:2004 defines the forwardand return link parameters for technical attributesincluding, but not limited to, operating frequency,operating channel accuracy, occupied channelbandwidth, maximum power, spurious emissions,modulation, duty cycle, data coding, bit rate, bitrate accuracy, bit transmission order, and where ap-propriate operating channels, frequency hop rate,hop sequence, spreading sequence, and chip rate.ISO/IEC 18000-7:2004 further defines the commu-nications protocol used in the air interface.
3.3. ISO/IEC 1444324
ISO 14443 defines a proximity card used foridentification that usually uses the standard creditcard form factor defined by ISO 7810 ID-1. Otherform factors also are possible. The RFID readeruses an embedded microcontroller (including itsown microprocessor and several types of memory)and a magnetic loop antenna that operates at13.56 MHz.
The standard consists of four parts and de-scribes two types of cards: type A and type B. Themain differences between these types concernmodulation methods, coding schemes (part 2) andprotocol initialization procedures (part 3). Bothtype A and type B cards use the same high-levelprotocol (so called T=CL) described in part 4. TheT=CL protocol specifies data block exchange andrelated mechanisms. The diffused MIFARE cardscomply with ISO14443 part 1, 2 and 3 type A.
Part 1: Physical characteristics
Part 2: Radio frequency power and signal in-terfaceAmd 1:2005 Bit rates of fc/64, fc/32and fc/16
Part 3: Initialization and anti-collisionAmd 1:2005 — Bit rates of fc/64, fc/32and fc/16 Amd 3:2006 Handling of reservedfields and values
Part 4: Transmission protocolAmd 1:2006 Handling of reservedfields and values
3.4. European TelecommunicationsStandardization Institute – ETSI
In the following details are given for the mostrelevant ETSI standards with relationship to RFID.Among them, EN 302 208 has been approved in2005 and is relevant to EPCglobal Class 1 Gen 2specifications.
3.4.1. EN 300 330
EN 300 330: Radio Equipment and Systems -Short range devices, Technical characteristics andtest methods for radio equipment to be used in the9 kHz to 25 MHz and inductive loop systems inthe frequency range 9 kHz to 30 MHz.
This standard defines the characteristics ofRFID systems operating at LF and HF.
Part 1: Technical characteristics and testmethods25
Part 2: Harmonized EN under article 3.2 ofthe R&TTE Directive26
3.4.2. EN 300 220
EN 300 220: Electromagnetic compatibilityand Radio spectrum Matters (ERM); Short RangeDevices (SRD); Radio equipment to be used in the
3. R
FID
sta
ndar
ds
50
Tech
nica
l Rep
ort S
erie
s
23 http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=37978 24 http://www.iso.org/iso/en/CatalogueDetailPage.CatalogueDetail?CSNUMBER=28728 25 http://webapp.etsi.org/action/V/V20060324/en_30033001v010501v.pdf 26 http://webapp.etsi.org/action/V/V20060324/en_30033002v010301v.pdf
25 MHz to 1000 MHz frequency range withpower levels ranging up to 500 mW;
The standard is relevant to UHF (433 MHzand 860-960 MHz) RFID. Nevertheless the powerlimitation to 500mW allows only for a limited readrange (<1m).
Part 1: Technical characteristics and testmethods27
Part 2: Harmonized EN covering essential re-quirements under article 3.2 of theR&TTE Directive28
3.4.3. EN 302 208
EN 302 208: Electromagnetic compatibilityand Radio spectrum Matters (ERM); Radio Fre-quency Identification Equipment operating in theband 865 MHz to 868 MHz with power levels upto 2 W;
The standard is relevant to UHF 860-960MHz RFID. These UHF channel allocations forETSI countries allow 2W (ERP) operation. The stan-dard will permit operation in Europe of productbuilt in compliance with ISO 18000-6. EN 302208 provides for the operation of RFID at UHF fre-quencies. It should be noted that this has not yetbeen endorsed by all EU countries.
Part 1: Technical requirements and methodsof measurement29
Part 2: Harmonized EN under article 3.2 ofthe R&TTE Directive30
3.4.4. EN 300 440
EN 300 440: Electromagnetic compatibilityand Radio spectrum Matters (ERM); Short rangedevices; Radio equipment to be used in the 1 GHzto 40 GHz frequency range;
Part 1: Technical characteristics and testmethods31
Part 2: Harmonized EN under article 3.2 ofthe R&TTE Directive32
3.4.5. EN 300 32833
EN 300 328: Electromagnetic compatibilityand Radio spectrum Matters (ERM); Widebandtransmission systems; Data transmission equip-ment operating in the 2,4 GHz ISM band andusing wide band modulation techniques; Harmo-nized EN covering essential requirements underarticle 3.2 of the R&TTE Directive
The standard is relevant to microwave (2.45GHz) RFID.
3.4.6. EN 300 67434
EN 300 674: Electromagnetic compatibilityand Radio spectrum Matters (ERM); Road Trans-port and Traffic Telematics (RTTT); Dedicated ShortRange Communication (DSRC) transmissionequipment (500 kbit/s / 250 kbit/s) operating in the5.8 GHz Industrial, Scientific and Medical (ISM)band;
Dedicated Short Range Communication(DSRC) at 5.8 GHz - ElectroMagnetic Compatibil-ity and Radio Spectrum Matters (ERM); Road Trans-port and Traffic Telematics (RTTT); Technicalcharacteristics and test methods for DSRC trans-mission equipment (500 kbit/s /250 kbit/s) operat-ing in the 5.8 GHz Industrial, Scientific andMedical (ISM) band.
Part 2: Harmonized EN under article 3.2 ofthe R&TTE Directive
Sub-part 2: Requirements for the On-BoardUnits (OBU)
RFI
D te
chno
logi
es
51
Tech
nica
l Rep
ort S
erie
s
27 http://webapp.etsi.org/action/PE/PE20050805/en_30022001v020101c.pdf 28 http://webapp.etsi.org/action/V/V20060324/en_30022002v020101v.pdf 29 http://webapp.etsi.org/action/OP/OP20060714/en_30220801v010102o.pdf 30 http://webapp.etsi.org/action%5CV/V20040903/en_30220802v010101v.pdf 31 http://webapp.etsi.org/action/V/V20010907/en_30044001v010301v.pdf 32 http://webapp.etsi.org/action/V/V20010907/en_30044002v010101v.pdf 33 http://webapp.etsi.org/action/OP/OP20060922/en_300328v010701o.pdf 34 http://webapp.etsi.org/action/PU/20040810/en_3006740202v010101p.pdf
3.5. Conformance testing
EPCglobal has given to a company namedMET35 the mandate to organize the so called EPC-global inc. Hardware and Performance TestingPrograms. Only this centralized lab is allowed tocertify the compliance to EPCglobal standards.This applies only to manufacturers that want theirequipment to be marked as EPCglobal compliant.
Would manufacturers want to sell their equip-ment in Europe, they should be as well certified byETSI accredited labs. But this should be also com-pleted by compliance to other directives as thoseconcerning Electro Magnetic Compatibility (EMC).
As far as the testing equipment, it probablycould be said that there is no special need: proba-bly any telecommunication conformance testinglab should be already skilled enough to certify thecompliance of some RFID equipments to the ETSIstandards and to the different national and Euro-pean directives.
It should be noted that conformance testingof RFID equipment is mainly relevant for the ex-tended supply chain, namely the one where thesame tag is companion to a product from its man-ufacturer premises down to the consumer home.In the case of the so-called “closed loop” supplychain, where the tags are applied on the contain-ers which are used to move goods inside the com-pany and never exit, then compliance is much lessrelevant: all that is needed is that the tag can beread by the readers and in these cases this is en-sured by using technology of a single manufac-turer.
3.6. Interoperability issues
Standards are generally critical where there isthe need to ensure interoperability among systemsdeveloped by different manufacturers and, in moregeneral terms, where the development of a prod-uct market requires fostering. For RFID a numberof application examples is hereafter reported, dis-cussing interoperability issues.
Integrated Logistics – Standards are clearlyneeded as tagged items can be shipped worldwide
and tags applied in EU should be readable in Asiaand the US, and vice versa. Poor standardizationmight cancel any benefit of the technology.
Asset Management – This means that assets(i.e. valuable equipment as well as containers ofspare parts) within a company are tagged e.g. fora better production process control. In this case,while standards are useful in order to develop aproduct market, they are not essential: as the tech-nology operates inside each company, a singlevendor solution can fit the requirements and allowfor the development of innovative solutions.
People and animal identification – While pro-prietary solutions might be acceptable in a firstphase, in the long term standard approaches willbe mandatory in order to exploit the technology.An RFID identity card should eventually be glob-ally readable by means of devices complying witha global standard. The same criteria apply to ani-mal identification in order to allow for the trackingacross borders.
E-payment – This case is similar to the previ-ous one also in terms of the technology. The bank-ing sector might have enough power to developtheir own solutions and impose them to manufac-turers.
Toll payment – Highway toll payment shouldalso be standardized to support “roaming” likeservices across different operators and/or coun-tries.
Access Management – This refers to solutionsdeployed inside a company or an organization inmore general terms. Each employee holds a per-sonal RFID badge that (included in an access con-trol system using identifiers such as biometrics)allows the entrance in protected areas. Though thisapplication does not require a global standard,RFID standards for people identification are de-sired.
Car keys – Each car manufacturer might in-stall proprietary solutions as each key should justwork with the reader installed inside the car. Man-ufacturers’ de-facto standards are emerging.
3. R
FID
sta
ndar
ds
52
Tech
nica
l Rep
ort S
erie
s
35 http://www.metlabs.com/pages/RFID.html
4. RFID technologies: RFID system features
RFI
D te
chno
logi
es
53
Tech
nica
l Rep
ort S
erie
sFigure 4-1: Positioning of RFID-system
In Section 4.1 we scope RFID to some basiccomponents and define two distinguishing usagescenarios which we will use throughout the rest ofthis deliverable.
Section 4.2 focuses on the key technologiesfor future RFID implementation. Based on the clas-sification of technologies around RFID we presenthere a schematic overview of technologies andtheir capabilities in relation to RFID.
In Section 4.3 a view is presented on the RFIDtag lifecycle process and the states in the lifecycle.Finally, a future development of the technology ispresented.
In Section 4.4 a typology on RFID usage ispresented. Based on a three layered viewpointmodel and a usage domain model, the RFID usagetypology is described. In this chapter differentusage domains are positioned against RFID relatedaspects.
4.1. The RFID-systems perspective
The main capability RFID offers is to linkevents from the real world, actual movement ofobjects, to business control software. In otherwords RFID helps to virtualise some of the real
world around us. This Section presents a visionhow to use RFID in the most optimal manner.
4.1.1. RFID definition and positioning
In order to be able to position RFID in rela-tion with other technologies, to place it in a con-text, we use the view presented in Figure 4-1. Thisview contains readers as well as tags. It shows thatRFID provides functionality to exchange RFID data(RFID Comm) and to store application data on thetag. However, the application data itself is not partof the RFID definition, but can be used e.g. by asensor application.
The figure shows RFID technology, consistingof readers and tags. When it is complemented withstorage and/or sensors a more advanced (sensor)tag can be constructed.
In order to interpret information on tags, thereader must be connected to some informationprocessing system. This connection can be madevia different wired or wireless network technolo-gies (Network & Data Comm).
The figure shows also that there are othertechnologies which are based upon (part of) RFIDand extend them. Near Field Communication(NFC) and Mifare are such technologies.
TechnicalIm
plementation
4.1.2. Two views on using RFID
Two perspectives (or abstract usage domains)can be discerned when looking at how RFID canbe used in present and future environments:
• RFID for business process automationIn this perspective RFID is used to auto-mate a single business process. This can bea very large business process, but the focusis on the internals of this business processand how to automate them.
• RFID for business domain computerizationIn this perspective RFID is used in an en-tire business domain. Therefore we speakabout computerization; entire processeswill change due to the use of RFID withinthe domain.
The main capability RFID offers is to linkevents from the real world, for instance the actualmovement of objects, with business control soft-ware. The next paragraph discusses this in moredetail.
4.1.3. Aspects for object virtualization
In order to virtualize an object into the com-puter three aspects are important:
• IdentificationAn object in the real world must be identi-fiable in order to uniquely collect informa-tion about that object and, if desirable,change it.
• LocationEach identifiable object in the real worldhas, at a specific point in time, a specificlocation.
• StateThe state of an object is the determinationof specific characteristics of that object,other then its identity and its location, e.g.its colour, temperature, etc. Movement andspeed of the object is also dimension ofstate.
RFID is not the only technology which can beused to collect these aspects. A number of othertechnologies are available that offer similar func-
tionality. Notwithstanding the differentiation intechnology, the features of virtualisation (identifi-cation, location and state) will remain the same.Certain technologies are specifically designed forone of these aspects, e.g. a temperature sensor tocollect the temperature state of an object. Othersoffer information about two or all three aspects.
RFID is designed for identification, but offersalso limited location information. After all, at themoment the RFID tag is scanned by the RFIDreader, the location of the tag is also known.Therefore also the location of the object the tag isattached to is known
RFID can also be used to collect state infor-mation. Some tags have memory which can beused freely, for instance to store specific contextinformation about the object.
This all turns RFID into a promising technol-ogy for implementation in a (sensor based) net-work.
4.2. RFID system perspective
This section presents an overview of the rela-tionship of RFID with network technologies. To en-able a fruitful comparison, we will introduce atypology to indicate the relation between RFIDand network technologies: they enable each other,they enhance each other, or they are concurrentto each other.
4.2.1. Classification of technologiesaround RFID
We identify three classes to order the relationbetween RFID and network technologies:
• Enabling technology
• Enhancing technology
• Concurrent technology
In Figure 4-2 these classes are mapped ontothe RFID positioning figure from section 4.1 andwill be used to characterize the different technolo-gies.
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
54
Tech
nica
l Rep
ort S
erie
s
Figure 4-2: Classification of technologies around RFID
RFI
D te
chno
logi
es
55
Tech
nica
l Rep
ort S
erie
s
On top of the RFID model introduced in theprevious section, the three classes are drawn, eachpinpointing to distinct aspects of RFID: the en-abling class on top of the network, the enhancingclass on top of the RFID extensions and the con-current class on top of the basic RFID functional-ity. Each of these classes represents a different wayto compare RFID with other technologies.
We do not imply that network technologiesare uniquely positioned towards one of the identi-fied aspects of RFID. A technology such as Zigbeecan be placed in more than one class. Zigbee canbe seen as a LAN technology, connecting RFIDreaders in a larger network. But Zigbee is also partof the concurrent class because it can competewith active RFID in offering a solution for identifi-cation and location.
4.2.2. Enabling technologies
The enabling technology class is about com-munication technologies which enable the use ofRFID and increase the application area of RFID.As shown in Figure 4-1, this class is about con-necting the RFID readers with the back-end ofRFID systems. Without a network only local RFIDsolutions are possible, for instance a standalonePC or PDA with a RFID reader. Due to enablingtechnologies it is possible to distribute RFID read-ers around a larger area.
Examples of often used communication tech-nologies to connect RFID readers onto a networkare listed below. Note this paragraph is about the
enabling technologies. They make a remote andor mobile RFID reader possible.
• Local Area Networks (LAN)
LAN networks can be used to distribute theRFID readers over a remote location withina building or premises. Some of them arewireless, others are wired. Note that in eachcase the RFID reader must be equippedwith the appropriate interface, or an adapterdevice must be added. Note that most RFIDreaders on the market today still have onlya serial (RS232/RS485) interface.
- Ethernet / UTP (IEEE 802.3)A cable technology very widely used toconnect computers to a network, Internetor intranet. The network topology arestars (connecting local computers), con-nected to each other possibly forming avery large network. Speeds between 10 Mbits/s and 1 Gbits/sare common, the current standard is 100MBits.s.
- UWB (IEEE 802.15)UWB stands for Ultra Wide Band, a wire-less technology still in development.UWB does not have its own single fre-quency; it uses existing frequencies ofother technologies. By using very lowtransmission power it stays within thebackground noise of the other technolo-gies, so there is no interference. Depend-
TechnicalIm
plementation
ing on the range, with UWB speeds rang-ing between 1Mpbs (100m) and400Mbps (4m) this technology is ex-pected to hit the mass market by 2008.
- Wifi / WLAN (IEEE 802.11)A wireless network technology, oftenused as a wireless version of Ethernet. Speeds between 11Mbits/s and 54Mbits/sare commonly used.
- ZigBee (IEEE 802.15.4)This network is especially designed forlow power, mesh networks. Therefore itis very suitable to connect sensors andRFID readers. It will last a long period oftime with one battery, typically 3 years. Itcan easily adapt to changes in networktopologies if sensors are moved around,added or removed.ZigBee can only transfer limited amountsof data, several 100kbits/s within the en-tire ZigBee network, so individual ele-ments can only transmit a portion of thatper time-period.In general such mesh networks are calledWireless Sensor Networks (WSN). Thesenetworks are self organizing, enabling adynamic multi hop infrastructure. Thismeans that the network topology cancontinuously change while the networkkeeps its functionality and each node cancommunicate with all the other nodes.Topology changes can occur due to fail-ure of one of the nodes or because thenodes are mobile and move, constantlychanging the wireless nodes in reach.
• Wide Area Networks (WAN)
WAN networks are used when the RFIDreaders must be distributed over a muchlarger area compared to LAN technologiesor when a user does not have access to thelocal LAN networks.
- GPRSGPRS stands for General Packet RadioServer. It is an addition on GSM (GlobalSystem for Mobile Communications), anetwork which many countries use fortheir mobile phone infrastructure. De-pending on the used local network oper-ator, mobile phone coverage over theentire country is not exceptional.
GSM/GPRS can operate in three differentfrequencies: 900 Mhz, 1800 Mhz and1900 Mhz. GPRS can reach speeds up to52 kBits/s
- UMTSThe Universal Mobile Telecommunica-tions System is introduced as the succes-sor of GSM/GPRS. Therefore it is called athird generation (3G) mobile communi-cation technology. Speeds of 384Kbits/sare possible and in theory even 2Mbits/s.At this moment it starts to become avail-able, but is still expensive to use.
- WiMAXThe Worldwide interoperability for Mi-crowave Access is an emerging standardwhich will come to the market in the nextcouple of years. First field trials are al-ready taking place. In theory ranges up to50km are possible and speeds up to80Mbit/s at short distances. WiMAX isseen as an alternative for GSM andUMTS, but also for ADSL or cable con-nections. At this moment it is too early topredict the future of WiMAX.
• Personal Area Networks (PAN)
PAN networks are used when the RFIDreader are located at very close distance (upto a few meters) to the person operatingthem. In most cases the RFID reader will bemobile and connected to or integrated witha PDA or mobile phone.
- BluetoothHas been developed for replacing thelocal wires around a computer, somepeople call it therefore a wireless wire. Itis described in the IEEE 802.15.1 stan-dard. Speeds are between 1 and10Mbits/s and it has a range of 1-100 me-ters depending on the class.Bluetooth starts to become standard inmost laptops and mobile phones, en-abling easy wireless access to a numberof devices. A drawback of Bluetooth isthat it needs relatively much power, sobattery based devices like mobile phoneshave to be recharged more often.
Pencil-like RFID readers with a Bluetooth in-terface to a mobile phone or PDA start to becomeavailable.
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
56
Tech
nica
l Rep
ort S
erie
s
4.2.3. Enhancing technologies
The enhancing technology class is about tech-nologies which extend the usage of RFID, they en-hance RFID. By adding extra functionality uponthe basic RFID capabilities on the tag, new appli-cations become possible. Some of these additionsfit perfectly in the passive RFID tag model, they donot need a power source of their own. Others needan additional battery on the tag. They also want toperform tasks when the tag is not within the fieldof a reader, therefore a more predictable energysource is needed like a battery. Note that some ex-tensions are made just on the tag (memory), otherextensions need changes both on the tag and inthe reader (security) while some extensions takeplace outside the direct scope of RFID (serviceplatform).
In the next three subsections different enhanc-ing technologies will be discussed. We will lookat powerless extensions, battery based extensionsand devices that combine the reader and tag func-tionality.
Powerless extensions
The two most important powerless extensionsof a RFID tag are adding:
• Memory
• Security
Additional memory is a very common exten-sion; most RFID tags are capable of storing addi-tional data. This is a necessity if a specific ID mustbe stored on the tag, next to the factory UID (Uni-versal IDentifier). The factory UID is determinedduring the production process of the tag and eachtag has memory to store the UID.
Other use of additional memory is storing in-formation about the object it is related to. For in-stance colour, size or maintenance track record ofthe object, etc. Also biometrical data can be storedin the memory of the tag, for instance in your pass-port. Biometrical devices can scan your fingerprintor eye and compare it with the data on the pass-port to check if you are who you say you are. Atthis moment there are no tags which allow chang-ing the program of the tag itself to change its be-haviour. Only configuration parameters whichcontrol the behaviour of the tag can be stored inmemory. Think about starting or stopping a sensor
log, etc. In most cases the additional memory on atag is used to store just static data which can beupdated from time to time.
RFID in itself is not a very secure technology.Tags can easily be read using a reader and thewireless communication can be monitored by oth-ers. For situations where more security is needed,for instance access control to buildings, special se-curity extensions are developed. They make it pos-sible to communicate, in a secure manner, secretsbetween the tag and the reader. The two most im-portant standards which make this possible are thesmartcard standards of Philips: Mifare and Sony:Felica. Most commonly they are used in companycards to unlock doors, logon to computers, etc.
Battery-based extensions
A battery is needed to make additional func-tionality of the RFID tag possible. Therefore, amajor factor in extending RFID is the developmentof small, powerful, flexible batteries. By combininga RFID tag and such a battery, a device is createdwith the form factor of a credit card. The batteryoffers a constant power supply on the tag, even ifthe tag is not within the field generated by thereader.
To save energy most tags are active only dur-ing very short periods of time. The active periodsare controlled by timers, e.g. tag is activated totake a measurement once a minute. For this type oftags lifetime of 3-7 years is possible.
There are three main purposes to add a bat-tery to a RFID tag:
• To add functionality on the RFID tag, inmost cases sensors.
• To boost the communication range betweenthe tag and the reader.
• When the tag has a boosted communica-tion range, it becomes possible to let theRFID tag initiate an event by itself, insteadof waiting until it gets interrogated by areader.
Additional functionality
Adding a battery to an RFID tag opens awhole new range of possibilities: adding sensorsto the tag, measuring an external aspect in the realworld. For instance, temperature, humidity, a toxic
RFI
D te
chno
logi
es
57
Tech
nica
l Rep
ort S
erie
s
substance, movement, etc. Measurement informa-tion can be stored on the tags’ memory and can beread via a RFID reader. Measurements can betaken at certain intervals, for instance everyminute. But also event based measurement is pos-sible, when the temperature raises above a certainthreshold for instance, the timestamp of that eventis logged.
Using this mechanism, it becomes possible topinpoint to specific events, for instance the mo-ment an object was undesirably defrosted. Imaginethe situation when deep frozen fish food wasmoved from a cooling container into a coolingtruck and was left for 2 hours in the sun. After-wards it was frozen in again within the truck.Using temperature logging tags these fluctuationsin temperature can be traced and reported back toresponsible parties.
Communication range boost
RFID tags which use a battery to boost itscommunication range, are called “active RFID”tags. They use a different frequency than passiveRFID, but they work in the same way as passiveRFID tags. Most active RFID systems can cover anarea within range of maximum 200m in an idealsituation. In reality physical obstacles such aswalls, metal (cars), water, etc have a significant in-fluence.
Because an active RFID tag transmits a signalof its own, special signal strength algorithms canbe used to determine more precisely the locationof the object. In contrast, passive RFID-systems,which have typically a read range of about be-tween 0.1 and 0.5m, can give an accurate (0.1 -0.5m tolerance) location of the tag if it is in thefield of the reader. At the moment the tag has leftthe reader field, the location becomes unknown.
Tag event initiation
Active RFID tags have the opportunity to ini-tiate an event by themselves. Because the commu-nication range is in most cases large enough tocover the entire desired area, tags have the oppor-tunity to communicate data to readers at all times.
In combination with a sensor this provides a pow-erful tag. For instance, by putting a movement sen-sor on an active RFID tag, a surveillance monitorsystem for a museum can be build. Putting an ac-tive movement tag on the back of each painting,these paintings can be monitored at all times.When a painting is removed from its place, thisevent can directly be reported to the surveillancesystem. The very moment someone, thief or per-sonnel, is moving the painting, the sensor on thetag will trigger an event and the tag will emit a sig-nal. If the painting is scheduled to move, the alertwill be notified but nothing will happen. But if thepainting is not scheduled to move, the alert mayalarm security officers. In fully automated (i.e. vir-tualized) systems, it will become possible to inte-grate the various planning and alert systems,leading to fully automated alarms when somethingis occurring which has not been foreseen by theintegrated system. But even with less sophisticatedsystems, the thief can be tracked by the paintings-tag within the museum using the location algo-rithms of the active RFID solution.
Combination of reader and tag in one device
Besides adding power and functionality, thereis a third method of enhancing RFID: combiningthe tag and reader into one device. This offers two-way communication between both devices, eachdevice can act as either a tag or a reader. Espe-cially for mobile equipment, e.g. a PDA or mobilephone, this can be a useful feature. Sometimes thePDA acts like a tag, communicating with existingreaders. On other moments the PDA can readRFID tags itself.
The only technology at this moment which isusing this approach is NFC: Near Field Communi-cation. NFC started as cooperation betweenPhilips and Sony in 2002, Nokia joined soon af-terwards. NFC is designed, as the name already in-dicates, for very short range (10 cm) wirelesscommunication. Its purpose is to securely trans-port small amounts of data mainly for configura-tion purposes or initiating actions and/orcommunication. It uses the 13.56 MHz RFID fre-quency and has a data exchange rate of up to 424kbit/s.
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
58
Tech
nica
l Rep
ort S
erie
s
Figure 4-3: NFC architecture
RFI
D te
chno
logi
es
59
Tech
nica
l Rep
ort S
erie
s
36 Two-way communication is defined as a mode where both communication partners are able to initiate communication. However, in asession it is possible that one or both partners are sending information; the first one with requesting data, the second optionally with re-sponse information.
NFC is a smart combination of existing andnew technologies. For secure communication it re-lies on Mifare / FeliCa. Both technologies are com-patible with each other and are using widelyaccepted standards for secure RFID. Payment pos-sibilities are added using existing SmartCard tech-nology. Besides combining all these existingtechnologies, the only really new feature of NFC istwo-way communication.36 This makes it possibleto exchange information between two NFC de-vices in an efficient manner. The focus of NFC ison small amounts of data and not on streamingdata flows. It can however be perfectly used to setup a streaming data flow, automatically configur-ing all the aspects needed to make the stream flow.In case of configuring a WiFi connection, thinkabout the IP address and mask the IP address of theDNS server, WEP key, etc.
The main application areas for NFC:
• Configure the device to use securely anexisting communication network such asWiFi or Bluetooth. Setting up the neces-sary keys, IP addresses, etc. can be quite
complex. With NFC you only have to holdthe two devices close to each other andthe necessary configuration informationcan be exchanged in a secure manner.
• Configure consumer appliances to interactwith each other. For instance holding yourmobile phone next to the audio systemwill automatically configure the mobilephone and the audio system to startstreaming your favourite mp3s.
• Configure the train ticket you need. Just byholding your NFC enabled phone / PDAtowards a map of the railway stations, theexact e-ticket from the current station to-wards the desired station can be transmit-ted to your device.
• The SmartCard technology within NFCcan assist in the payments for goods ortickets, using a standard way to specifyhow much money between which partiesmust be transferred. A special serviceprovider, a bank for instance, will performthe actual money transfer.
The future of NFC is still uncertain. At thismoment a number of field trials are happening allover the world. There are still a very limited num-ber of mobile phones equipped with NFC, letalone WiFi base stations, TVs, camera’s etc. Thetechnology is promising in its capabilities. Makingit all work depends not only on technology butalso on standards, interoperability, and serviceproviders.
RFID middleware
Enhancing technologies not only apply to theRFID tag and/or reader themselves, but also to theinformation systems which process the RFID events.Using RFID events within existing applications,such as Enterprise Resource Planning (ERP) or Cus-tomer Relationship Management (CRM), poses theneed of some form of adaptation. This functionalityis performed by the so called RFID middleware.This middleware has four major tasks:
1. Be able to connect RFID readers from dif-ferent manufacturers. Unfortunately thereis still not a single standard to connect aRFID reader. So adapters for each manufac-turer are still necessary.
2. Filter the RFID event stream. When hold-ing a RFID tag within the field of a RFIDreader produces a flow of events telling thatthe tag is still in the field. In most cases onlythe entrance of the tag is important. There-fore all the “double reads” of the RFID tagmust be filtered out.
3. The RFID tag contains in most cases only a(U)ID, an unique number. The existing ap-plications do know nothing about thesenumbers, so they must first be convertedinto known references of the object the tagis attached to. For instance in the case of achair, the serial number.
4. At this stage the object is identified in aknow manner and the event is ready to besend to the existing application. Unfortu-nately each application had its own inter-face demands. So again an adaptation layeris necessary to be able to interface with theapplication and deliver the RFID event.
In single application domains it is relativelysimple to discover object information based on the
UID. However, in more distributed application do-mains a central operating registry is responsible forthe search and discovery of object information. Inthe EPCglobal architecture the ONS (Object NameServer) is responsible for this functionality.
RFID middleware is a complex subject whichis in full development at this moment. This is out-side the scope of the deliverable.
4.2.4. Concurrent technologies
The concurrent technology class is about net-work technologies which offer (part of) the samefunctionality as RFID does, they are concurrent to-wards RFID. As introduced in section 4.1.3 , wehave described RFID based on three aspects:
• Identification• Location• State
The following three paragraphs describetoday’s most important technologies which canalso be used to implement that specific aspect.This tends not to be a complete list.
Identification
For identification purposes the most obviousalternative of RFID is the barcode. A barcode is avisual image containing black and white bars in acertain pattern. Using an optic device like a cam-era or laser reader, the barcode can be read andthe code deciphered. The advantage of barcode isthat it is extremely cheap. The disadvantages areits vulnerability to physical damage, the need for aline of sight between the barcode and the readerand the lack of dynamic content (memory, sensor,etc) (See also section 1.2.4).
Another possibility for identification of anobject is the use of an existing wireless commu-nication infrastructure, for instance WiFi. EachWiFi enabled device has a wireless interfacewith its own identification within the WiFi net-work, its MAC (medium access layer) address.Each base station within the WiFi network knowswhich MAC addresses are available within itsfield, and therefore which WiFi devices are pres-ent. By linking a WiFi device one-to-one to anobject, identification of that object becomes pos-sible.
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
60
Tech
nica
l Rep
ort S
erie
s
Especially in situations which already have aWiFi network this can be a useful and cheaper so-lution than installing RFID readers and tagging allthe objects. Note that when operability is neededbetween different sites, technically meaning differ-ent WiFi networks, things get complicated becauseall the WiFi devices must be known on all loca-tions, without necessarily giving them access tothe entire (company) network.
UWB can be used in a similar manner foridentification and location. Special UWB tagswhich continually transmit a unique ID are de-tected by location detectors. Time, place and op-tionally direction are being measured, resulting inan absolute location within the UWB networkarea.
A new emerging technology which has prom-ising aspects to be used for identification and loca-tion is Zigbee. For more information andapplications of Zigbee see section 4.2.2.
A special note on identification: there is a riskin using technology related identification, e.g. thefactory UID in a RFID tag, to identify an object. Incase of loss of a tag or unrepairable damage, it isproblematic to acquire a new tag with the sameUID. So although the object is still the same, it getsa new identification. Using an identificationscheme which is separated from the technologyavoids this problem. For instance using tags withmemory to store their own ID.
Location
Passive RFID does only offer a discrete solu-tion to determine the location of objects. Onlywhen the tag is within the field of the RFID readerit can be located, in fact it can be related to the lo-cation of the reader itself. In the same manner bar-codes could be used for location purposes too.
With active RFID the location of a tag can bedetermined in a much larger area with respect topassive RFID and for some types of active tags dis-tances up to 100m are possible. When using trian-gulation methods between the measurements ofseveral active RFID readers, a more precise accu-racy is possible. Using such methods can bring lo-
cation accuracy close to the 0.5m, thus similar topassive RFID.
In a similar manner WiFi can be used for lo-cation purposes. Existing equipment, such asPDA’s or laptop, can be pinpointed to a certainWiFi-base station. This provides a rough but verycheap location mechanism. It just uses the existingWiFi network which is already in use. A small soft-ware extension can provide the location informa-tion.
As explained in the previous section on loca-tion, UWB can also be used for location purposes.
When even the range of active RFID becomestoo small, other options remain: using networkswith a global coverage (GPRS) or GPS. GPS usessatellites to determine the location of the GPS de-vice. On other cases computer vision can be usedto identify and locate. Perhaps even ultrasound orinfrared sensors can be used, although the range isnot necessarily larger then active RFID.
RFID can be used for location based services.Using passive RFID objects or people can be lo-cated on a specific location at a certain point oftime. These locations can be anywhere in theworld, but are only snapshots in time. Using ac-tive RFID provides a lot more real time locationcapabilities, but only in a local area. For advancedlocation based service several technologies,among which RFID, can be combined generatinga more accurate view of the location of the object/ person.
State
Adding state information is no different toRFID than to any other technology discussed inthis deliverable, in both cases sensors are an addi-tion. Sensor technology is a special field which isoutside the scope of this deliverable.
Relation with RFID
In Table 4-1 a comparison is made betweenthe different RFID tags available on the markettoday and the three aspects discussed in this para-graph: identification, location and state.
RFI
D te
chno
logi
es
61
Tech
nica
l Rep
ort S
erie
s
Table 4-1: RFID tag types versus identification, location and state
Identification Location State
LF ++ + n/a 37
HF ++ + +
HF active ++ ++ ++
UHF ++ + n/a
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
62
Tech
nica
l Rep
ort S
erie
s
37 The authors do not know of any LF or UHF tags with state capabilities at this moment
From this table it can be concluded that allRFID tags are useful for identification purposes.Location is mostly dependent on the range, there-fore active RFID is best, then UHF and with LF andHF it is still possible but only for local positioning.State information together with RFID is at this mo-ment only possible in the HF range. There is notechnical reason for this, but they are the only oneson the market today. Most of them need additionalpower, therefore HF active has a ‘++’ indication.
4.3. RFID lifecycle description
In this section the different states in the life-cycle of a RFID tag are described. There are fourmajor states: fabrication, pre-deployment, deploy-ment and removal. Each of these states is de-scribed in more detail in the next subsections.Figure 4-4 presents the four major states in the life-cycle of a tag and their relations.
Figure 4-4: RFID lifecycle
4.3.1. Fabrication
The first step in the life of a RFID tag is its fab-rication. Depending on the market growth RFIDwill be produced in massive entities, lowering theprice per tag. At this moment the price of passiveRFID tags is about $0.25, and is still being re-duced. One expects the price to decrease to a fewcents per tag within the next ten years. During fab-rication each tag gets its own unique identifica-tion, the factory UID. If the customer wants its ownID in the tag, it must be programmed during thepre-deployment phase.
4.3.2. Pre-deployment
After the tag has been fabricated it must bemade ready to be deployed in an operational en-vironment, it must be pre-deployed. In this phasethe tag must be physically and functionally con-nected to the object.
Physically connecting the object can be doneby simply gluing it onto the object, but also morereliable and durable solutions are available. A lotof development is going on into smart packaging.Plastic containers are developed with an RFID tag
encapsulated within the walls of the container.This poses high demands on the heat enduranceof the tags.
RFID tags can not be read by a human with-out special equipment. Often it is desirable thatthe object is still human identifiable. This makes itnot only necessary to attach the RFID tag to theobject, but also a human readable label sometimescombined with a barcode for backwards compat-ibility has to be attached to the object.
Making the link between the physical objectand the internal ID of the RFID tag requires an ac-curate and computerized mapping process. Oftenafter a (random) RFID tag is put onto the object,the object is scanned by a reader and the link be-tween the specific object and the ID of the tag ismade. Registering the object – tag relation is a verycostly process which must not be underestimated.
If one does not use the internal ID of the tagbut a specific ID such as the EPC code, the tagmust also be programmed. After attaching the tagto the object, the correct unique code can then beprogrammed into the tag identifying the object ina universal manner. Note that this step can be per-formed by the manufacturer of the tag, pre-deploy-ing the tags for its customers. In most cases this isonly possible when ordering very large quantitiesat once.
After these steps the tag is ready to be de-ployed.
4.3.3. Deployment
Now the object has an RFID tag onto it. Aninformation system registers which object haswhich ID. The object is ready for operationalusage. This is still far from a plug&play scenario. Itis still very difficult to set up a RFID environmentwith a read rate of more then 99%. In most casesit starts with read rates not higher than 80% whichshould increase by fine tuning the system. At alltimes it is wise to be prepared for these uncertain-ties and be able to deal with them in the RFID mid-dleware and applications. Also the deployment ofthe readers is not always easy; placing antennas,connecting them to the readers. Connecting thereaders to the middleware via the local IP network,serial interfaces, or other means takes a lot of ef-fort. In case of large deployments also the traffic
on the backbone generated by the readers can be-come an issue.
In some usage scenario’s tags are being reusedand attached to other objects. This requires thattags be physically and functionally removed fromthe object and moved back to the pre-deploymentstate. Especially when the internal ID of the tagwas used, removing the functional relation can bedifficult because the same ID must now be relatedto another object; requiring that all references inall information systems must be removed. This isnot an easy task because there is no track record ofall the places (RFID readers) the object has visitedduring its life time. Therefore re-using RFID tags isonly practical when the internal ID is not used butinstead a tag independent ID.
Another issue when re-using tags can occurwhen the use of the object changes, but still thesame RFID tag must be used. Thus the same ob-ject is used in two different value networks, bothusing the same RFID tag. A good example is a bot-tle of medicine with an RFID tag. In the first valuenetwork the bottle is tracked from the factory tothe pharmacist. The second value network startswhen the bottle is sold to a patient, based uponthe prescription of a general practitioner. The RFIDtag can then be used to hold the prescription ofhow the patient should use the medicine.
In most cases the RFID tag will be physicallyand/or logically removed from the object whenthere is no longer a purpose of tracking the object.For example once it is sold to the customer, thereis no need for the tag anymore. In these cases thetag moves to the removal state of its life cycle.
4.3.4. Removal of tags
The final stage of the life-cycle of each tag isits removal. Removal of tags can be induced bydifferent reasons:
• During manufacturing faults can be maderendering the tag useless.
• During pre-deployment and deploymentthe tag can be physically broken. Somephysical problems can occur which makethe tag useless. EPC Class 1 tags have the capability to de-stroy themselves, so as to enhance privacyprotection.
RFI
D te
chno
logi
es
63
Tech
nica
l Rep
ort S
erie
s
• After deployment the tag can be no longerneeded, it has reached the end of its life.
In all these cases the tag has ended its func-tional life time. This does not necessarily meanthat it has reached also its physical lifetime. Prob-ably in most cases the tag will not be removedfrom the object itself. In order to meet the cus-tomer’s requirements that a tag – having ended itsfunctional life-time – can no longer be used tomonitor or track a customer, tags are being devel-oped in such a way that they can be “shutdown”.This results in a broken tag which physically is stillpresent but will never react to a reader again. EPCClass 1 tags already have this capability.
4.4. Typology of RFID usages
Within this section we will present an appli-cation usage domain model which can be used tocharacterize RFID based application in terms of
configuration types and business usage domains
We will first position business aspects andtechnology to each other. Then, we will formalisethe usage typology on the basis of information- orprivacy sensitivity and their business usage do-mains. Specific RFID based applications as well asmore abstract application domain groups can bepositioned to demonstrate their demands on par-ticular technology.
At the end of the section we will illustrate theusage typology in three use cases selected fromdifferent business domains. The three use cases de-scribe possible scenarios in healthcare, personalidentification and food control.
4.4.1. Realization framework
Figure 4-5 below presents a 3-tier referencemodel which positions the business viewpoint as-pects and the technical implementation aspects inone model.
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
64
Tech
nica
l Rep
ort S
erie
s
Figure 4-5: 3-tier reference model
Within this framework the business viewpointaspects identify business roles, business objectsand business functions. The specification of theseitems and their mutual relationship forms the baseof a business system that needs to be implementedwith technology.
In the technology viewpoint we identify com-munication, information and processing technol-ogy like e.g. WiFi, Bluetooth, Mifare and databasesystems like SQL server. Also ERP implementationslike SAP are part of this viewpoint.
The layer in between forms the functional solu-tion component viewpoint, and can be consideredas a more abstract, implementation independentlayer which transforms the business specificationonto the specification of (generic) functional com-ponents with preferable standardized functionalityand interfaces. The primary objective for this layer isto create a solution independent specification whichenables an architecture where business adaptationand solution technology changes are invisible foreach other.
Let us illustrate the model with a medical lo-gistic value network example. A value network in-cludes three business roles responsible for thesupply, distribution and reception of medicines. Thesupplier role is played by the manufacturer of themedicine; the distribution role is performed by a lo-gistic partner while the hospital is the receiver of themedicines. These roles together form the medicinelogistic value network. The logistic partner in thisnetwork is special, because their business servicesare unique and based on organization specific logis-tic functions.
From the software solution component view-point the implementation of this business functionis realized with the help of a tracking and tracecomponent and real time tracing information. Aunique combination of different solution compo-nents and interfacing concepts makes this systemwork more efficiently than the competitors’ solution.
The technical realization viewpoint focuseson the technology, necessary to implement thecomponent view. Software applications like e.g.SAP ERP in combination with RFID based local-ization technologies can be used to realize the lo-gistic business function for the logistic partner.From the business point of view, the technical so-lution should provide two types of flexibility: thelogistic partner should be enabled to adapt currentimplementations of a logistic business functionwithout changing the technical solutions. On theother hand, new technologies have to be intro-duced without disturbing current business func-tions. These two aspects are important for up todate and reliable business system.
4.4.2. Usage typology model
In the model below (Figure 4-6) we use thevertical scale for information protection from less
focus on privacy/security up to a high demand forthe protection of information. We have identifiedhere two main groups: “physical object” and “per-sons and animals”. In fact everything can be con-sidered as a physical object; however, from theprivacy perspective it is useful to make a differencebetween these groups. Within the “physical ob-ject” group we distinguish between objects withno information storage, with temporal and withpermanent information storage or reference.
In the first category we identify objects andprimarily focus on the tracking and monitoring ofany object. No information related to object isstored.
In the second category, objects are identifiedfor which during a particular period of time infor-mation is stored or referenced. For example track-ing and tracing applications in the logistic domain,where information about packages is stored onlyuntil delivery of the package. The removal of infor-mation is based on the event that a package leavesa certain application domain while the object itselfis not necessarily removed.
In this second category, the information aboutan object is stored during the (relevant) lifecycleof the object. In this category information about anobject is stored for a longer period of time andthere will be a higher demand for information se-curity than in the first category.
In the “persons and animal” group we distin-guishes between fixed and “loosely coupled” iden-tification, optionally with or without informationstorage. Loosely coupled identification means thatthere is no physical fixation between the person oranimal and their identification. For example, cardbased identification methods are considered asloosely coupled while ID cards are not alwayslinked with the person or animal. In case wherepersons or animals have implants or physicallycoupled ID mechanism we consider them as“fixed tagging” systems.
The horizontal axis plots the business usagedomain. The business usage domain identifies fourcategories of business environments where applica-tions are used. The most left category identifies asingle organization located on one site. The maindrive of using an automated application is the effi-ciency of a current business process or process step.The second and third category focuses respectively
RFI
D te
chno
logi
es
65
Tech
nica
l Rep
ort S
erie
s
on a single organization with multiple sites andmultiple collaborative working organizations. Bothcategories have an increasing complexity in termsof dependencies with other applications and organ-izations. The last category identifies globally con-nected organizations which try to make thecollaboration efficient and easy. An important char-acteristic for all these domains is standardizationand the use of enabling technology.
In the first category the application is workingin a more or less standalone setup. In general themain focus is on the optimization of the businessprocess or process step while collaboration withother organizations is not a focus point. Low costand proprietary solutions are populating this cate-gory. In the fourth category we have the globallyconnected organizations. Globally working solu-
tions are in general based on standards; standardson technology, security, frequencies and informa-tion. Especially the information standards are im-portant to guarantee the exchange of all type ofinformation. Besides standards on information syn-tax we recognize semantic as well as classificationstandards.
Finally, we recognize in this partition a sec-ond important characteristic: the increasing de-mand for enabling technologies to build globallyconnected networks to support globally collabo-rated organizations. In paragraph 4.2.2 we haveidentified the enabling technologies which in-crease the applicability of RFID. It is clear that ina globally connected business usage domain thereis a higher demand for this type of technologies.
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
66
Tech
nica
l Rep
ort S
erie
s
Figure 4-6: Application usage model
RFI
D te
chno
logi
es
67
Tech
nica
l Rep
ort S
erie
s
In the following section 4.5, appropriate ex-amples of business scenarios making use of theusage model presented above, will be elaborated.Based on (IDTechEx, 2005b) we have identifiedmain usage application domains based on forecastfor volume and/or society impact. The modelshows that current RFID based applications aremostly positioned in the lower part of the model;applications handling physical objects within asingle- and multi-organization business environ-ment. In the introduction of this document wehave identified these applications as businessprocess automated applications. Generally, theseapplications are using low cost tags and focus onimproving efficiency in an organization or an ex-isting value network.
Future applications are foreseen to be posi-tioned in the upper part of the model. This means,applications making use of increasing and moresensitive information about persons and animalswhich require increased security and safety func-tionality. At the same time the business usage do-main shifts more and more to organizations invalue networks and globally connected organiza-tions. A special category of application domainsare the sensor network based applications. Thistype of application is based on the existence of agenerally useable sensor network. This network isprincipally not biased to a particular applicationdomain, and will serve different type of domains.
4.4.3. Business scope
RFID in the context of business process au-tomation is particularly used to achieve specific(primarily role- or organization specific) optimiza-tion and efficiency without changing current serv-ice provisioning to an existing value chain. Thedrive for many of the use cases is to diminish thecosts while improving the quality of the process. Inthis usage scenario human performed businessprocesses are replaced by automated RFID basedfunctions. For example, an application supportinga storehouse needs information about the objectsin the store and the activities around storage andretrieval of goods. In pre-RFID times humans sup-ply these applications with appropriate informa-tion about the incoming and outgoing goods. RFIDadds automatic identification and location func-tions to this process, and based on these informa-tion elements the appropriate event type is
generated (e.g. “register incoming good” or “regis-ter outgoing good”). In these setup organizationsstart building experiences with RFID usage and theintegration with internal business applications.
In terms of the 3-tier reference model we canidentify an existing value network by their busi-ness objects, business functions necessary to pro-duce their service or product. RFID is used in thisconstellation to optimize one or more processesby enabling particular functionality in the solutioncomponent layer. The initially functional costs andthe benefits aimed at have to justify the investmentin RFID technology. Basically, this RFID typologyis driven from current businesses and the need toimprove the efficiency or the quality of the processor supply chain.
In case of RFID for business domain comput-erization usage the main driver is to provision alarge group of business roles with generic event in-formation. Information systems from different busi-ness roles are interested to receive eventinformation. With the help of a generic sensor net-work a wide variety of information can be sup-plied to different roles. Efficiency and qualityimprovements are the main drivers here to startthis usage scenario.
4.4.4. Proprietary versus standardizedRFID solutions
In the application domain usage model thebusiness domain aspects refer to the demand for aproprietary or standardized RFID solution. As men-tioned before, current RFID based application do-mains are generally developed to diminish costsof current business processes. In these types of ap-plications there is generally no need for sophisti-cated functionality and there is no vision on futurecollaboration with other organizations. This leadsto relatively simple and proprietary solutions.
However in business domain computeriza-tion the lack of an existing value network and ofthe support for a variety of potential business roles,a standardized and open RFID based solution ispreferred. Within such an environment it will beeasier to integrate with future (customer) roles andto fulfil their requirements. The lack of support for(open) standards may restrict the potential businessopportunities. For example, when a sensor net-work provider is not able to share a common in-
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
68
Tech
nica
l Rep
ort S
erie
s
stalled infrastructure and support open access stan-dards, additional costs have to be made to connectnew business partners. This will result in higheroperational costs for their sensor network. Also, ifproprietary identification mechanisms are used forobjects and/or locations, it will be hard to guaran-tee object identification to all objects without mak-ing extra workarounds.
In RFID supported cases we see a variety oftag types, frequencies, used identification codetypes and information standards. The type of fre-quency used is determined by the required relia-bility with respect to the environment and materialof the tags’ object. Low- (LF) and high frequency(HF) passive tags are mostly used in today’s appli-cation domains and in supply chain. Because ofthe tendency to enhance process integration be-tween different organizations, there is an increas-ing demand for (open) standards. The RFID airprotocol (ISO/IEC14443) and object identification(EPC) standards are examples of standardization toincrease the extensibility and compatibility ofRFID technology.
4.4.5. Information sensitivity and RFIDtag types
Information- or privacy sensitivity is essentialto the future of RFID technology. Because of theability to link physical objects and persons in thereal world with information, RFID becomes a po-tential threat for misuse of sensitive information.As we have seen, the model distinguishes betweenphysical objects and person and animals.
In general we distinguish four potential tag re-lated information threats:
• Ability to access the information
• Ability to read information
• Ability to change information
• Ability to delete information
The first threat is based on the simple com-munication method between tag and reader. It isespecially easy to access the information on thetag in this case. In more complex systems informa-tion can be protected against reading, changingand deleting through encryption, authorizationand authentication (see Chapter 9). Although,there are enhancing technologies today to imple-
ment these protection mechanisms, this problemneeds to be addressed also at the level of the infor-mation system.
In the case of business process automation thefocus for useable tags is especially on identifica-tion of objects and location. For example, the busi-ness process of registration of incoming andoutgoing goods identifies the goods and the loca-tion where the goods are read to generate the ap-propriate event. Objects in this business scenariotype generally associate information with some-times location and identification information onlyand other times with temporary information. Theway RFID is enabling this functionality differs fromthe stored reference information (an address wherethe object related information can be found) or thestorage of information itself. In the first type theRFID stored data is only address information. Inthis configuration there is generally less pressureon security of information stored in RFID tags. Thesecurity and safety functionality is part of the ac-companying information system.
In case information is physically stored on thetag there is a higher risk for information misuse.Because security and storage functionality makesthe tag more expensive, most applications willmake use of reference information instead of dis-tributed stored information.
Applications related to high value informationand the requirement for offline information accesswill make use of this more expensive type of tags. Inthe upper right corner of the model in Figure 4-6some application domains are identified which mayjustify these requirements. For example, the abilityto access offline patient health record informationmay be critical in special occasions, while in othercases the information has to be protected againstmisuse. This type of value network may justify thehigh costs of these tags.
RFID suppliers are working hard on the de-velopment of new types of tags and reader func-tions. Active tags, microwave frequencies, smartactive labelling (SAL) and ubiquitous sensor net-working (USN) are interesting developments forthe development of the internet of things andglobal connected organizations. Based on thesedevelopments new universal functionality accel-erates the support of new business opportunities(e.g. electronic health record and food trackingand tracing applications).
RFI
D te
chno
logi
es
69
Tech
nica
l Rep
ort S
erie
s
4.5. RFID usage in business domains
To illustrate the RFID usage typology scenar-ios we will present some example of business sce-narios. These examples illustrate RFID technologyin a variety of business domains, where the initialapproach is to improve a current businessprocesses. In a second step an example is given ofthe migration to a business domain computerizedenvironment and the potential role of RFID in sucha system.
4.5.1. Example business scenario health-care
Today, several pharmacy producers, suppliers,distributors and pharmacists are using RFID tagson medical packaging to automate their collabora-tive production and delivery process. RFID tech-nology is used to control the different steps in thevalue network and to share this information withother stakeholders in the value network. In today’suse cases the passive tag variant is mostly usedwhile the primary function is the identification andlocalization of medicines. To support this valuenetwork a simple passive read only tag is suffi-cient, while information is shared via an accessibleinformation system. When the proper drug is deliv-ered at the pharmacist the resulting service of thisvalue network is completed. However, besides thislogistic value network the pharmacist is part of an-other value network with the general practitionerand the patient. The pharmacist provides in thisnetwork the delivery of the prescribed medicationto the patient. The general practitioner is responsi-ble for the prescription of the drug and the opera-tional instructions. The problem in this network ishow the instructions are joined to the deliveredmedication. Experience shows that groups of pa-tients are not always able to understand and fol-low the instructions with sometimes seriousconsequences. To solve this problem a spokendrug instruction could help this group of patients.Based on an existing device which translates textinto spoken words, the operational instructionscan be stored on the medicine and provide the pa-tient with personalized instructions. The pharma-cist receives from the general practitioner themedical operational instructions and digitallywrites the instructions on a writeable tag. An RFIDbased speech device reads these instructions andtells them to the patient. Because of the storage ca-
pabilities of information on a tag, there is no needfor the patient to have an online connection.
In relation to the layered reference model wesee that the box of drugs participates in two differ-ent value networks. In both cases RFID tags areused to store information, in the logistic value net-work the object identification information is storedwhile in the second value network medical in-struction information is stored as well. To avoiddouble tagging, measures have to be taken to as-sure that one and the same tag can be used in bothcases. Replacing the old tag with a new one willresult in definitive removal of the object from thelogistic value network. Information about the lo-gistic information in the first value network can nolonger be accessed via the original tag.
Another option is the reuse of the original tagand identification, but how do we guarantee thatthe pharmacy producer adds a more expensive tagto the medicine with the writable functionality?
Tag- and information standardization solvethis problem partly. A standardized identificationmechanism could identify the medicine uniquelyin both networks. However, the main challenge isthe division between business opportunities andcorresponding costs.
4.5.2. Example business scenario elec-tronic identity cards
Identity cards and passports are excellent ex-amples of a paper based identification technologyfor persons. The ID-card and passport prove that aperson is who he said he is, primarily based on aphoto and the authenticity of the card or passport.Because of the limited functionality and capabilityof these paper based identification mechanisms,there is a need for another and safer mechanism.
Based on latest technology developmentsRFID is used in combination with paper basedidentification mechanism. In addition to the read-able information in the card or passport, RFID addsthe possibility to store electronically person spe-cific biometric information. The main objectivehere is the higher level of protection of the storedinformation; however, RFID enables also automa-tion of particular authentication functions like e.g.iris scan or finger print checking. Experienceshows that all traditionally written information can
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
70
Tech
nica
l Rep
ort S
erie
s
be changed or manipulated. With the help of RFIDan extra technical obstacle is created to preventcorruption of the electronically stored information.Besides this, it opens the possibility to automateparts of the identification functionality. After all,person specific information is electronically storedon a device which can be read out wirelessly,while these characteristics can be checked withe.g. an eye-scan or a finger print verification. Evena real time DNA scan might be possible in the fu-ture.
Today there are lots of entrance systemswhich work on a traditional LF or HF RFID tag. Incombination with a passive RFID tag with ex-tended memory capabilities, person specific infor-mation can be stored on the tag. Because of thesensitivity of the stored information, extra attentionshould be given to the protection of the informa-tion by unauthorized persons. People wearingthese types of identification tags are not awarewhen information is read or not. Also the protec-tion of re-writing of information is an issue to ad-dress. In the future tags will be created wherepeople are able to interfere in the exchange of in-formation between tag and reader, e.g. based onpressing a simple button through fingerprint recog-nition. With the help of this type of tags a higherlevel of protection can be achieved.
4.5.3. Example business scenario foodquality
Today there is a high demand from society tofood producers in the food chain to guarantee thequality of meat that consumers buy. Consumerswant suppliers to show them the origins of the beefor the type of food the pigs have had. Since manyyears cows and other animals are identified withhelp of RFID technology while information aboutthese animals is already stored. In particular hightech farmers use these tags to track and trace ani-mals and store information about food quality, dis-ease and medication. Traceability of the animalhowever stops at the time of its death. The meatproducts are then provided with printed informa-tion about the type of meat and the process fol-lowed, while detailed information about theparticular animal is omitted. An interesting aspectin this scenario is the fact that an object disappearsfrom the real world while offspring objects requirean association with the disappeared animal-object.
From a RFID perspective the associated informa-tion of the slaughtered cow disappears and newobject-tags will be created and attached to the as-sociated beef products.
By identifying meat products with read-writetag types, more detailed information could be pro-vided to consumers. However, this case shows thatconsumers will need a universal reader to interro-gate this type of information. Also information onthe tag should be stored according to common in-formation standards.
Based on current meat-sensor research, thisopens up the possibility for active tags reporting ifthe beef is proper for consumption. Although thisseems an expensive mechanism, it could preventfood poisoning and related medical and litigationcosts. Based on this example, we may concludethat systems like this can only be elaborated onstandardized technical solutions to assure the in-teroperability between the associated value net-works.
4.6. Summary and conclusions
We have described RFID technology from dif-ferent, technically oriented, viewpoints. Today’susage analysis shows two abstract fields of usageapplication; business process support and businessdomain computerization and the respective appli-cation usage domain for sensor networks. In thischapter we have described RFID from a technol-ogy, usage, standards and frequency point of view.Based on these viewpoints we draw the followingconclusions:
• RFID is an important technology to use inthe implementation of a universal sensornetwork; RFID is an appropriate technologyto transfer real-world objects and correspon-ding events to feed information systems withreal time information. Furthermore, RFID iswell equipped to provide sufficient contextinformation with the generated events.
• The drive for universally usable, sensor net-work based applications will create a de-mand for more standardization to increasethe compatibility and the usability of RFIDbased information systems. Besides stan-dardization on RFID technology (tags andreader functionality) more standards on the
RFI
D te
chno
logi
es
71
Tech
nica
l Rep
ort S
erie
s
information semantic level of RFID tagstored information is needed. This type ofstandards will increase the usability of tagsand (sensor) information for different pur-poses. Also the interaction between compa-nies will be easier if both parties use thestandardized information.
• An important point of interest is how to at-tach the appropriate tag to an object. To en-able the exchange of the same tag betweendifferent value networks, criteria or ruleshave to be defined to determine which typeof tag has to be attached to which type ofproduct. Especially when there is a publicinterest the government or European Com-mission may setup rules for special productcategories to determine the tag type.
• There is a variety of technologies which canenable and/or enhance RFID. These combi-nations make the use of RFID in a variety ofapplication domains possible. Readers canbecome mobile and or distributed tags canbe enhanced with sensors and other func-tionality. At this moment there is not an ob-vious killer combination, the market willhave to determine which combinations be-come standard. In the usage application do-main model the tendency seems to be thatthe development from RFID based applica-tion goes from business process automationscope up to domain computerization. Forthe last type of usage application more en-hanced and sophisticated tags are neces-sary.
4. R
FID
tech
nolo
gies
: RFI
D s
yste
m fe
atur
es
72
Tech
nica
l Rep
ort S
erie
s
Market perspectives and socio-economic issues
Part
tw
o
5. RFID market perspectives
RFI
D te
chno
logi
es
75
Tech
nica
l Rep
ort S
erie
s
38 Polymer chips might be considered as well in this box although nowadays they are mainly in R&D phase.
Several technologies are included under theRFID umbrella and each one has its own marketimplications. The major role no doubt will beplayed by applications for the retail supply chain,where a massive deployment of RFID hardwareand software is expected. This is however, still nothappening except where forced by retail giantsWal*mart in USA, METRO and Marks & Spencerin the EU. Nevertheless it should not be neglectedthat there are a number of minor and niche appli-cations where RFID technology is successfully andwidely exploited including, but not limited to, lo-gistics, personal identification, ePayment, and tick-eting.
This chapter attempts an analysis of the mainforces driving the RFID market evolution, what ac-tors are involved and what is the role they play. Al-though some market figures will be provided, thefocus is rather on the dynamics of the market try-ing to figure out what could be the evolution path.The discussion will start with the description of themarket actors, then what are felt to be the key driv-ers and finally the market figures.
5.1. Actors and stakeholders
5.1.1. The RFID value chain
The RFID applications value chain is quitecomplex. IDTechEx proposes a scheme (Figure 5-1)aiming at encompassing in a few blocks the mainindustrial activities involved. It has to be noted thatthe proposed structure does not mean that any realcompany should exactly fit into one box: some
might span over more boxes or just cover a part ofa single one. Moreover the boxes are ordered fromleft to right with growing value: each one uses assource the output of the boxes on the left, adds itsown value and feeds into the boxes on its right.
Two main flows (from left to right) are repre-sented. The first refers to the “Chip Tags”, the onesthat are built around a silicon38 core. There are sil-icon foundries building the chips and others put-ting the chips together with the antennas. The thirdbox refers to companies that produce the productto be consumed (e.g. rolls of sticking labels or hardpackages for reusable tags) having the RFID en-closed. These first three boxes are fed by a “licen-sors of inventions” box referring to the RFID patentholders, for example Intermec holds a relevantnumber of these.
On the second row a single box represents themanufacturing of the chipless tags: no chip impliesthat no integration with the antenna is needed;packaging of the tags in consumables is howeverstill needed.
On the bottom rows we see the manufactur-ers of hardware, namely readers and reader anten-nas and printers etc., and software providers formiddleware and applications.
At the end of the chain the companies thatmake things work in broad terms are identified.These span from business process consultants thatfocus on “why” and “where” the RFID technologydeserves to be applied, down to system integra-tors, knowing “how” to make the hardware andthe software work together.
Figure 5-1: RFID value chain39
5. R
FID
mar
ket p
ersp
ectiv
es
76
Tech
nica
l Rep
ort S
erie
s
39 Source IDTechEx, 2005a. Note that “Deposited thin film RFID” and later on “Laminar transistor circuits” refer to technologies, currentlyunder research, making use of polymers instead of silicon.
40 Though the value chain proposed in the cited study does not exactly match the one by IDTechEx, nevertheless the activities can be quiteeasily mapped one to the other.
Finally, companies providing for system oper-ations and management services, outsourcers, andservice providers are rated at the top of the valuechain.
5.1.2. Market actors
In a study published by Milan Polytechnic in2005 a scheme has been proposed for the cluster-ing of the companies operating in the RFID market.One axis presents the activities that compose thealready described value chain,40 while the otheraxis proposes three component levels. The Hard-ware level encompasses all the physical elements:tags, readers, antennas, etc. The “Middleware andDataBase” level owns the software infrastructurecomponents that are common to most applications(thus named “application independent”). The thirdlevel is named Application and Processes and
refers to the components that are developed for aspecific application and/or tuned to meet the re-quirements of a specific customer.
On the basis of these criteria/axes, a numberof companies has been mapped on a chart with re-spect to their products and services. Four main“clusters” of companies have been identified (SeeFigure 5-2). A list of the technology players in eachcluster is also provided. Please note that, as thereis not a deterministic way to assign a company toa specific cluster, the company names hereafter re-ported might be somehow arbitrary. Neverthelessthe list is deemed useful in order to allow thereader to associate some real world names withthe clusters. The names are to be considered as ex-amples and the proposed lists are thus not exhaus-tive; their cardinality does not represent the realnumber of companies in the cluster.
Figure 5-2: Map of RFID offering actors
RFI
D te
chno
logi
es
77
Tech
nica
l Rep
ort S
erie
s
Technology developers and resellers
This cluster includes those actors that provideRFID specific hardware components (tags, readers,antennas, printers, …) independently of whetherthey are developers or resellers. In this clustercompanies that carry out hardware design and en-gineering activities (e.g. the ones that develop ondemand customized packaged tags) are also in-cluded.
5.1.3. RFID tag manufacturers
• HITACHI,h t tp : / /www.hi tachi .co . jp /Prod/mu-chip/index.html (JP)
Headquartered in Tokyo, Japan, is a lead-ing global electronics company, with ap-proximately 340,000 employeesworldwide. Fiscal 2002 (ended March 31,2003) consolidated sales totaled 8,191.7billion yen ($68.3 billion). The company of-fers a wide range of systems, products andservices in market sectors, including infor-mation systems, electronic devices, powerand industrial systems, consumer products,materials and financial services. Mu-solu-tions is a Hitachi RFID division under Infor-
mation & Telecommunication Systems. Mu-solutions builds and manages a completeplatform for µ-chip solutions.
• Motorola,http://www.motorola.com/mot/doc/0/202_MotDoc.pdf (US)
Motorola, with 150000 employees, head-quartered in Illinois, USA, is a leader inwireless and broadband communicationssystems. Their “Seamless Mobility” visionaims at technology to get and stay con-nected simply and seamlessly to the peo-ple, information, and entertainment.Motorola had sales of US $36.8 billion in2005. Motorola BiStatix™ is a new solutionthat allows the creation of cost-effective“smart labels.” Radio frequency identifica-tion (RFID) antennas are printed on materi-als using conductive non-metallic ink.
• Philips,http://www.semiconductors.philips.com/products/identification/index.html (EU)
Royal Philips Electronics of the Netherlandsis one of the world’s biggest electronicscompanies and Europe’s largest, with salesof EUR 30.4 billion in 2005. With activities
in the three interlocking domains of health-care, lifestyle and technology and 158,000employees in more than 60 countries, it hasmarket leadership positions in medical di-agnostic imaging and patient monitoring,colour television sets, electric shavers,lighting and silicon system solutions.Philips provides a complete range of RFIDICs including smart cards, tags, labels andreaders. They address a number of applica-tions, from low-cost smart label ICs forhigh-volume supply chain management ap-plications through next generation 32-bitsmart-computing platform for powerfulmulti-application smart cards.
• Siemens,http://www.automation.siemens.com/rfid/index_76.htm (EU)
Siemens (Berlin and Munich) is a globalleader in electrical engineering and elec-tronics. The company has around 461,000employees both for manufacturing productsand developing customized solutions. Thecompany focuses on the areas of Informa-tion and Communications, Automation andControl, Power, Transportation, Medical,and Lighting. In fiscal 2005 (ended Septem-ber 30), Siemens had sales from continuingoperations of EUR 75.4 billion and net in-come of EUR 3.058 billion. Siemens offersa complete RFID portfolio – from productsand systems, technical and operationalconsulting as well as process design up totechnology, process and IT integration.
• Texas Instruments, http://www.ti.com/rfid/ (US)
Texas Instruments (TI) is a global semicon-ductor company and one of the world’sleading designers and suppliers of real-world signal processing solutions. Thecompany’s other businesses include Sen-sors and Controls, as well as Educationaland Productivity Solutions. Headquarteredin Dallas, Texas, TI has more than 34,000employees worldwide with corporate, salesand manufacturing facilities in more than30 locations across Asia, Europe and theAmericas. TI is the world’s largest inte-grated manufacturer of radio frequencyidentification (RFID) transponders andreader systems.
Components developers and resellers
• Alien Technology, http://www.alientechnology.com/ (US)
Alien Technology is a venture funded, pri-vately held company. They provide UHFRadio Frequency Identification (RFID)products and services to customers in retail,consumer goods, manufacturing, defence,transportation and logistics, pharmaceuti-cals and other industries. Alien’s productsinclude RFID tags, RFID readers and relatedtraining and professional services. Alienemployees about 235 people worldwide.The company’s corporate headquarters is inMorgan Hill, CA and sales offices are in theUS, Europe and Asia. Alien is a member ofEPCglobal.
• AVID,http://mail.avidid.com/web/index.htm (US)
AVID Identification Systems, a privatelyheld company was founded by a veterinar-ian in 1985 and is a major supplier of mi-crochips in the United States and aroundthe world. AVID invented, designed, intro-duced and implemented the microchipbased pet recovery system as it is globallyknown today (37 patents to date). Horses,cattle, dogs, cats, other companion animalsand livestock, etc. are able to be perma-nently identified with a secure unique num-ber. They provide syringe delivery systems,multi-mode reading systems, and pocketsize readers are examples of standards setby AVID. AVID is headquartered in 3185Hamner Ave, Norco, CA, USA.
• CAEN, http://www.caen.it/rfid/index.php (EU)
CAEN is based in Viareggio, (150 employ-ees) Italy and is specialized in manufactur-ing mission critical electronics systems:
- design and manufacture electronicequipment for the Nuclear and ParticlePhysics such as Low Voltage & HighVoltage Power Supply Systems, Front-End and Data Acquisition Electronics;
- design and production of high reliabilityelectronics for Space applications andcollaborates with the main Space Agen-cies (NASA, ESA, ASI, CNES);
5. R
FID
mar
ket p
ersp
ectiv
es
78
Tech
nica
l Rep
ort S
erie
s
- complete microelectronics design serv-ice for digital, mixed/analog ASICs andcomplex FPGA designs, with a wide of-fering of HW and SW Intellectual Proper-ties (IP) blocks;
- readers and tags for UHF Radio Fre-quency Identification technology.
• Intellident, http://www.intellident.co.uk/ (EU)
Intellident, (part of the £1.2 billion LINPACgroup), design, build and deliver advancedwireless tracking solutions, based on inno-vative RFID and bar code technologies. Thecompany is based in Manchester, UK.
• Intermec,http://www.intermec.com/eprise/main/Inter-mec/Content/Technology/RFID/RFID (US)
Intermec Technologies Corp. is a leader inglobal supply-chain solutions and in the de-velopment, manufacture, and integration ofwired and wireless automated data collec-tion, RFID (radio frequency identification),mobile computing systems, bar code print-ers, and label media. Based in Everett,Washington, the company has 2,700 em-ployees worldwide.
• PSC, http://www.psc.com/ (US)
PSC Inc. is a global provider of data-cap-ture solutions for retail supply chains. Itsbroad array of products and services in-clude point-of-sale scanning, warehousing& distribution, and wireless networking.PSC is a privately held global company.Rival Datalogic acquired PSC from the pri-vate equity firm Littlejohn & Co. for around$195 million in 2005. With a presence of750 plus employees in more than 100countries, PSC’s headquarters and majormanufacturing facilities are located in Eu-gene, Oregon, while sales and service of-fices are located throughout the Americas,Europe, Asia and Australia.
• PSION, http://www.psionteklogix.com (US)
Psion Teklogix Inc. is a leading provider ofrugged mobile computing solutions to arange of industries around the world. It wasformed in September 2000 as a result of themerger between U.K.-based Psion Enter-prise division of Psion PLC, and Canadian-
based Teklogix Inc. Psion Teklogix is head-quartered in Mississauga, Ontario, Canadawith additional corporate offices located inEurope, the United States, Asia, Latin Amer-ica and the Middle East with about 600 em-ployees.
• Sirit, http://www.sirit.com/ (CA)
Sirit Inc. has been providing Radio Fre-quency Identification (RFID) solutions tocustomers worldwide since 1993. Thecompany designs, manufactures and sellsRFID products which support a broad rangeof RFID tags (EPC and ISO) and frequencies(LF/HF/UHF). On April 13, 2006, Sirit Inc.acquired the assets of SAMSys TechnologiesInc. including all of its RFID products andsolutions. SAMSys Technologies Inc. (SAM-Sys), founded in 1995, was a world-leadingprovider of radio frequency identification(RFID) hardware solutions and RFID inte-gration consulting services designed toevaluate and recommend optimal RFID so-lutions to enhance existing businessprocess. Sirit is headquartered in Missis-sauga, Ontario, Canada.
• Sarnoff, http://www.sarnoff.com/prod-ucts_services/communications_solutions/rf/index.asp (US)
Sarnoff Corporation produces innovationsin electronic, biomedical and informationtechnology. Founded in 1942 as RCA Labo-ratories, it develops breakthroughs in ICs,lasers, and imagers; drug discovery, manu-facture and delivery; digital TV and videofor security, surveillance, and entertain-ment; high-performance networking; andwireless communications. Its history in-cludes the development of color TV, the liq-uid-crystal display, and the disposablehearing aid, and a leadership role in creat-ing the new U.S. digital and HDTV stan-dard. It is a subsidiary of SRI Internationaland is headquartered in Princeton, NJ, USA.
• Symbol, http://www.symbol.com/prod-ucts/rfid/rfid.html (US)
Symbol Technologies, Inc. engages in thedesign, development, manufacture, andservicing products and systems used inenterprise mobility solutions. Its productsinclude data capture products, mobile
RFI
D te
chno
logi
es
79
Tech
nica
l Rep
ort S
erie
s
computing platforms and software man-agement tools, wireless infrastructure, andradio frequency identification infrastruc-ture and tags, and are sold as both inte-grated solutions and individual devices.Symbol Technologies was founded in1973 and is headquartered Holtsville,New York.
• TEK Industries, http://www.tekind.com/rfid.htm (US)
TEK Industries is a privately held companybased in Vernon, CT, USA. TEK Industries of-fers a full range of readers, handheld datacollection terminals, and specialty RFID tags.
• UPM Raflatac, http://www.rafsec.com/homeb.html (EU)
In January 2006, RF and contactless tech-nology developer UPM Rafsec has mergedwith label-maker Raflatac to form UPMRaflatac. The combined Finland-basedcompany has 2,300 employees and annualsales of 850 million EUR. UPM Raflatac de-velops and manufactures RFID (radio fre-quency identification) tags used in e.g.product identification and supply chainmanagement. UPM UPM is a world lead-ing RFID tag manufacturer and a pioneer ofthe EPC (electronic product code) standard,specialized in high-quality, high-volumeproduction. The company is headquarteredin Tampere, Finland and it has a factory inJyväskylä, Finland. Sales offices are in theUSA, Netherlands, Germany, China, Japanand Singapore.
• Xtag, http://www.xtagltd.co.uk/ (EU)
Xtag is a Leeds, UK, based firm providingRFID specialized solutions for healthcare.Their Xtag Baby System is a leading infantprotection system.
• Zebra Technologies,http://www.zebra.com/id/zebra/na/en/index/products/printers/rfid.html (US)
Zebra Technologies is a global provider ofrugged and reliable specialty printing solu-tions, including on-demand thermal barcode label and receipt printers and sup-plies, plastic card printers, RFID smart labelprinter/encoders, certified smart media, anddigital photo printers. Zebra Tech. is based
in Chicago, IL, USA, and has 28 other lo-cations in 19 countries with about 2500employees.
5.1.4. System integrators
Here are included the technically smart com-panies that provide typically small turn key RFIDsystems making work together hardware and soft-ware infrastructure components. They typicallyoperate in deep contact with customers cooperat-ing with them in the identification of the (techni-cal) needs and proposing alternative solutions.Eventually they will provide the needed hardwareand software components, may be produced ontheir own, and install them at the customer prem-ises and ensure they work together correctly. Themost of them will not take care of application spe-cific aspects.
• Aeroscout, http://www.aeroscout.com/ (US)
AeroScout provides enterprise visibility so-lutions that bridge the gap between Wi-Fi,RFID and GPS. AeroScout enables stan-dards-based location and presence-basedapplications for indoor and outdoor envi-ronments where real-time visibility of assetsand people is required to drive revenues orcut costs. Aeroscout is base in San Mateo,CA, USA.
• Checkpoint Systems, http://www.checkpointsystems.com/de-fault.aspx?page=epcrfid (US)
Checkpoint Systems, Inc., is a multinationalmanufacturer and marketer of technology-driven solutions for retail security, labelling,and merchandising. Checkpoint is the lead-ing provider of radio frequency- (RF) basedshrink management solutions to the globalretail industry. The company has some4000 employees and is headquartered inThorofare, NJ , USA.
• Feig Electronic, http://www.feig.de/ -> OBID (EU)
FEIG ELECTRONIC GmbH has specializedin contactless identification (RFID), doorcontrollers and traffic sensor technology.FEIG ELECTRONIC was established in 1970and employs about 150 staff members. Thecompany is located in Weilburg, Germany.
5. R
FID
mar
ket p
ersp
ectiv
es
80
Tech
nica
l Rep
ort S
erie
s
• Savi Technology,41
http://www.savi.com (US)
Savi Technology provides supply chainasset management, security and collabora-tion software that is uniquely integratedwith automatic data collection and identifi-cation systems to provide real-time logisticssolutions. Founded in 1989, Savi Technol-ogy is headquartered in Sunnyvale, Califor-nia, USA with offices in London, SouthAfrica, Taiwan and Singapore.
• RFCode, http://www.rfcode.com/ (US)
RF Code is a developer of hybrid RFID datamanagement software and enabling tech-nologies. They provide software suite forAuto-ID data collection and distribution.RF Code manufacture active RFID tags andreaders. RF Code is a privately-held com-pany headquartered in Mesa, Arizona,USA.
5.1.5. Software providers
These are the companies that are focused onthe development and integration of the softwarecomponents needed for RFID applications. Thesecomponents can be at the middleware & DB levelas well at the Application & Processes level. Heremight be identified both small local softwarehouses that cooperate with system integrators toprovide complete solutions, and big players likeOracle, BEA, etc.
• BEA, http://www.bea.com/content/products/weblogic/rfid/index.htm (US)
BEA Systems, Inc. (BEA) is provider of en-terprise application and a line of serviceinfrastructure products to facilitate serv-ice-oriented architecture (SOA) implemen-tations. BEA has acquired in 2005Connecterra, one of the first developers ofRFID middleware. BEA is active in EPCglobalas contributor and leader of working groups.The company is headquartered in San Jose,CA, USA, and has some 4000 employees.
• CISCO, http://www.cisco.com/web/strategy/retail/RFID.html (US)
CISCO Systems Inc. is a global companythat manufactures and sells networking andcommunications products and providesservices associated with that equipment andits use. In their Application Oriented Net-working (AON) solution, intended to addapplication level value to networkingequipment, they provide the ConnecterraRFID middleware solution. CISCO hasmore than 38000 employees, worldwide of-fices, and is headquartered in San Jose, CA,USA.
• Globeranger, http://www.globeranger.com/ (US)
GlobeRanger is the leading provider ofRFID, mobility and sensor-based softwaresolutions. iMotion platform serves as thefoundation for GlobeRanger and its partnersto develop, deploy and manage edge solu-tions. Founded in 1999, GlobeRanger isheadquartered in Richardson, Texas, USAwith some 50 employees.
• Microsoft, http://www.microsoft.com/industry/retail/solutions/rfid.mspx (US)
Microsoft Corporation engages in the devel-opment, manufacture, licensing, and supportof software products for various computingdevices worldwide. It operates in three divi-sions: Platforms and Services, Microsoft Busi-ness, and Entertainment and Devices.Microsoft’s RFID infrastructure taps thepower of the .NET Framework, SQL Serverand Visual Studio .NET to make integrationand deployment of RFID easier and lesscostly. Microsoft was founded in 1975 andis headquartered in Redmond, Washingtonand has 71,000 Full Time Employees.
• OATSystems, http://www.oatsystems.com/ (US)
OATSystems, Inc. is a leader company pro-viding software to support businesses basedon RFID framework. As a pioneer in the de-velopment of RFID technology, OAT has
RFI
D te
chno
logi
es
81
Tech
nica
l Rep
ort S
erie
s
41 In June 2006 Savi Technology has been acquired by Lockheed Martin.
been setting the standards in RFID since thefirst times for over half a decade. OAT’smultinational client base consists of over 75customers in retail, CPG, consumer elec-tronics, manufacturing, life sciences, aero-space and defence. Headquartered inWaltham, MA.
• Oracle, http://www.oracle.com/technologies/rfid/index.html (US)
Oracle Corporation, together with its sub-sidiaries, engages in the development, man-ufacture, distribution, servicing, andmarketing of database, middleware, and ap-plication software. It offers software licenseupdates, product support, and other serv-ices. The company operates in five seg-ments: New Software Licenses, SoftwareLicense Updates and Products Support,Consulting, On Demand, and Education.Oracle Sensor-Based Services are a compre-hensive set of capabilities to capture, man-age, analyze, access, and respond to datafrom sensors such as RFID, location, andtemperature. Oracle Corporation wasfounded in 1977 and is headquartered inRedwood City, California. Full Time Em-ployees: 56,133.
• RedPrairie,http://www.redprairie.com/uk/default.aspx(EU)
RedPrairie provides comprehensive, inte-grated solutions for supply chain manage-ment to a variety of industries. Thetechnology suite includes warehouse man-agement and quality control, transportationand global trade management, workforceperformance management, event manage-ment, slotting, visibility, performance meas-urement, and RFID for EPC / ISOcompliance and mobile resource manage-ment. Stokenchurch, UK(EMEA HQ),Waukesha, Wisconsin (HQ)
• Sybase,http://www.sybase.com/products/mobileso-lutions/rfid_anywhere (US)
Sybase, Inc. provides enterprise and mobilesoftware solutions for information manage-ment, development, and integration in theUnited States. Its solutions integrate plat-
forms, databases, and applications; and ex-tend those applications to mobile workersthrough mobile and Wi-Fi technologies.The company operates through two seg-ments, Infrastructure Platform Group andiAnywhere Solutions, Inc. The Sybase RFIDarchitecture and complementary RFID so-lution consists of modularized plug-and-play products.. The company was foundedin 1984 and is headquartered in Dublin,California. Full Time Employees: 3,715.
• TIBCO,http://www.tibco.com/solutions/rfid/de-fault.jsp (US)
TIBCO Software, Inc. provides business in-tegration and process management soft-ware. TIBCO’s solutions include threecategories of software: Business ProcessManagement Software, Business Optimiza-tion Software, and Service-Oriented Archi-tecture. TIBCO is an independent providerof business integration software and stan-dards-compliant RFID solutions. The com-pany was founded in 1985 and isheadquartered in Palo Alto, California. FullTime Employees: 1,505.
5.1.6. Consultants and main contractors
These are mostly multinational organizationsthat lead business projects for medium large or-ganizations. They provide the whole solution start-ing from the business processes analysis down tothe actual system deployment, that is typically sub-contracted to system integrators. This cluster canbe subdivided into the big technical players (IBM,HP, SAP, etc.) and the business consultants (De-loitte, Accenture, etc.) that are extending their con-sultancy on technical aspects.
• Accenture, http://www.accenture.com/ (US)
Accenture, Ltd., through its subsidiaries, of-fers management consulting, technology,and outsourcing services worldwide. It oper-ates in five segments: Communications andHigh Tech (CHT), Financial Services (FS),Products and Services (PS), Resources (RS),and Government. The company wasfounded in 1995 and was formerly known asAndersen Consulting and changed its nameto Accenture, Ltd. in 2001. Accenture pro-
5. R
FID
mar
ket p
ersp
ectiv
es
82
Tech
nica
l Rep
ort S
erie
s
vides clients with total end-to-end RFID so-lutions through its broader supply chain andtechnology capabilities, including enterpriseintegration, supply chain execution systemsimplementation and infrastructure services.Accenture, Ltd. is based in Hamilton,Bermuda. Full Time Employees: 123,000.
• ATOS,http://www.atosorigin.com/wp_RFID.htm(EU)
Atos Origin is a leading international ITservices provider. The company, that is alsothe official worldwide IT partner for theOlympic Games, offers the entire spectrumof information technology consultancy andservices. Its areas of expertise include con-sulting, systems integration and outsourc-ing. Currently generates an annual turnoverof more than 5.5 billion euros and employsa workforce of 47,000 in 40 countries. AtosOrigin has the capability to provide consul-tancy and design, build and operate RFIDtechnical solutions. Atos Origin is quotedon the Paris Euronext Premier Marché andtrades as Atos Origin, Atos Euronext MarketSolutions, Atos Worldline, and Atos Con-sulting.
• Cap Gemini,http://www.capgemini.com/resources/suc-cess-stories/by_solution/rfid/ (EU)
Capgemini is one of the world’s foremostproviders of Consulting, Technology andOutsourcing services. The company helpsbusinesses implement growth strategies,leverage technology, and thrive through thepower of collaboration. Capgemini employsapproximately 60,000 people worldwideand reported 2005 global revenues of 6.954billion euros. As one of the early RFID pio-neers, they have deployed RFID for clientsin multiple industries and around the globe.They are actively involved with ElectronicProduct Code (EPC) standards, and are cur-rently leading several RFID pilot projects.
• Deloitte, http://www.deloitte.com/ (EU)
Deloitte refers to one or more of DeloitteTouche Tohmatsu, a Swiss Verein, its mem-ber firms, and their respective subsidiariesand affiliates. Deloitte Touche Tohmatsu is
an organization of member firms around theworld providing professional services andadvice, focused on client service through aglobal strategy executed locally in nearly150 countries. With 135,000 employeesworldwide, Deloitte delivers services in fourprofessional areas—audit, tax, consulting,and financial advisory services—DeloitteConsulting offers consultancy services onRFID business process methodology andstrategic assessment.
• HP, http://h20223.www2.hp.com/ (US)
Hewlett-Packard Company provides prod-ucts, technologies, solutions, and servicesto individual consumers, small and mediumsized businesses, and large enterprisesworldwide. The company provides industrystandard servers and business criticalservers and a number of other computertechnologies. HP and OAT deployed RFIDat multiple locations across HP’s supplychain to provide real-time visibility of in-ventory and goods movement. HP and OATdeveloped best practices for deliveringRFID solutions in manufacturing and distri-bution operations and now offer this inte-grated, tested solution to other customers.Hewlett-Packard was founded in 1939, isheadquartered in Palo Alto, California. FullTime Employees: 150,000.
• IBM, http://www-03.ibm.com/solutions/business-solutions/sensors/index.jsp (US)
International Business Machines Corpora-tion (IBM) operates as an information tech-nology (IT) company worldwide. It hasthree segments: Systems and Financing,Software, and Services. The company offersits products and services to a broad rangeof sectors. IBM’s RFID offerings span fromconsultancy to actual implementation andoutsourcing fo applications such as supplychain management or asset management.The company is based in Armonk, NewYork. Full Time Employees: 341,750.
• Lockheed Martin, http://www.lockheedmartin.com/ (US)
Lockheed Martin Corporation engages inthe research, design, development, manu-
RFI
D te
chno
logi
es
83
Tech
nica
l Rep
ort S
erie
s
facture, integration, operation, and sustainof technology systems, products, and serv-ices. The company’s Information and Tech-nology Services segment provides IT andrelated, and other technology services tofederal agencies and other customers.Lockheed Martin Corporation has enteredthe RFID market with the acquisition ofSavi Technology, Inc.(Savi), a provider ofactive radio frequency identification(RFID) solutions. Lockheed Martin wasfounded in 1909 and is headquartered inBethesda, Maryland. Full Time Employ-ees:135,000.
• Manhattan Associates, http://www.manh.com/ (US)
Manhattan Associates, Inc. engages in thedevelopment and provision of supply chainsoftware solutions for the planning and ex-ecution of supply chain activities. Its solu-tions include Integrated Planning Solutions,Integrated Logistics Solutions, PerformanceManagement, and Logistics Event Manage-ment Architecture. Manhattan Associateshas a team of qualified RFID professionalsthat has significant experience in supplychain operations. The company wasfounded in 1995 and is headquartered inAtlanta, Georgia.
• Northrop-Grumman, http://www.it.northropgrumman.com/offer/enterprise/rfid.html (US)
Northrop Grumman Corporation providesproducts, services, and solutions in infor-mation and services, aerospace, electron-ics, and shipbuilding to the military,government, and commercial customersin the United States and internationally.The company provides airborne radar,navigation systems, electronic counter-measures, precision weapons, airspacemanagement systems, space systems, ma-rine and naval systems, communicationssystems, government systems, and logis-tics services. Northrop Grumman providessupport to companies in implementingRFID within their supply chains. Fornearly 2 decades Northrop Grumman hasperformed as a systems integrator of Auto-matic Information Technology, AIT, in-cluding RFID, solutions. The company
was founded in 1939 and is headquar-tered in Los Angeles, California. Full TimeEmployees: 123,600.
• SAP, http://www.sap.com/solutions/business-suite/scm/rfid/index.epx (EU)
SAP AG engages in developing and licens-ing business software solutions. Its solutionportfolios support the business processes ofapproximately 25 industries, including hightech, retail, financial services, healthcare,and the public sector. Powered by the SAPNetWeaver platform, SAP business applica-tions enable enterprises of various sizesaround the world in managing customer re-lationships, partner collaboration, and sup-ply chains and business operations. As amarket leader in solutions that link RFIDdata to business application software, SAP isactively supporting standards bodies thatare seeking to develop ways to implementthis promising technology in a practical andresponsible way. SAP was founded in 1972and is headquartered in Walldorf, Germany.Full Time Employees: 35,873.
• SUN Microsystems, http://www.sun.com/software/products/rfid/(US)
Sun Microsystems, Inc. focuses on provid-ing products and services for network com-puting. It provides network computinginfrastructure solutions that consist of com-puter systems, network storage systems,support services, and professional andknowledge services. These services enablethe company’s customers to architect, im-plement, and deploy systems within theirinformation technology environments. Thecompany also offers a range of system/net-work architecture, implementation, andmanagement, as well as consulting, skillsmigration, and training. Sun Industry Solu-tions comprise a set of pretested, RFID-spe-cific solution architectures that use JavaSystem RFID Software and thirdparty prod-ucts to address specific industry problems.Sun Microsystems was founded in 1982 andis headquartered in Santa Clara, California.Full Time Employees: 31,000.
5. R
FID
mar
ket p
ersp
ectiv
es
84
Tech
nica
l Rep
ort S
erie
s
5.1.7. Non offering related actors
On different planes from the one depicted,other entities that might have a role on RFID issuescan be considered. These are e.g. customer organ-izations, standardization bodies, governments. Allof them play a regulating role aiming at achievingcommon agreements and protecting public inter-ests. As they will mainly react to the market evolu-tion rather than play a leadership role, they willnot be considered in this discussion.
• Indicod ECR,http://www.indicod-ecr.it/progetti/index.php(EU)
Indicod-Ecr is an institute that associatesmore that 30.000 industrial enterprises oflarge consumption and active modern dis-tribution in Italy. Its mission is the improve-ment of the large consumption companies’operation effectiveness and efficiency. Withreference to the RFID, Indicod-Ecr is takingcare of the diffusion in Italy of the EPC stan-dard, developed by Ean International in col-laboration with the Massachusetts Instituteof Technology.
• EPCglobal, http://www.epcglobalinc.org/ (US)
EPCglobal is leading the development of in-dustry-driven standards for the ElectronicProduct Code™ (EPC) to support the use ofRadio Frequency Identification (RFID) intoday’s fast-moving, information rich, trad-ing networks. It is a subscriber-driven organ-isation comprised of industry leaders andorganisations focused on creating globalstandards for the EPCglobal Network™.Their goal is increased visibility and effi-ciency throughout the supply chain andhigher quality information flow betweencompanies and their key trading partners.
• Privacy Commissioners Conference, http://www.privacyconference2003.org
The theme of this year’s Conference is “Prac-tical Privacy for People, Government andBusiness”. In this, the 25th year of the confer-ence looks forward to exploring advances inprivacy and building platforms and solutionsthat enhance the privacy choices of all citi-zens. The aim is to provide the opportunityfor Commissioners to engage in private and
thoughtful discussions as well as allowing fordebate with delegates and speakers from theprivate sector, public administration andother interested groups.
5.2. Market key drivers
5.2.1. Radio standards and spectrum allo-cation
Everybody agrees on the fact that RFID stan-dards are available. Indeed there are a lot of themincompatible one with the other. At the radio level,two of them are emerging as the most relevant:13.56 MHz ISO18000-3 and UHF (860-960 MHz)ISO 18000-6 as they are almost worldwide adopted(in the sense that the same tag is readable in USAand in Europe as well; see Section 3.2 for a generaloverview of ISO standards). The first one allows fortags to be read from a distance of a few centimetresand thus is suitable for ePayments, eTicketing, per-sonal identification. The UHF tag can be read froma reader placed some meters away and this makesit suitable for logistics and supply chain applica-tions. It should be noted that the ISO-18000-6 UHFspectrum standard though endorsed in most coun-tries by local legislation has not yet been madecompletely available by governments for actual ap-plications, as happens in France, Italy, Turkey. Thissituation blocks initiatives and market development.
Relevance should be given to EPCglobal thatis the only body active on the definition of globalstandards for the Supply Chain on radio level, cod-ing level, software interface level in order to allowfor an open supply chain and goods traceability.
5.2.2. RFID versus barcode
As was described in 2.2.4, RFID technologypresents advantages over BarCode technology (noline of sight, environment independent, etc). Also,RFID tags can be read through e.g. the sides of acarton aggregated package. Major drawbacks aretechnological and related to known interference ofradio signals with metals (reflecting radio waves)and water (absorbing radio waves) that makes ithard to use this technology on water bottles (almostsolved with EPCglobal Class 1 Gen 2 tags) and onbeer cans. RFID is a new technology and still re-quires fine tuning of antennas and readers in orderto achieve a high rate of read success.
RFI
D te
chno
logi
es
85
Tech
nica
l Rep
ort S
erie
s
The barcode technology is mature and is reli-able at higher level than RFID. Moreover the tag it-self has negligible cost (see Section 5.2.5). One ofthe main drawbacks is the need for human inter-vention in reading the tag in order to find the tagon the package and to point the laser reader on it.
Last but not least the barcode only identifies aclass of items while RFID (actually EPC) has thecapability of identifying the item itself.
Retail supply chain is today still relying heav-ily on barcode technology and the drivers to moveto a new expensive and not yet stable technologyare to be carefully evaluated by all actors (see: TheROI issue).
5.2.3. The “return on investment” challenge
This is the main issue put forward by firmsevaluating the opportunity of introducing RFIDtechnology. Most companies being forced byWal*Mart to supply goods tagged with RFID havechosen the so called Slap-N-Ship solution: they justadded RFID printers station on outbound logisticsgates and tag packages while they are beingshipped. This is also called the “Compliance” or“Mandate” solution, the minimum investmentneeded to comply with the retailer requirements.This makes the point in the sense that it is felt bycompanies as an add-on cost affecting retail prices.
The point made by RFID technology manu-facturers and consultancy firms is that this technol-ogy can support the automation of the production
and distribution processes, improving quality con-trol and thus allowing for cost savings and overallbetter performances. This can be achieved bythinking of internal processes in a completely newway and restructuring the company. This would re-quire major expenses and investments with the in-volvement of consultants for the reorganization ofthe processes specialized firms to identify theproper RFID technology (active/passive, frequency,packaging, reader gates,…), software companiesproviding applications, system integrators to puttogether the new system with legacy systems. Thequestion is what would be the return of these in-vestments: most companies today feel that theadded value of putting RFID to work does not de-serve the required effort.
5.2.4. Privacy concerns
Since RFID tags can be scanned at a distance,people having with them items tagged with RFIDcould be scanned by RFID readers without thembeing aware. And if there is some way to associatethe tagged items with the identity of people (e.g. thefidelity card or the bank card used when the itemswhere bought) then there is a privacy abuse issue.Although Class1Gen2 are claimed to be very secureand they can be “killed”, still there is no way to en-sure that this is effectively done and, any how, peo-ple are very concerned with the possible misuse ofthe technology. Retailers are consequently veryconcerned on the issue because if they adopt theRFID technology, customers might prefer to choosemore privacy enhanced solutions.
5. R
FID
mar
ket p
ersp
ectiv
es
86
Tech
nica
l Rep
ort S
erie
s
42 Source: ASK
Figure 5-3: RFID applications evolution42
It has to be noted that these concerns are notreferring to “people identification” applicationsthat are already being successfully deployed (Fig-ure 5-3). The focus is here put on the possible as-sociation of the identity of people and the taggeditems they are carrying with them. Without thembeing aware, a reader might get the data of e.g. themedicine they are carrying in the bag, thus en-abling the identification of their health status.
5.2.5. The tag cost
Currently (April 2006) major technologyproviders say they might accept big orders of pack-aged Class1Gen2 RFID tags for 0.20 USD each.The tag price is decreasing but the added cost isnot yet acceptable for applications at item level(except for valuable goods), see Figure 5-4. Tagprice is expected to drop within a few years downto the 0.05 USD that, analysts say, will boost thewide scale adoption of item level tagging. The tagprice is dependent on a number of factors relatedto the silicon chips, the packaging (putting to-gether the chip with the antenna on a suitable car-
rier e.g. a paper sticker), the royalties for patentsand indeed is influenced by the still small demand.From a hard technology standpoint the researchbeing carried out on polymer based IC, and on al-ternative radio technologies (e.g. Digital ChiplessTag), might bear results in short time. Metallic inkprinting is already used to “print” antennas on thetag package instead of using photolithographytechnology. Figure 5-5 presents categories of tech-nologies related to cost and volume of tags.
The price performance contest will probablynot be an issue, at least in logistics applications.In fact EPCglobal philosophy sounds like “keep allintelligence out of the tag”: the tag is needed justto identify goods and putting too much informa-tion on those might result in greater possibility forcounterfeiting. Moreover the logistics RFID mar-ket will be volume based. A different evolutionarypath might take place for active tags: as prices falldown and as, once purchased, active tags are ex-pected to function for some time, manufacturersmight push more capabilities on board in order tokeep the prices high.
RFI
D te
chno
logi
es
87
Tech
nica
l Rep
ort S
erie
s
Figure 5-4: Average TAG price per application 2006-2016
Figure 5-5: Technologies appropriate to the different level of TAG cost and volume
5.2.6. Goods traceability
As already mentioned the Electronic ProductCode (EPC), information component of the RFID tagencompasses the identification of each single item,whereas the bar code is capable of the identifica-tion of an item class. This means that the EPC on,e.g. a heating equipment, allows ideally anybodyto go back to where and when it was built, withwhich components etc. This helps very much themaintenance of the equipment as the field techni-cian can rapidly identify the spare parts needed forthat specific item. The manufacturer can as wellcheck for problems common to that specific ship-ment and eventually recall the equipment to solvepossibly harmful defects. This would highly en-hance the quality of the products as well as the“after sales” services. Moreover, Governments havethe opportunity to require manufacturers to be ableto rapidly recall defective goods, either equipmentor food, possibly relevant to the same shipment, inorder to ensure population safety.
5.2.7. “IT doesn’t matter” paradox
From a more general standpoint, there is a stillongoing discussion on the fact that a company in-vesting in IT does not necessarily perform betterthan the others. A provocative article (Carr, 2003)sustained that IT is becoming a commodity (is awidely available not differentiating resource) and in
this context it is preferable to be a follower than aleader with respect to IT innovation. This reflectswhat is a common feeling, especially in case ofSMEs that typically are reluctant to invest in ICT in-novation because this implies either the training andallocation of skilled resources or expensive out-sourcing solutions. In both cases resources wouldbe diverted away from the core business. The dis-ruption of this situation might come from external(international) competition that will probably forceICT “laggards” to recover the situation in order tocooperate with peers and widen the market reach.
5.3. Strengths, weaknesses, opportunities, threats
A SWOT Analysis is “a strategic planning toolused to evaluate the Strengths, Weaknesses, Op-portunities, and Threats involved in a project or ina business venture or in any other situation requir-ing a decision”.43 Though no decision issue isbeing tackled in this document, this tool might befound nevertheless helpful to give a more syntheticview on the question whether, in very generalterms, it is worthwhile to a company to make in-vestments in RFID technology. Table 5-1 presentsa mapping of the described market drivers on aSWOT analysis chart, together with other elementspresented in more details later in the study.
5. R
FID
mar
ket p
ersp
ectiv
es
88
Tech
nica
l Rep
ort S
erie
s
43 http://en.wikipedia.org/wiki/SWOT_Analysis
Table 5-1: SWOT analysis of RFID market perspectives
STRENGTHS: What are the factors that make it valuable?
- Technology characteristics: radio readable, programmable,compact, robust, low power,
- Maturity: the technology providers market is well devel-oped;
- Large scale projects are moving onward and give feedbackvaluable field experience;
WEAKNESSES: What are its actual limitations?
- Technology limitations: e.g. the tagging of metal or waterrich (including food) stuff is often unreliable;
- Still expensive in terms of tag, equipment, implementationfor a number of applications;
- Lack of well established standards: many are in place andpoor agreement on which ones will survive.
OPPORTUNITIES: What are the factors pushing for it?
- RFID can help European small companies in finding newways to aggregate and compete with larger companies;
- An enhancement of the overall quality of the productioncan be achieved with an automated monitoring;
- Keeping update with the technology will allow to keepcustomers (e.g. Wal*mart);
THREATS: What bad factors might hamper the investment ex-ploitation?
- By making poor analysis about where are the technologybenefit in the foreseen RFID application, there is the risk ofmissing real benefit;
- In some cases the undervaluation of non technical issues(e.g. fear for security issues by people) might lead to unsuc-cessful results;
- Though the technology is quite mature, patents on RFIDare continuously being submitted: the most promisingtechnology today might be displaced by a new one beforethe mass adoption.
5.4. Market forecasts and trends
5.4.1. RFID maturity: the hype cycle
Technology consultant Gartner propose theRFID Hype Cycle scheme (Gartner, 2005a), pre-sented in Figure 5-6. This is a curve that will be tran-sited by any new technology at different speeds.Instead of a time axis there are five maturity phases.The other axis represents the “visibility” factor indi-cating how much the technology/application isunder the spotlights.
The interest in a technology, in very generalterms, Gartner says is initially triggered by somedemonstration or proof of concept which is givenresonance by the media. Then enthusiastic expec-tations will take the stage with often unrealisticprojections. After a number of failures the atten-tion will be lost while the technology is still thereand becomes better understood in its potential andlimitations. At that point it starts to be applied in aneffective way through the availability of matureproducts.
As far as the hype cycle for RFID technologiesand applications (Figure 5-6) (Gartner, 2005c),most of them are still considered to be immature.Though with sometimes questionable distinctions,Gartner’s position is that much resonance hasbeen given to the potential of RFID but still thereis a number of scattered technologies under thesame umbrella without a common rationale andmost applications are still mainly just a matter fornewsletter’s breaking news. Nevertheless, takinginto account the colour code (light blue ones) ofthe bullets on the curve, it is clear that they agreeon the fact that in a few years a number of themwill become mature. Apart from military applica-tions that are subject to quite peculiar rules, thematurity is being currently reached by asset track-ing and management applications (healthcareand/or industrial) and in others where tags can bereused (Library Management, Returnable Assets).This can be easily explained by considering thatthe tags are still expensive and their reuse can dra-matically lower OPEX44 components in ROI cal-culations and make the application profitable.
RFI
D te
chno
logi
es
89
Tech
nica
l Rep
ort S
erie
s
44 Operational Expenditures (OPEX) are the on-going costs for running a system while Capital Expenditures (CAPEX) refer to the cost of sys-tem development
45 Source: Gartner 2005a
Figure 5-6: RFID hype cycle45
It has to be noted that Gartner’s analysis doesnot take into account RFID for personal identifica-tion.
5.4.2. Market forecasts
Any RFID market forecast should be carefullyevaluated with respect to the actual market it is re-ferring to. A number of figures are made availableto the public at conferences and on the web aswell as in specialized reports, and they seem topropose sometimes contrasting numbers. In thefollowing we will provide for a rationale to under-stand figures provided by Gartner Research andIDTechEx.
The first issue to take into account is the un-derlying market segmentation. As explained in the
previous chapters, the term RFID encompasses a
very broad variety of technologies and application
areas and forecasts often refer to only a few appli-
cation areas. As an example Gartner (Gartner,
2005b) claims that the RFID market will experi-
ence an annual growth rate somewhere between
30% and 50% in the years 2004-2010 ending up
at 3 billion USD in 2010 (see Figure 5-7). They say
this refers to “the use of RFID technologies within
a supply chain environment to improve the visi-
bility, management and security of cargo ship-
ments or supply chain assets, such as conveyances
or valuable mobile assets. The applications and
hardware that are used outside of the above envi-
ronment were excluded. These would include
consumer uses, such as contactless smart cards.”
5. R
FID
mar
ket p
ersp
ectiv
es
90
Tech
nica
l Rep
ort S
erie
s
Figure 5-7: RFID, worldwide size and growth, 2004-2010
This means that they include in the forecast
both passive and active RFID technologies of all
kind in Supply Chain applications. They exclude
any non supply chain related application (in ad-
dition to the explicitly cited contactless smart
cards) and thus animal identification, highway
toll payment, patient tracking and blood-patient
cross check in healthcare, and, (it is not clear)
ship container management and tracking. More-
over, although not explicitly tackled by Gartner,
we might assume that the forecast refer to both
CAPEX (needed HW and SW and other infrastruc-
ture as well as initial set-up services including
consultancy) and OPEX (consumables and oper-
ational services) related to RFID projects.
IDTechEx (2005a) provides an overall forecastfor RFID technology. With this approach the(about) 12 billion USD figure in 2010 is compati-ble with but not directly comparable to the Gart-ner’s 3 billion USD. Neither is the 2006 IDTechEx2500 million USD vs. Gartner’s 700 million USDin the same year.
The IDTechEx report provides some moredata as depicted in Figure 5-8. The bottom seriesrepresents the tag (both passive and active) marketvalue which is then splitted into the different appli-cation areas in Figure 5-9. The two bottom series(“Item” and “Pallet/Case”) in Figure 5-9, can be as-sumed as the only ones referring to supply chainapplications.
Figure 5-8: Total RFID market projections 2006-201646
RFI
D te
chno
logi
es
91
Tech
nica
l Rep
ort S
erie
s
46 Source IDTechEx, 2005a47 Source IDTechEx, 2005a
Though IDTechEX does not provide a splittingof the non-tag costs (hardware, software, services)per application area, we can have an indicationby observing in Figure 5-9 that these are more than
the tags costs. By extrapolating this observationand applying it to the two bottom line series in Fig-ure 5-8, we can get values comparable to Gartnerones.
Figure 5-9: RFID tag market forecast47
A comparison is proposed in Figure 5-10where it can be seen that the two mainly agree onthe dimension of the market but IDTechEX seemsto forecast a steeper growth.
Figure 5-10: IDTechEx (elaboration) andGartner forecasts comparison
It is also evident that the major share is takenby Supply Chain applications that make almosthalf of the total. Nevertheless it should be notedthat, though item level tagging will determine anexponential growth of passive tag volumes, it is ex-pected that the other applications will keep thepace. Among these, importance is given to animaltagging and electronic payment.
As far as geographical market distribution, itshould also be noted that East Asia, which cur-rently stays quite behind Europe and US is ex-pected to gain the greatest share, as manufacturingwill probably be massively moved to China.Nowadays, Europe is placed quite behind the USbut it is expected to gain a comparable positioning(Figure 5-11). It should also be noted that Europehas still national frequency allocation issues to beresolved, that might put obstacles to the diffusionof EPCglobal applications in EU.
Figure 5-11: Total spend on RFID systems,service and tags by territory48
5.5. RFID patents
The number of patents assigned between year1974 through 2003 is 427949 and 697 in the year2004, with a year on year increase of 65% in thelast few years.50 These numbers give an idea of thegrowth of interest by manufacturers in this field. Astudy made by RFID Journal in 200551 reportssome 150 patents to be relevant to RFID market.These are classified into four Technical QualityRatings hereafter reported:
1. The most significant blocking RFID patents.They usually include a breakthrough tech-nical specification and will be extremelydifficult or impossible to work around.
2. Important patents with key technical inno-vation that appear to be difficult to workaround when designing certain RFID prod-ucts.
3. Useful patents with significant technical in-novation but narrower scope. While theyhave technical merit, there are alternativesolutions that could be implemented if nec-essary.
4. Secondary patents that – while perhapsuseful for some special products –appearonly marginally useful in mainstream RFIDapplications.
5. R
FID
mar
ket p
ersp
ectiv
es
92
Tech
nica
l Rep
ort S
erie
s
48 Source IDTechEx, 2005a49 http://www.highimpactip.com/report_intro.htm50 http://www.centredoc.ch/en/centreE.asp/0-0-2667-132-76-0/, http://www.dutchrfid.com/artikelen/rfid/rfid-watcher-for-patents.html51 http://www.rfidjournal.net/live05/IP/Room_miss_100pm_stewart.pdf
Table 5-2 presents these 150 patents in 2005by owner company and rank. It should be noted
that all of them are US based with the exception ofTadiran that is Israeli based.
RFI
D te
chno
logi
es
93
Tech
nica
l Rep
ort S
erie
s
52 http://www.rfidjournal.net/live05/IP/Room_miss_100pm_stewart.pdf53 http://rfidtribe.com/news-05-12-19.html
Table 5-2: Patent ownership summary (RFID Journal Live52)
Company A-Patents B-Patents C-Patents Total
Intermec 7 13 9 23%
Checkpoint 1 8 10 10%
Motorola 3 5 6 10%
Micron 1 5 7 7%
Avid 2 2 — 5%
Lucent 1 3 2 5%
Samsys — 3 2 3%
TI 1 — 2 2%
Sarnoff 1 1 — 2%
3M 1 — — 2%
Alien 1 — — 2%
Marconi — 2 1 2%
Northrup — 2 1 2%
Tadiran 1 — — 2%
Tek 1 — — 2%
U of Pittsburgh 1 — — 2%
Others — 20 25 19%
It should be noted that, with reference to thehighest RFID volume application i.e. integrated lo-gistics and EPCglobal, there is an ongoing legalwar on how the patents should be used. Patentsholders are demanding high licensing fees (5%),that no one is considering to pay. The most criticalissue regards Intermec that claims a number oftheir patents is critical to Class1 Gen2 RFID, themost recent and promising EPCglobal spec. Nowa-days Intermec and Alien Technology are disputinga legal battle on ten patents, the first saying theywere infringed by the second and the secondclaiming that the patents are themselves invalid.
Nevertheless a couple of initiatives are to bereported. The first one was originated by Intermecthat – with its “Rapid Start RFID Program” – hasinitially offered five critical patents for free and an
additional nine patents on a “RAND” (reasonableand non-discriminatory) condition. But EPCglobaldid not recognize the Intermec patents to be criti-cal and Intermec thus revoked the offer and issuedfour patents portfolios.
On an opposite side Alien Technology and oth-ers53 have formed an RFID Consortium and selectedMPEG LA (http://www.mpegla.com/index1.cfm) asadministrator of the consortium patents. The char-ter of the Consortium has not yet been published.
As more than 4000 patents refer to RFID tech-nology with some 270 companies involved and 20major patents owners it is likely that some litiga-tion and/or licencing costs will be passed to users,also taking into account that a number of keypatents are not referable to any particular specifi-cation and so cannot be easily overcome.
5.6. RFID and SMEs
It can probably be said that every on-goingRFID project has been initiated by a big com-pany either running the project entirely on itsown or it has also forced other companies, alsosmall ones, to get the technology. As explainedin the “Demand key issues” paragraph, the fact isthat today putting the RFID technology in placeis very expensive in terms of equipment, consul-tancy to set up the equipment, human effort andcultural leap and consultancy to reorganizeprocesses.
The result is that smaller firms, when forced,adopt the so-called “slap-n-ship” or “compliance”solutions: just what is needed to comply with therequirements issued by vital customers e.g.Wal*Mart and METRO. For this purpose manufac-
turers are providing all-in-a-box packages madeby e.g. Reader+Antenna+Printer+Software neededto properly tag goods just when they are next tobe shipped. All analysts agree on the fact that thisRFID application has negative ROI. Project costswill sooner or later be passed on to the final cus-tomer.
A widespread usage of RFID in the supplychain and a more pervasive knowledge and cul-ture about when and where it is to be successfullyapplied, will eventually drive SMEs to integrationof RFID technologies into their processes.
As far as non supply chain related RFID, it hasto be recalled that - as it often happens - the diffu-sion of these technologies within the mass marketmight also pull SMEs to adopt some of them tobenefit their businesses.
5. R
FID
mar
ket p
ersp
ectiv
es
94
Tech
nica
l Rep
ort S
erie
s
6. Socio-economic aspects of RFID
RFI
D te
chno
logi
es
95
Tech
nica
l Rep
ort S
erie
s
RFID is a technology which enables a low-cost connection between the physical world andlarge-scale networks. It is to be expected that sucha technology has far reaching implications for oursociety. The wide spread application of this tech-nology raises privacy and security concerns; otherimplications of the application of this technologycan be foreseen in the social interaction betweencitizens, and in economic transactions betweenactors in the market. This issue also includes thehuman aspects related to the use and acceptanceof this technology, i.e. awareness, trust, and userrelated issues of technology transfer.
It is important for technology developers andpolicy makers to be aware of the socio-economicand legislative implications of large scale RFID de-ployment, so that in technological developmentand policy making appropriate measures can betaken to incorporate accepted social values in de-velopment and application of this technology.
The application of RFID might have specificeffects on the workplace (i.e. cost reduction anddevelopment of new services) and as a conse-quence have large effects on the employment mar-ket in general. An adequate legal framework willbe necessary to guarantee a widespread adoptionand application of RFID technology.
In this chapter three issues will be dealt withrelated to the socio-economic and legislative as-pects of the widespread deployment of RFID in oursociety:
• Legal, social and economic aspects of thewidespread deployment of the various RFIDclasses identified;
• Influence of the introduction of RFID on theworkplace and the employment market;
• Training requirements due to the wide-spread adoption of RFID technologies.
• In order to elaborate on these issues the fol-lowing questions have to be answered:
• Which legal, social and economic aspectsof the widespread deployment of RFID canbe identified?
• Which of these aspects are applicable toRFID technology in general and which ofthese aspects are specific for the various ap-plied RFID tag classes?
• What are possible (positive and negative)effects of the RFID technology on the work-place and the employment market andwhich conclusions can be drawn on thebasis of analysis of these effects?
• What kind of different training requirementscan be foreseen in relation to the wide-spread adoption of RFID technologies andwhich conclusions can be drawn in thiscontext concerning the development andsupply of adequate training facilities?
6.1. Framework of the study
6.1.1. Aims and objectives
The aims and objectives of this chapter are togenerate an assessment of the socio-economic andlegal-ethical aspects that may hinder or promotethe diffusion of RFID in Europe. The study has toanalyze what main barriers to adoption exist inorder to clarify what makes adoption problematic.This analysis also has to elaborate on what can besaid about cultural differences with respect toadoption issues.
The study results into a systematic appraisalof barriers and problems to widespread deploy-ment and adoption of RFID in Europe. This studyhas the form of an essay. The essay describes dif-ferent relevant perspectives and develops an argu-mentation for further policies and practices basedon both an assessment theory-based frameworkand an evidence based framework
6.2. Methodology and reading guide
In order to deal with the socio-economic/leg-islative issues described above the followingmethodological approach was applied. The ap-proach consists of two main parts.
The first part entails a systematic inventory andanalysis of legal, social and economic aspects of thewidespread deployment of RFID technology, spec-ified according general issues and (if relevant) ac-cording to issues related to specific RFID tag classes.This analysis also includes the user relatedprocesses of diffusion and acceptance of RFID-tech-nology. In section 6.4 we describe various aspectsof diffusion and adoption of RFID-technology. Insection 6.5 we deal with aspects of trust and accept-ance of RFID-technology.
The second part (section 6.6) includes the in-ventory and analysis of labour and employment is-sues in relation to the application ofRFID-technology and in addition gives anoverview of training issues related to the operat-ing issues of RFID technology.
To analyze the socio-economic and legal as-pects of the wide-spread deployment of RFID thefollowing methods were applied in this study:trend analysis based on desk research and impactanalysis and policy options analysis based on ex-pert discussions.
Each task was carried out on the basis of deskresearch (analysis of concept and models, variousopinions, written statements and reviews of trendsand developments) and discussions in the projectteam.
Based on an analysis of these issues a num-ber of conclusions have been formulated concern-ing awareness activities, marketing efforts andtraining requirements which will be needed or canbe foreseen in relation to the widespread adoptionof RFID technologies.
6.3. Theoretical framework on adop-tion and diffusion of technology
This section brings into focus the process ofadoption and diffusion of RFID technology. An im-portant aspect from the perspective of diffusionand adoption of RFID technology is the issue ofuser perception in relation to the use of RFID ap-plications. This issue is related to research on inno-vation diffusion and also to technology acceptanceand adoption in general terms.
Information technology adoption research hasbeen a key stream in the behavioural sciences for
many decades. Research in this area has becomeparticularly important to fields of organizationalbehaviour and management of information sys-tems, given the diffusion of technologies in homesand deployment of information technologies in or-ganizations. This research area also includes stud-ies on the acceptance, adoption and usage of RFIDtechnology, although results of research related tothis topic are still rather scarce.
Diffusion and adoption of RFID technologycan be considered first of all from the viewpoint ofdiffusion of innovation. General theories on inno-vation diffusion will also apply to the introductionof RFID technology in organisations. The same istrue for more specific theories on technology ac-ceptance.
6.3.1. Main theories on diffusion of inno-vation and technology acceptance
Various primary theories have been devel-oped with regard to the acceptance of informationtechnology: i.e. Innovation Diffusion Process The-ory, Theory of Reasoned Action, Technology Ac-ceptance Model, Theory of Planned Behaviourand the Socio-Technical Systems Theory.
All these theories are in general terms applica-ble to the process of introduction, acceptance andapplication of RFID technology. It goes beyond theframework of this study to discuss these theoriesin more detail. However, some insight into maintheories on diffusion of innovation and technologyacceptance might be helpful in understanding theprocess of diffusion and acceptance of RFID tech-nology.
6.3.2. Innovation diffusion process theory
In 1962 Rogers published the first version ofhis book ‘The Diffusion of Innovations’, in whichhe presented his Innovation Diffusion Process The-ory.
The model defines a process by which mar-ket actors adopt a new innovation (see Table 6-1).Actors must first become aware of the innovation.Once awareness of an innovation is established,market actors can at any point enter a persuasionstage during which the actors seek and process in-formation in order to decide whether to adopt theinnovation. The timing of the active portion of this
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
96
Tech
nica
l Rep
ort S
erie
s
stage is highly dependent on the individual andthe context in which the individual is operating.At several points in time, the market actors maymake a decision not to adopt, to postpone adop-tion, to continue the search for information, or toadopt the new innovation.
This persuasion stage is followed by an imple-mentation stage in which the actors enact the de-cision. Finally, actors revaluate or confirm theirdecisions to adopt and/or their implementation ofthe decision. The result may be either continuanceor discontinuance of the adoption.
RFI
D te
chno
logi
es
97
Tech
nica
l Rep
ort S
erie
s
54 Source Rogers, 1962
Table 6-1: Phases in the development of innovation diffusion processes
PHASES TYPOLOGY ACTIVITIES
1 Knowledge/Awareness People learn about the innovation
2 Persuasion People are persuaded as to the merits
3 Decision People decide to adopt
4 Implementation People implement the innovation
5 Confirmation People reaffirm or reject the decision
In general, supporting innovators and earlyadopters will give a boost to innovation processes.But the time frames for adopting an innovation canbe compressed or fairly lengthy. For example,awareness of an innovation may precede the deci-sion to adopt by months or years. Further, the de-cision to adopt and the implementation of thedecision may be separate acts and may be sepa-rated in time (Reed, Erickson, Ford and Hall,1996).
As an extension of the Innovation DiffusionModel, Rogers (1995) and Reed and Hall (1998)have identified some prior conditions which influ-
ence the awareness phase (see Figure 6-2). Theyalso identified some characteristics of the decisionmaking unit which have an influence on thecourse of the awareness phase. They also discov-ered that in the persuasion phase a number ofproduct characteristics play an important role inthe innovation diffusion process:
• Relative advantage
• Compatibility
• Complexity
• Ability to carry out trials with the product
• Ability to observe the product.
It is understandable that not everybody willgo with the same speed through such an adoptionprocess. Rogers has made plots of the percentageof people who adopt an innovation in relation totime. This generates a hyperbolic-form cumulative
frequency distribution and on basis of this curvehe subdivides a population in five general cate-gories of people regarding their role in innovationprocesses (with average occurrence in a normalpopulation in %) (See Figure 6-1):
Figure 6-1: innovation diffusion process theory54
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
98
Tech
nica
l Rep
ort S
erie
s
55 Source: Rogers 1995, Reed and Hall 199856 Source: Davis, 1986
Figure 6-2: Revised innovation diffusion model55
6.3.3. Technology acceptance model
In studying user acceptance and use of tech-nology, the Technology Acceptance Model (TAM),first developed by Davis in 1986, is one of themost cited models (see Figure 6-3). According tothe TAM, ‘perceived usefulness (PU)’ and ‘per-ceived ease of use (PEoU)’ are primary motiva-tional factors for accepting and using newtechnologies. PU is the degree to which a personbelieves that use of technology will produce better
outcomes. ‘Useful’ refers to ‘capable of being usedadvantageously.’ In contrast, PEoU is the percep-tion about the degree of effort needed to use a par-ticular system. In this case, ‘ease’ is conceptualizedas ‘freedom from difficulty or great effort.’ Accord-ing to the TAM, if a user perceives a specific tech-nology as useful, he will believe in a positiveuse-performance relationship. Since effort is a fi-nite resource, a user is likely to accept an applica-tion when he perceives it as easier to use thananother (Rander and Rothchild, 1975).
Figure 6-3: Technology acceptance model56
6.3.4. Unified theory of acceptance anduse of technology
A large number of studies have been con-ducted using the original Technology AcceptanceModel or an extended version. In an attempt to in-tegrate the main competing user acceptance mod-els, Venkatesh et al. formulated the Unified Theory
of Acceptance and Use of Technology (UTAUT).This model (see Figure 6-4) was found to outper-form each of the individual models (Venkatesh etal., 2003). In this model also social influences andfacilitating conditions are taken into account aswell as issues like age, gender, previous experi-ences and how voluntary actual use is for a user. R
FID
tech
nolo
gies
99
Tech
nica
l Rep
ort S
erie
s
57 Source: Venkatesh et al. 2003
Figure 6-4: Unified theory of acceptance and use of technology57
6.4. Trust and acceptance of RFIDtechnology
The success of a technological innovation de-pends heavily on the adoption by consumers. Inthis context the development of trust between theservice provider, the consumer and the systems isof paramount importance. Therefore we analysehere the relation between trust and acceptance ofRFID technology.
The concept of RFID technology has a ratherbroad meaning in terms of technologies applied.A main difference between various technologies isbased on the kind of RFID tag classes which areused: active tags or passive tags.
Trust is an issue related to RFID technology,but in general trust will be of more importancewhen it is related to ‘active’ tags than it is for ‘pas-sive’ tags because when tags become more activeand are more sophisticated the implications of
their actions and any errors they could make be-come more serious. Trust becomes very importantwhen users may suffer physical, financial or psy-chological harm because of the actions of RFIDtechnology. This section describes various aspectsof trust in relation to the acceptance and adoptionof RFID technology.
6.4.1. Definition of trust
Many different definitions of trust exist. In thegeneral definition of Rotter (1980) trust is ‘a gener-alized expectancy that the word, promise, oral orwritten statement of another individual or groupcan be relied upon.’ In the context of RFID tech-nology, this means that the RFID technology canbe relied upon to do what it was instructed to do,meant to do and clarified to do.
But it is also necessary that people are in a sit-uation in which they are or might be vulnerable to
actions of someone else. Without this vulnerabil-ity there is no need for trust. In the context of RFIDtechnology this means that people are no longercontrolling the software directly, but that they letthe process act on their behalf and that they ac-cept the risks that this may entail.
Therefore Bickmore and Cassell (2001) havedefined trust in relation to the application of tech-nology as ‘people’s abstract positive expectations,that they can count on this technology to care forthem and be responsive to their needs, now andin the future’.
Patrick (2002) defines trust in this context as‘user’s thoughts, feeling, emotions, or behavioursthat occur when they feel that technology can berelied upon to act in their best interest when theygive up direct control’.
Another aspect is that trust in information sys-tems is often seen in the tradition of cognitive psy-chology. While this approach has madeconsiderable contributions to computer scienceand systems engineering, it is to be expected thatit will not facilitate our further understanding oftrust and adoption of RFID technology.
In the technical literature trust is considered asa purely cognitive process. It is often treated as autility function that system users try to maximise fortheir own benefit. However, trust is a non-cognitivefunction that cannot always be approximated wellby mathematical constructs. Approaching trustwithin its social context may provide a more pro-ductive alternative. Seen from this perspective, twoobservations are important;
Asymmetry in data collection
Collecting personal data by tracking the ac-tivities of individuals will be unacceptable for theconsumer if it is not reciprocal or transparent. Thatis, not knowing which organisation is collectingthe data, how this data will be used, how to cor-rect errors in the data and whether to expect a re-turn describes the relationship as non-reciprocaland not transparent and introduces asymmetrymaking it unacceptable for the consumer.
The fact that our profile is formed under cir-cumstances that are well beyond our control, wecannot influence and that it is invisible to us intro-duces considerable stress to the relationship irre-spective of whether the profile is accurate or not.
Affective aspects of interaction
The communication and interaction principleimplies that rather than focusing singularly on thetrustworthiness of a system, the design should alsoaddress the affective aspects of interaction be-tween RFID supported commercial services andthe consumer and addresses the emotional impactof system usage.
The term ‘affect’ encompasses mood, emotionand feelings. Affect is a fundamental aspect ofhuman beings and as such influences reflex, per-ception, cognition and behaviour. Affective qual-ity is the ability of an object or stimulus to causechanges in one’s affect. Perceived affective qualityof a system has a positive impact on users’ per-ceived usability of the system.
Although cognition has received more atten-tion than affect in the past decades, researchers inseveral disciplines have realized the importance ofaffect and emotion (Ping, 2005). Studies in neu-ropsychology and social psychology assert that af-fect or emotion occurs before cognition, but alsointervenes with cognition. Affect and cognition canboth be considered information processing systems,but with different functions and operating parame-ters. The affective system is judgmental, assigningpositive and negative valence to the environmentrapidly and efficiently. The cognitive system inter-prets and makes sense of the word. Although effortsexist to bring affect and emotion concepts into stud-ies on user acceptance of technology, most of theexisting studies are based on the assumption thathuman beings are rational and behave based onlogical information-based thinking.
6.4.2. Trust-risk model of RFID success
Patrick (2002) has developed a model of ac-ceptance of new technology (in his specific situa-tion developed for the acceptance of intelligentagents), based on the separation of trust from per-ceived risk. This model is an extension of the e-commerce loyalty model developed by Lee, Kim &Moon (2000), which is used to describe user atti-tudes towards e-commerce applications and trans-actions. This model could also be applied to trustin relation to RFID technology.
The idea behind the model of Patrick is thatfeelings of trust and risk can be established quite
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
100
Tech
nica
l Rep
ort S
erie
s
independently, and together they determine thefinal success of the technology. Trust contributesto the acceptance of the technology in a positivedirection; while risk contributes in a negative di-rection. The effect is that the two factors interactwith each other, so that technology connectedwith a low degree of trust may still be successful ifthere is also a low perceived risk. But it is also pos-sible that in very risky situations no amount of trustis able to offset the risk perceived by a user, and insuch a situation it will become very difficult to ac-cept the involvement of a specific technology.
It is important to stipulate that the model dealswith risk perceived by the user, and this percep-
tion may, or may not be related to the actual riskof the technology employed in the technology sys-tem.
In the trust-risk model of technology success,developed by Patrick (2002), a number of factorsare identified which contribute to trust and a num-ber of factors which contribute to perceived risk.
In Table 6-2 various factors contributing totrust will be identified and described in short andspecific recommendations will be connected witheach of these factors with regard to the building oftrustworthy RFID technology. In Table 6-3 thesame will be done for the various factors contribut-ing to perceived risk.
RFI
D te
chno
logi
es
101
Tech
nica
l Rep
ort S
erie
s
Table 6-2: Factors contributing to trust
Factorscontributingto trust Descriptions Design recommendations
Ability to trust People possess a basic trust as a relative stable Developers should take into account that personality characteristic, but people do not users may differ in their baseline level of trust. have the same baseline level of trust. Some people will need more reassurance than
others that the technology can be trusted.This means that interfaces must be flexible and be able to provide more information and reassurance for users that require it.
Experience Users can change their willingness to trust Designers should support a sharing function based on their experiences, of their own or so users can share and spread their (hopefully because of hearing about experiences of others. positive) experiences.
Predictable Systems and interfaces that perform reliably and Developers should ensure that the interface is Performance consistently are more likely to be trusted by users. consistent and predictable. This means adopting
Also response times should be consistent and a style guide or the use of interface guidelines inpredictable, in stead of variable and unpredictable. all parts of the system.
Comprehensive Systems that provide comprehensive information Technology systems must provide an image of information about their operation are more likely to be their operation so that users can develop a
understood, and more trusted. mental model of the way the system works. This also means allowing the users to observe and track the actions performed by the technology, both in real-time and after the fact.
Shared Values If users feel that the technology values the things Values between technology and their users can that they would, they will have more trust in the be shared explicitly, i.e. by involving informal agent. In interpersonal relationships, these shared social dialogues between user and systemvalues are often built through informal interactions, such as small talk conversations.
Communication The amount and effectiveness of communication The system should repeat its instructions, so that between the agent and the user also determines it is clear what the user understood. Error the amount of trust by the user. Continual messages should indicate what was understood feedback is important here. and what needs to be clarified. Through
communications it should be made clear what the capabilities and limits of the systems are.
Interface design The look and feel of the software that is used to Most of the generic attributes of good interfacecontrol the system, including factors as appearance, design also apply to designing system interfaces.functionality and operation, can contribute to trust by the user.
Table 6-3: Factors contributing to perceived risk
Factorscontributing to perceived risk Descriptions Design recommendations
Risk Users have a basic or baseline level of perceived System designers should design systems Perception risk. Basic approaches to risk assessment are: features that address each of these areas of risk Bias fatalism: users feel that they have no control assessment.
hierarchy: users feel that risks have to be dealt with A system may contain information to explain by controls and regulation individualism: users feel how users can have control over the risks they that risks should be taken when appropriate for are taking. the individual enclave: users feel that risks are systemic and have to be minimised by the suppliers of the technology
Uncertainty By reducing uncertainty also risk perception The more users know about a system and how will be reduced. it operates, the less they are uncertain about the
system and the less they will worry about risk taking.
Personal If more personal details are being provided to System developers should only ask forDetails the system, perceptions of risk are likely to increase. information that is necessary to do the job, and
avoid where possible asking for information that the users might consider sensitive.
Alternatives Lack of alternative methods to perform a task can Within certain limits system designers shouldlead to feelings of risk. offer alternative methods to perform a task.
Specificity If there is a sole supplier of a service, users may It is useful to offer more than 1 system to the feel that they are at more risk from exploitation user, in order to let him choose a preferred system.than situations where there are multiple suppliers and systems.
Autonomy Probably the most important factor in determining Passive tags are more trusted than acting tags.user’s feelings of risk towards a technology is the Systems can learn by monitoring what advice degree of autonomy granted to the system the user accepts or which action he undertakes,
and in this way learn by example, which might lead to less risk perception by the user.
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
102
Tech
nica
l Rep
ort S
erie
s
6.4.3. Evidence based analysis of acceptanceand adoption of RFID technology
Consumer opinions: results of consumer sur-veys
According to a survey conducted in October2003 amongst more than 1000 U.S. consumers,the majority of those polled were unfamiliar withRFID (CAP, 2004). Over three-quarter of the sam-ple – 77% - had not heard of RFID. Confirming thegeneral lack of knowledge about this technology,nearly half of the group aware of RFID had ‘noopinion’ about it.
The unfamiliarity with the concept of RFIDextended even to those consumers who might beusing it. Many of the survey respondents did notknow that the consumer passes they were usingdid employ RFID technology.
Consumers who did have an opinion aboutRFID expressed a variety of views about whether
or how this technology would affect them. Con-sumers were asked to rank a number of pre-pro-grammed benefits, like improved security ofprescription drugs, faster and more accurate prod-uct recalls, improved price accuracy, faster check-out times, reduced out-of-stocks etc.
When asked to rank this set off potential ben-efits of RFID, 70% identified recovery of stolengoods and improved food and drug safety high onthe list. A majority – 66% - also placed cost savingson the top of the list of benefits, although someconsumers were also concerned that RFID usewould instead raise prices. Consumers placed ac-cess to marketing-related benefits, like in-aislecompanion product suggestions, at the bottom ofthe list.
The most significant concerns expressed byconsumers familiar with RFID related to privacy.In response to both open-ended and promptedquestions (with pre-programmed answers), privacyemerged as a leading concern. Approximately
two-third of consumers identified as top concernsthe likelihood that RFID would lead to their databeing shared with third parties, more targeted mar-keting, or the tracking of consumers via their prod-uct purchases. Main reasons for their position arethe fear for increased marketing or governmentsurveillance.
A consumer survey conducted in 2004 by twomarket research companies revealed similar results(BIGresearch & Artifact, 2004). Of more than 8000individuals surveyed, fewer than 30% of con-sumers were aware of RFID technology. Further,nearly two-third of all consumers surveyed ex-pressed concerns about potential privacy abuses.Their primary concerns were on RFID’s ability tofacilitate the tracking of consumers’ shoppinghabits and the sharing of that information amongbusiness and with the government.
The RFID Consumer Buzz survey broke re-spondents into two categories: ‘RFID-aware’ and‘RFID non-aware’ consumers. Interviewers de-scribed how RFID works to the latter group prior toasking them about perceived benefits and con-cerns associated with the technology.
An interesting observation is that people whowere aware of RFID were more practical aboutbalancing the positives and the negatives. Thosewho were not aware seemed to be surprised tolearn about the technology, and they gravitatedmore toward the potential negative impact ofRFID. A conclusion from this observation could bethat it is better to inform people about the positiveapplications than to wait for them to discover thetechnology on their own.
A study carried out in 2005 by Capgemini(Capgemini, 2005) on what European Consumersthink about RFID identification and the implica-tions for business reveals in general the same re-sults. According to this study overall just 18% ofEuropean respondents had heard of RFID, with thelowest awareness recorded in the Netherlands andthe highest in the UK.
Interesting is that this study concluded that ofthose who have heard of the technology, percep-tions were mixed, with most viewing RFIDfavourably or having no opinion. Only 8% of Eu-ropean consumers have an unfavourable percep-tion of RFID.
The potential benefits from RFID that are mostimportant to European consumers relate to intrin-sic product improvements, such as better anti-theftmeasures, and improved security, safety and qual-ity.
The possibility of savings to consumers stem-ming from decreased manufacturers and retailercosts was also deemed important by respondents.Of somewhat lesser importance are supply chainimprovements like reduced out-of-stocks. Manyconsumers said that they would be willing to buyan RFID-enabled product to get the benefits thatare most important to them. However, fewerwould consider paying more to receive those ben-efits.
Privacy related issues are the most significantconcern about RFID among European consumers.More than half of the respondents expressed con-cern about the possibility of consumer data beingused by third parties, the potential for trackingconsumers via their product purchased, an in-crease in direct marketing, and the possibility thattags could be read at a distance. Health and envi-ronmental issues were of somewhat less concern.
During the open European consultation onRFID “Your Voice in Europe” (see chapter 8.11.3),a large majority of responders see security and pri-vacy issues as the main concern. In general onecould conclude that consumer perceptions relat-ing to RFID in the European countries were fairlysimilar to those identified in the U.S. research...Awareness of RFID in the U.S. was also low, but itwas a bit higher than in Europe. That is not surpris-ing given the heightened visibility of RFID in theU.S. as a result of the emphasis by the U.S. De-partment of Defence and large retailers such asWal-Mart.
The importance assigned to potential benefitswas similar in Europe and the U.S., although theorder varied slightly. For example, European con-sumers rated ‘Improved anti-theft capabilities” asthe most important benefit, followed by ‘faster re-covery of stolen items”. In the U.S., the order wasrevered.
U.S. consumers expressed somewhat greaterconcern than Europeans about privacy-related is-sues, such as the potential use of consumer databy third parties and increased direct marketing.This may be a result of the increased visibility
RFI
D te
chno
logi
es
103
Tech
nica
l Rep
ort S
erie
s
around RFID and activity by consumer advocacygroups in the U.S.
Protection of consumers: guidelines andcodes of practices
In order to deal with consumer concerns re-garding the use of RFID, various organizationshave developed on the basis of self-regulationguidelines and code of practices to protect con-sumers These guidelines and code of practices alsoserve as a basis for a further dialogue with con-sumers and consumer organizations. With the fur-ther development of RFID technology also theseguidelines and code of practices might need adap-tation to new ways of application of RFID.
Self regulation by the suppliers of RFID appli-cations will help to generate trust amongst con-sumers and users of these applications. Bypublishing guidelines and code of practices theRFID applications are made transparent to theusers. This gives the users the possibility to get in-sight in the aims and objectives of the data collec-tion and it reveals to the user to which extendthese data are used to support these aims and ob-jectives. They also give the user the possibility tocomplain against misuse of the system.
Self regulation does not come instead of aproper legal system to regulate the use of RFIDtechnology, but it has two advantages:
• It helps to generate trust amongst users, be-cause in the eyes of the users it raises thecredibility of the suppliers that the RFIDtechnology will be used in a proper andtransparent way.
• It makes it possible to develop a legal frame-work for RFID application which defines abasic legal regulation without a need to gointo to many details, which would lead to alarge amount of administrative burden, andwhich might block further innovation anddevelopment of RFID applications.
By comparing different guidelines and codeof practices a number of issues come forwardwhich are important for the acceptance of RFID byusers i.e.:
• The RFID system and any data stored orprocessed within it should be used only forthe stated purpose;
• The organisation operating the systemshould be transparent about the system’spurpose, the technologies used, the loca-tions of RFID tags and readers, and who isaccountable for the proper use of the sys-tem;
• The system should be protected by appro-priate security controls, and subject to in-ternal and independent audits;
• RFID tags should not be used to store orprocess personal information. Any otherdata should be erased from the tag before itis released from the organisation’s control;
• Where personal data must be associatedwith the system, that personal data shouldbe limited to that which is required for op-eration of the system, and should be de-stroyed after use;
• No member of the public should be forced,coerced or tricked into accepting an itemwith an RFID tag attached. The publicshould be able to remove or destroy tags,and provided with instructions on how todo so.
6.5. Diffusion and adoption of RFID
6.5.1. Introduction
In this chapter we will see how we can applythe theoretical framework on diffusion, and adop-tion of technology to RFID technology.
One main observation in the model of Rogersis that awareness precedes the decision makingprocess on RFID application and that the next stepin the innovation diffusion process is acceptanceand implementation of RFID technology (or rejec-tion of the technology).
Several market research studies have revealeda very low awareness amongst consumers on theexistence and meaning of RFID. One might expectthat the same is true for many producers and sup-pliers or intermediary organisations in the supplychain. Without a certain level of awareness of theRFID technology the next phases in the innovationdiffusion process (decision making, acceptanceand implementation) will not take place or at leastwill be staggered.
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
104
Tech
nica
l Rep
ort S
erie
s
So awareness creation amongst all the actorsinvolved will be very important for a well thoughtdecision making process on RFID implementation.
6.5.2. Stages of diffusion and adoption ofRFID
The possible stages of diffusion and adoptionof RFID in an ideal situation have been describedby Loretto (Loretto, 2005).
This description includes both the phases ofthe innovation diffusion process as described byRogers, but also the ‘perceived usefulness (PU)’and ‘perceived ease of use (PEoU)’ of the Technol-ogy Acceptance Model of Venkatesh et al. In anideal situation, according to Loretto, the stages ofdiffusion and adoption of RFID could be describedas follows:
• Stage 1: At this stage many adopters will beapplying RFID technology to their supplychain operation as a result of the require-ments of key trading partners. At this stagesome supply chain benefits will be realisedfor inventory, packing, shipping and orderfulfilment, but the application of RFID willbe seen as cost.
• Stage 2: The next stage will involve the in-creasing integration of RFID mature tech-nologies into existing IT infrastructure inorder to recoup investment and realise ad-ditional ROI benefits. Integration may thenhave immediate impacts on asset manage-ment efficiencies and order reconciliationperformance.
• Stage 3: At the moment integration has ex-tended RFID into existing infrastructure, itwill be possible to realise further gains insupply chain efficiencies by fundamentallychanging the way business is undertaken.This will require business process re-engi-neering to ensure that people, processesand technologies are aligned to supportbusiness objectives.
• Stage 4: Fully integrated systems can thenbe used to rapidly identify business issuesand respond to those issues along the sup-ply chain. Being able to do that will enablemore effective meeting of consumer needs.
Not many RFID implementations havereached stage 4 yet; many implementations arestill in stage 1 or 2.
The main reason for this is that RFID for sup-ply chain applications and certainly for other ap-plications is relatively new and no large-scaleimplementations have yet been carried out. Prod-ucts are often not completely faultless and as aconsequence it often takes considerable time to in-stall and perfect the RFID hard- and software ineach location.
Part of the problem to date is also that the em-phasis has been on the advantages for retailers, butnot on other companies in the value supply chain.The result is that many companies do not realise thepotential benefits of the technology. This is not onlytrue for the retail sector, but it is especially true forapplication domains in the public sector, likehealthcare, public transport, governmental services.
So, RFID is still a complex technology inwhich little experience has been gained in mostorganisations. The implementation of RFID has farreaching consequences for organisations and de-mands fundamental preparation. The preparationtime is relatively long at the moment, due to theimmature technology and the limited experiencewith RFID.
There is also sometimes a barrier in the fur-ther development of RFID applications by nega-tive opinions among consumers in relation to theRFID technology: privacy issues are one of themain issues here, but also other drawbacks can bestipulated by consumers.
The only way to jump the adoption barrier isthrough collaboration between all actors involvedin the value chain for products or services: thismeans i.e. the involvement of IT developer, themanufacturer, retailer and consumer right from thebeginning of the development of new RFID-appli-cations.
A proven step-by-step implementation ofRFID is effective and goes from study or proof ofconcept, pilots and small–scale projects to large-scale rollout
This process has already started by the inno-vators and early innovators and it is now time forthe early and late majority to take the necessaryinitiatives to start RFID application developments.
RFI
D te
chno
logi
es
105
Tech
nica
l Rep
ort S
erie
s
As identified by Rogers, this development will runthrough different phases of a diffusion of innova-tion process.
6.5.3. Issues in the RFID adoption in theretail industry: advantages and dis-advantages for retailers
RFID technologies has been in existence sincethe 1950s, but in the present situation adoption ofRFID in the retail environment is mainly stimulatedby large companies and to a less extend by the in-herent benefits of the technology on its own.
Several factors are driving retailers to push forRFID implementation, but one of the significant
advantages is the ability to remove inefficienciesfrom current supply chain management by usingreal time inventory information. We will give anoverview of advantages for retailers and we willalso mention some disadvantages for retailers. Thisinformation in based on findings in a study onRFID adoption in the retail industry (USA Strate-gies, Inc. 2005).
These advantages and disadvantages give in-sight into the ‘perceived usefulness (PU)’ and ‘per-ceived ease of use (PEoU)’ of RFID for retailers (seeTable 6-4 for a summary of these advantages anddisadvantages). In paragraph 6.5.4 the sameoverview of advantages and disadvantages is givenfor consumers.
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
106
Tech
nica
l Rep
ort S
erie
s
Table 6-4: Overview of retailer advantages and disadvantages
Retailer advantages Retailer disadvantages
Real time inventory information Cost and return on investment
Decreased labour costs Middleware issues
Prevention of theft, shrink and inventory write off Consumer feedback
Totally integrated opportunities
Retailer advantages:
a) Real time inventory information
RFID provides retailers with real-time inven-tory information that can help to prevent stockouts, locate stock within a store to avoid“shrinkage’ of inventories, and can help to en-able retailers to use more yield effective pric-ing strategies.
A recent study cited in the Harvard BusinessReview (Corsten, Daniel and Gruen, 2004)analysed what shoppers do when they face astock out of a desired product. The resultsconfirmed what many retailers feared. Acrossthe entire retail industry stock outs on aver-age, cost each retailer approximately 4% ofsales. Consumers are not patient with stockouts: in fact fewer than half will purchase areplacement item, with almost a third goingelsewhere to find the item.
Across the retail industry stock out levels re-main near 8%, and represent a key issue thatretailers hope to reduce drastically with RFID(Convert, James 2004). One manufacturer cur-rently using RFID technology to help to reducestock out statistics is Proctor and Gamble. PaulJ. Grieger, the director of supply-chain innova-
tion at P&G noted that if the company couldreduce stock out levels from 8 to 10% to 2 to3% of sales, the return on investment in RFIDwould more than pay for itself.
b) Decreased labour costs
RFID provides technology that practicallyeliminates the need for human checking ofstock. Accenture estimates that effective RFIDsolutions can help retailers reduce a widearray of costs: receiving by 50 to 65%, stock-ing by 22 to 30%, checkout by 22 to 30%,cycle counting by 40 to 60% and physicalcounting by 90 to 100%. (Chappell, Garvin etal 2003).
c) Prevention of theft, shrink and inventorywrite off
“Shrink” is a retailing term used to describeinaccurate inventory counts as a result of cus-tomer theft, employee theft, inaccurate inven-tory counts due to misplaced items, and stockreordered because items are on a display shelfin another area of the store. The 2000 RetailSurvey Report estimates that shrink represents1, 69% of sales for retailers (University ofFlorida, 2000).
RFID technology has the potential to alert staffwhen items are being removed illegally, orwhen they have been misplaced within thestore.
This can assist in theft reduction and also pro-vide real-time accurate inventory counts auto-matically.
Inventory write-offs occur when goods are nolonger fit for consumption, the goods are nolonger in demand by consumers, or they havebeen damaged while in the retailer’s posses-sion. RFID technology offers solutions to tracksell-by-dates of each product on the shelf.
The collection and utilization of this informa-tion will help retailers maintain a better inven-tory management system that can react todemand much more quickly than current sys-tems
d) Totally integrated opportunities
In addition to improving the supply chain, theadvent of RFID technologies will offer retail-ers new and unlimited marketing opportuni-ties. Tracking a customers’ purchases beforethey leave the store offers retailers informa-tion that can immediately be used for thecross selling of other related products. In-storesuggestive selling allows retailers to commu-nicate with shoppers while they are shoppingin an effort to encourage them to buy an ad-ditional and/or complimentary item.
The implementation of RFID technology willoffer retailers also the ability to change theirpricing moment by moment. Real time inven-tory can allow for automatic price changes tomaximize their yield on high-in-demanditems. Yielding maximum prices for items ac-cording to store supply and demand levelswill increase incidental sales for all retailers.
There are also some disadvantages for RFIDadoption for retailers.
Retailer Disadvantages
a) Cost and return on investment
The introduction of RFID will lead to additioncosts, while the anticipated ROI time frame isunclear, because the true cost savings are dif-ficult to predict and the only visible benefit inthe beginning of an implementation project is
that the culmination of sales and inventory in-formation can prepare retailers better to avoidstock outs and shrinkage. It is not the cost ofhardware to read RFID sensor chips that isworrying the retail industry; it is the integra-tion of existing software with RFID informa-tion which will cost much more money.
b) Middleware issues
RFID middleware extracts the data from RFIDreaders, filters it, aggregates the information,and routes the data to enterprise systems.After distilling the data, the middlewarepasses it along to applications like enterpriseresource planning (ERP), supply chain exe-cution (SCE), customer relationship manage-ment (CRM) and warehouse management(WM) systems. Other potential functions in-clude monitoring and managing the RFIDreader network. Many retailers have cited is-sues with data quality, control and devicemonitoring and management problems asobstacles to the implementation of RFIDmiddleware (Liar 2004).
c) Consumer feedback
Metro AG’s pioneering Future Store is the firstentire operation to fully utilize RFID technol-ogy. The Boston Consulting Group publisheda report on the working of the Future Store,which showed increased customer satisfac-tion (The Boston Consulting Group, 2003).The share of customers that chose either fullyor highly satisfied rose from 34% to 52% afterthe store changed from a traditional retailer tothe ‘Future Store’ model. However not all cus-tomers are convinced. The same studyshowed that although 42% of customers areusing the store more frequently a 20% of cus-tomers surveyed are using the store less fre-quently. Not all customers will happily utilizethe RFID related technologies available tothem.
6.5.4. Issues in the RFID adoption in theretail industry: advantages and dis-advantages for consumers
In general, consumers in retail shops are rel-atively oblivious to RFID technology and capabil-ities. However, there are a number of consumerprotection groups that are operating websites and
RFI
D te
chno
logi
es
107
Tech
nica
l Rep
ort S
erie
s
blogs aimed at galvanizing support for legislationlimiting RFID and what companies can do with thetechnology. To get a better insight into issues re-
lated to consumer adoption of RFID we will givean overview of consumer benefits and consumerdrawbacks (see for a summary Table 6-5).
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
108
Tech
nica
l Rep
ort S
erie
s
Table 6-5: Overview consumer benefits and drawbacks
Consumer benefits Consumer drawbacks
Consumer savings Hidden placement of tags
Improved security/ authenticity of prescription drugs Unique identifiers for all objects worldwide
Efficient recalls will reduce deaths and injuries Massive data aggregation
Hidden readers
Individual tagging and profiling
Consumer benefits
a) Consumer savings
RFID will allow companies to better match upsupply and demand. Manufacturers will notproduce vast quantities of products that willnot sell and retailers will not overstock exces-sive amounts of products destined to sit onstore shelves gathering dust. RFID will enablecompanies to more quickly identify goodsthat can or need to be discarded or replen-ished. This in turn will give the customer ac-cess to better and fresher products and in thelong term might also lead to a decrease inpricing for the consumer
b) Improved security/authenticity of prescriptiondrugs
RFID will be used to distinguish genuine prod-ucts from counterfeit products. This is espe-cially important for healthcare applications andmedicine prescriptions. Currently, consumershave i.e. no ‘fool-proof’ method availablewhich allows them to vetting their drug pre-scriptions, which could lead to potential healthissues associated with ingesting counterfeitdrugs (with i.e. wrong doses or ingredients).
c) Efficient recalls will reduce deaths and injuries
RFID can be used to identify and recall out-dated products or unsafe projects. This is es-pecially import in the food area, because itwill improve food safety and enhance con-sumer safety.
Consumer drawbacks
a) Hidden placement of tags
RFID tags can be hidden in objects and doc-uments without the knowledge of the individ-
uals who purchase the items. As radio wavestravel easily and silently through fabric, plas-tic, and other material, it is possible to readRFID tags sewn into clothing or affixed to ob-jects contained in purses, shopping bags, suit-cases etc. Not knowing if reading of RFID tagsis possible or takes place is very annoying forpeople.
b) Unique identifiers for all objects worldwide
The Electronic Product Code (EPC) potentiallyenables every object on the planet to have itsown unique identification code. This technol-ogy could lead to the creation of a global itemregistration system in which every physicalobject is identified and linked to its purchaseror owner at the point of sale of transfer.
This is potentially a positive aspect in somerespects for the consumer, but in terms of pri-vacy issues, it could lead to serious abuses.
c) Massive data aggregation
RFID technology requires the creation of mas-sive databases containing unique tag data.These records could be linked with personalidentifying data. The main concern here froma consumer perspective is privacy and a threatof misuse of the data.
d) Hidden readers
Readers could be placed (out of sight) intonearly any environment where consumers orproducts are located. RFID readers have al-ready been experimentally embedded intofloor tiles, woven into carpeting and floor mats,hidden in doorways, and seamlessly incorpo-rated into retail shelving and counters, makingit virtually impossible for consumers to knowwhen or if he or she is being ‘scanned”. With-
out further regulation, there is the potentialthreat for any number of abuses.
e) Individual tracking and profiling
If personal identity were linked with uniqueRFID tag numbers, individuals could be pro-filed and tracked without their knowledge orconsent. For example, a tag embedded in ashoe could serve as an identifier for the per-son wearing it.
For these reasons consumer organisationsboth in the USA and Europe have expressedtheir feelings of distrust around the introduc-tion of RFID and have asked for solutions orproposed solutions themselves. (PrivacyRights Clearinghouse, 2003; The EuropeanConsumers’ Organisation).
6.5.5. Drivers and rationale in RFID adop-tion
Even with extensive writings on adoption anddiffusion of innovations (Rogers, 1983) the adop-tion of new and emerging technologies withunique characteristics is still not well understood.
It is not uncommon that new technologies, asthey pervade the social fabric, generate misunder-standing, mistrust, hostility or irrational fear. His-tory is full of people and groups that fought againstthe introduction of new techniques or their conse-quences.
Today RFID technology lies at the centre ofsocial debate because of its perceived effects ondata protection and privacy, on health and safety,or also on employment and labour practices. Thisdebate reaches a climax because RFID has left thelab and is fast entering the mainstream of businessand society.
Business adoption of RFID is relatively newand therefore as with most new information tech-nologies its true potential both independent and inconjunction with other technologies is not yet fullyunderstood.
6.5.6. The broad landscape of RFID appli-cations
In the previous sections we went into detailin the application of RFID in the retail sector, be-
cause a lot of knowledge concerning user accept-ance and adoption has been gained in this sector.In the meantime the landscape of RFID-applica-tions has been enlarged and we see now a rapidpenetration of RFID in various other domains, bothin the public sector and the private sector.
The largest number of case studies in theIDTechEx database is on pallet/case tracking andthese case studies are mainly related to the retailsector. But recently also a number of item-leveltagging case studies have been included in thedatabase and they equal now the number of pal-let/case studies. Especially in the item-level tag-ging we see many new application areas. Roughlyequal to these two categories is the number of cardcategories, payment key fob and e-passport casestudies. It is expected that a lot of new case stud-ies on card systems will be included into the data-base in the near future as case studies in financial,access and other cards will be added since theworld’s credit, debit, account and identificationcards gradually move over to RFID for conven-ience, reliability and reduced cost of ownership bythe issuer/operator (see also Annex 8 which pres-ents an overview of EU-US cases in categories thatthe IDTechEx database deals with).
Next in order is the vehicle tagging area,which is lucrative not only because of the highprices of the tags, but also the high prices of thesystems.
Based on a further analysis of the IDTechExdatabase we can identify the following RFID-ap-plication sectors (presented in order of number ofcase studies in the database):
• Pallet/case
• Item Level
• Card (incl. key fob)
• Vehicle
• Ticket
• Conveyance
• Intermodal container/ULD
• Passport
• Clicker/immobiliser
• Air baggage
• People
• Animals
RFI
D te
chno
logi
es
109
Tech
nica
l Rep
ort S
erie
s
While the prices of the tags for pallet/chaseapplications can be rather low, the unit prices ingeneral are somewhat higher. This is especially thecase for applications in the medical sector, the air-craft sector and the library sector, because in thesesectors a superlative performance of the tags is re-quired. Also the prices of RFID-applications incards and passports are high, which makes theseapplications very profitable for suppliers. The sameis true for RFID-applications in vehicle tracking.
New applications are also seen in the textileindustry, where RFID is used to raise the efficiencyin textile production and distribution, but also formanaging the quality control of the goods fromraw material to end products.
An important new area for RFID applicationsis healthcare. IDTechEx predicts that the market forRFID in healthcare will grow from $ 90 million in2006 to $2.1 billion in 2016. One of the applica-tion areas here is the authentication of drugs. Byestablishing a kind of electronic pedigree of everydrug, it will be possible to follow the medicinethrough the whole distribution chain in order toauthenticate the medicine at the point of dispens-
ing. Of course the usage of medicines is highlysensitive personal information. Therefore it has tobe guaranteed that the pharmaceutical industrydoesn’t collect any personally identifiable infor-mation of the patient during this process. So it isclear that several privacy and data protection is-sues are related to the RFID application in drugdistribution.
At the level of the patient RFID-applicationscan help to record which medication was takenand in what quantity and in this way lower the per-centage of errors in medicine intake. The benefitssought here are better patient compliance of drugtaking. Especially with an increase of older peoplein our society this is an important application.
Table 6-6 shows that the larger application ofRFID might generate a number of socio-economicbenefits. It is obvious that the price–developmentof the tags is only one factor in the adoption andbroad application of RFID. The development ofsome potential markets might be not as price-sen-sitive as often is believed, because of the socialbenefits which (also) might be realised.
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
110
Tech
nica
l Rep
ort S
erie
s
58 Adopted from: IDTechEx, RFID in action, 2006.
Table 6-6: Potential benefits of RFID applications in various application areas58
POTENTIAL BENEFITS
APPLICATION Cost Increased Crime Better Removal ofAREA Reduction Sales Reduction Service Safety Tedious Procedures
Laundry/Rented Textile X X X
Library Books, DVD’s etc. X X X X
Parts for aircraft & Other Machinery X X X X X
Blood Bags & Samples X X X X
Military X X X X X
Book Retail X X X X X
Drugs Prescription X X X X X X
Cigarettes X X X X X X
Postal X X X X X
Other Consumer Packaged Goods (CPG) X X X X X X
6.5.7. RFID and the new consumer or thenew citizen
RFID can help to reduce the inefficiencies insupply chains. This is a main advantage of RFIDfor suppliers of products and services. Especiallyin a situation where competition is growing andsuppliers are forced continuously to lower profitmargins.
On the other hand, there are also very signif-icant social and market changes that directly affectconsumer behaviours (we do not see a differencein the behaviour of consumers or citizens in thisrespect, so if we use the term ´consumer´ we alsomean ́ citizen´?. Socio-demographic changes suchas increased number of dual-income, single-par-ent and technology-familiar households have sig-nificantly altered the consumer behaviour (Kim,2002).
A core component in strategies to reach thenew consumer is the development of attractiveconsumer experiences. The reason for this is thattraditional factors of competition, such as pricelevel, selection and location, although still impor-tant, are no longer sufficient to achieve competi-tive differentiation. This is because the shoppingexperience of the new consumer is also affectedby a number of store-related factors, such as am-bience (temperature, scent, music etc), servicequality in the store, store perceived image and sit-uational elements such as crowding, time andbudget availability of the consumer.
This means that a shopping experience has tobe driven to a maximum of efficiency and at thesame time also towards a maximum of pleasureand entertainment.
The new consumer is more knowledgeableabout comparable product costs and prices; morechangeable in retail and brand preferences, show-ing little loyalty, self-sufficient, yet demandingmore information. The new consumer holds highexpectations of service and personal attention; andis driven by three new currencies: time, value andinformation
How can RFID in this context help to meet thedemands of the new consumer? RFID makes it pos-sible to use personal data associated with individualconsumers. These data can be used to reconstructtheir private activities at an unprecedented level of
detail. Based on these data a more personal ap-proach is possible, both for retailers but also for allkind of public services. This may cause fundamen-tal transformations to the way consumers and citi-zens will be served in the near future.
6.5.8. Conclusions
A main issue in the debate around the adop-tion and diffusion of RFID is the privacy debate(see also chapter 8 on this aspect). This issue hasyet to be concluded and needs to be taken seri-ously by the RFID industry and other actors in-volved, because if no adequate solutions are foundfor this issue, this could have a negative impact onthe rate of implementation of RFID in society.
By focusing on the privacy debate one mighthowever forget that also other social-economic,legal and ethical issues are involved in the adop-tion and diffusion of RFID. Privacy is mainly anissue which is related to consumer acceptance orlack thereof. However diffusion of innovation in-volves all actors in the value chain, not only theconsumers, but also the suppliers and intermediaryorganisations.
Another main issue in all technology accept-ance models is the balance between the ‘per-ceived usefulness (PU)’ and ‘perceived ease of use(PEoU)’. These two factors are main determinantsfor the acceptance and use of new technology.
In this chapter we have refrained on discus-sions on privacy issues (these are discussed in de-tail within chapter 8 of this report) but we havediscussed some of these other socio-economic,legal and ethical issues we referred to. We have il-lustrated these issues by applying the diffusion ofinnovation theories to RFID in various markets.
Despite first appearing in tracking and accessapplications in the 1980s, the potential of RFIDhas only been recognised relatively recently. UsingRFID tags, it is possible to identify and track ob-jects and people without time delays, withouthuman intervention and thus without variablecosts. With even smaller, smarter and cheaper tagsand readers, RFID is opening up amazing valuechain possibilities. Through RFID technology com-panies can improve efficiency and visibility, cutcosts, better utilise their assets, produce higherquality goods, reduce shrinkage or counterfeiting
RFI
D te
chno
logi
es
111
Tech
nica
l Rep
ort S
erie
s
and increase sales by reducing out-of-stocks. Andboth in the private sector and the public sectorRFID can gain also a number of social benefits,which makes these applications depend less onthe price-elasticity of the RFID-tags.
All this, means that RFID will have a great im-pact on the processes and IT systems of companiesand public and societal organisations.
However, it is expected that the use of RFID inthe commercial sector will only take place if the fi-nancial benefits (on short or medium term) aregreater than the cost of implementation.
Another observation is that for supply chainapplications and certainly for other applicationsRFID is relatively new and no large-scale imple-mentations have yet been carried out. Products areoften not completely faultless and as a conse-quence it often takes considerable time to installand perfect the RFID hard- and software in eachlocation.
All this means that it is necessary that compa-nies and organisations that want to introduce RFIDin there own environment thoroughly preparethemselves.
Part of the problem to date is also that the em-phasis has been on the advantages for retailers, butnot on other companies or organisations in thevalue chain. The result is that many organisationsstill do not realise the potential benefits of the tech-nology.
So, RFID is still a complex technology inwhich little experience has been gained in mostorganisations. The implementation of RFID has farreaching consequences for organisations and de-mands fundamental preparation. The preparationtime is relatively long at the moment, due to theimmature technology and the limited experiencewith RFID. Therefore collaboration between man-ufacturers of RFID systems and IT developers incompanies and organisations is necessary.
Also the users should be involved in this de-velopment. There is a risk of misconception aboutRFID technology among users and consumers. Pri-vacy issues are one of the main issues here, butalso other drawbacks can be stipulated by users.
As part of their RFID strategy, manufacturersand organisations which apply RFID-applications
need to develop a privacy policy and communi-cate this to their users.
Educating all actors involved in the valuechain will also be very important. This process ofeducation is partly occurring in a natural way as acollaborative approach is allowing organisationsand users to get involved in the development ofRFID applications. There also needs to be a levelof education to promote RFID outside its tradi-tional stronghold or consumer retail products. Thisis especially important because the characteristicsof specific application areas in our society, i.e. intraffic, travel, health, defence etc., create a needof specific measures to guarantee authenticity, pri-vacy and safety in order to create trust and accept-ance of these applications by the potential users.
A proven step-by-step implementation ofRFID is effective and goes from study or proof ofconcept, pilots and small-scale projects to large-scale rollout.
6.6. RFID: Employment, training andeducation
6.6.1. Impact of RFID technology on theworkplace and the employmentmarket
Employment: job loss versus job creation
With the advent of RFID technology and itspromise of long-term efficiency gains, several stud-ies have been conducted to investigate the impactof RFID applications on society, to explore possi-ble issues for public policy (OECD, 2005; Telem-atics Institute, 2006). These reports have a strongfocus on technical aspects that might hinder theadoption of RFID such as standardization, interop-erability and data security. The social aspects, onthe other hand, often remain limited to privacyconcerns, which dominate the discussion of social(user) acceptance. When economic aspects are in-cluded in the analyses, the emphasis is on the end-less possibilities to apply RFID technology, theproductivity gains that can be obtained, and thepresentation of bright, future market prospects.
At the other side of this development, how-ever, you’ll find the automation process, reinforced
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
112
Tech
nica
l Rep
ort S
erie
s
by RFID, and inevitably leading to a reduction oflabour costs. Administrative staff and jobs that in-volve bar code scanning such as cashiers in super-markets or jobs in distribution centres, run the riskof becoming obsolete. A report from the US Yan-kee Group, published in 2004, forecasted that ef-ficiency advantages of RFID will cost 4 millionemployees their jobs (Yankee Group, 2004).
The lack of attention for the impact of RFIDon employment in these reports is in this respectremarkable. One could argue that this lack of at-tention is a reflection of the current state of devel-opment of RFID, where the focus is mainly onovercoming technological hurdles. On the otherhand, as the public spotlight is on privacy con-cerns, other issues, such as job loss, remain under-exposed. According to a UK report on RFIDapplications in healthcare the public’s attention ismainly focused on privacy violations but job lossesare a far more likely and dramatic outcome ofRFID adoption.(Wireless Healthcare, 2004).
However, this view is disputable for the fol-lowing reasons. Firstly, the loss of jobs is expectedto be a gradual development coupled to a longtransition period of at least 10 years from bar codescanning towards RFID applications (YankeeGroup, 2004). Due to this long period the loss ofjobs is not expected to result in a disruption of thelabour market.
Secondly, there are indications that the roll-out of RFID will create new jobs as well. Severalanalysts predict a transition towards more added-value positions such as information (data process-ing) and service related jobs. The RFIDapplications will give companies access to largeamounts of data that have to be processed to gen-erate actual, value-adding knowledge.
Thirdly, RFID could create new jobs in an in-direct way, as RFID is likely to increase productiv-ity gains across a wide range of industry sectors.This will spur economic growth, which in turn willcreate more jobs (IBM, 2005; Reeding, 2006). Thisline of thought emphasizes innovation and the de-velopment of new service products that RFID willcreate.
The impact of RFID on employment shows,in this respect, similarities with the impact of In-formation Technology (IT) on employment. Al-though the adoption of IT has led to jobdisplacement in particular sectors of the industry,employment in the services sector has increased(OECD, 2004; 2005). At the same time, IT has be-come an essential element for economic growthwhich has created jobs indirectly (OECD, 2004;2005).
However, the full benefits of IT can only berealized by improving skills of employees, bytraining management, by implementing organiza-tional innovations and integrating IT in companystrategies (OECD, 2004; 2005). This holds as wellfor RFID. One of the key challenges to fully real-ize the success of RFID will be education andtraining. This will be the focus of the followingchapter.
Workplace
The WSM (‘Work Standards Model’, devel-oped by The International RFID Business Associa-tion – RFIDba59 - to assist organizations inquantifying and assessing their required workplaceskills and knowledge to successfully implementRFID) gives a hint of the significant impact the im-plementation of RFID in business processes willhave on the workplace. Employees (end-users) willneed new skills to successfully work with the im-plemented systems. The emphasis will be, evenmore than before, on [real-time] processing of in-formation that is collected from different sources,tools, and applications. This will transform thecharacter of the new information workplace be-yond that of traditional knowledge work (Forrester,2005).
However, the actual number of studies con-ducted on the impact of RFID on the workplace isvery limited. The few reports that have been pub-lished on this matter focus on privacy issues(RAND, 2005; NVVIR, 2005). Although employ-ers have already many options available to them tocontrol and monitor employee presence, the ap-plication of RFID in access and tracking systems
RFI
D te
chno
logi
es
113
Tech
nica
l Rep
ort S
erie
s
59 RFIDba is a global, not-for profit, vendor-neutral, educational trade association focused on serving end-users who have a need for edu-cational programs that will help them achieve successful implementation and deployment of RFID technologies. The Association is de-veloping internationally accepted standards for RFID education, training, and certification based on the RFIDba WSM
will make data collection and processing on alarge scale even easier. It will create new ways tomonitor employee location, behaviour, and per-formance.
Current applications are often limited to ac-cess control systems (NVVIR, 2005). The expecta-tion is however that RFID will be widely applied inorganizations. This can have considerable conse-quences for employee privacy. In 2006, two work-ers of the US company Citywatcher wereimplanted with a RFID chip (MSNBC, 2006). An-other example is a store of McDonalds (US) whereemployees are checked whether they have washedtheir hands after using the toilets, which was madepossible by the application of RFID technology.
Whilst in these examples clients or employ-ees have chosen themselves for the RFID chip im-plant, many employees are unaware of thepossibilities of RFID applications and the conse-quences for their privacy. The ease of automaticdata collection and the fact that RFID can functionwithout direct contact between tag and reader in-creases the possibilities for illegal collection ofdata (NVVIR, 2005). Open and transparent guide-lines (regulations) and open information practicesare very important in the implementation of appli-cations aimed at surveillance, control and moni-toring, to guarantee employees’ privacy.
6.6.2. Training requirements and training fa-cilities in relation to the widespreadadoption of RFID technologies
Skills: shortage, gap or mismatch?
A widely recognized problem is the shortageof RFID skills. A survey conducted in February2006 by the Computer Technology Industry Asso-ciation (CompTIA),60 to gain a deeper understand-ing of the current RFID skills in industry, found that75% of the respondents believe that the pool oftalent in RFID is insufficient. From this 75%, 80%believes that the lack of skilled individuals in RFIDwill hinder adoption. This number is significantlyhigher than in 2005, when 53% said it would havea negative impact (CompTIA, 2006).
Using the definition of the European e-skillsForum, an analysis can be made of the kind ofshortage that is currently observed for RFID. TheForum distinguishes between three types of short-ages (European e-skills Forum, 2004):
• Shortage: quantitative lack of skilled per-sonnel;
• Gap: A competence shortfall between cur-rent and needed competence levels;
• Mismatch: A difference between the com-petence of the trainee or graduate and em-ployers’ expected competence needs.
The results of the survey did not only show aquantitative lack of skilled RFID workers (there arenot enough people that can perform RFID jobs); italso found that current RFID workers do not havethe required competences. This implies that theshortage of skills is also a qualitative gap betweenwhat competences RFID workers currently haveand what employers actually need. There is somedebate on whether this gap is of a structural nature(that might require policy interventions). Some holdthat the gap will dissolve quickly with the rollout ofRFID, as the number of organizations offering spe-cial training programmes is growing significantly.
Before turning to what types of competencesare required, it should be noted that the currentfocus of the shortage of skills is on RFID profes-sionals, rather than end-users of RFID applications.The demand for skilled end-users is likely to be-come more important in the (near) future, whenapplications are implemented on a large scale.
Two types of skills in particular were identi-fied as critical to the successful implementation ofRFID applications: radio technology skills and soft-ware/business process/data architecture skills(CompTIA, 2006). Radio technology requires acombination of knowledge of the frequency spec-trum of radio waves with RFID knowledge (suchas RFID standards, air protocols, data coding, elec-tronic product code formats, installation, mainte-nance and testing skills). The second type of skillsrequires knowledge of middleware, the functional-ity of software (real-time data acquisition and datafiltering), integration of specific applications etc.
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
114
Tech
nica
l Rep
ort S
erie
s
60 CompTIA is an international organization with the aim to advance the growth of IT industry and those working in it. They have 20.000members in 102 countries and offer vendor neutral certification programmes on several subjects, such as RFID (since March 2006).http://www.comptia.org
Training
In order to address the skills gap, several or-ganizations have developed their own RFID certi-fication programmes to train staff and overcomethe differences in competences. As a result of theirsurvey and discussions with industry experts,CompTIA started their RFID certification pro-gramme in March 2006. It is focused on radiotechnology and includes the following domains:
• Interrogation Zone Basics
• Testing and Troubleshooting
• Standards and Regulations
• Tag Knowledge
• Design Selection
• Installation
• Site Analysis (i.e. Before, during and afterinstallation)
• Radio Frequency Physics
• RFID Peripherals
Training courses of other organizations suchas RFID4U, RFIDSolutions and OTA Training areapproved by the CompTIA Learning Alliance(CLA).
The International RFID Business Association(RFIDba)61 has developed a ‘Work StandardsModel’ (WSM) to assist organizations in quantify-ing and assessing their required workplace skillsand knowledge to successfully implement RFID.The model describes all work processes, tasks andtask elements, tools and equipment as well as theknowledge, skills and abilities of the workers toquantify and codify the work.. It can be used tounderstand how work processes, tools or knowl-edge might be changed due to the introduction ofRFID and to identify the required level of expertiseof different employees (Squires & Neary, 2006).This model, therefore, focuses mainly on end-usersof RFID.
6.7. Conclusions and recommendations
The widespread application of RFID not onlyraises privacy and security concerns, but also farreaching implications of the application of thistechnology can be foreseen in the social interac-tion between people and in the economic trans-actions between actors in the market.
In this chapter the socio-economic aspects ofRFID applications have been discussed, togetherwith some legal and ethical issues. This subjectalso includes the human aspects related to the useand acceptance of the RFID, i.e. awareness, trustand user related issues of technology transfer.
Based on a theoretical framework it is madeclear that these socio-economic aspects are impor-tant for the widespread acceptance and use ofRFID Therefore technology developers and policymakers should be aware of these aspects and takeappropriate measures to incorporate accepted so-cial values in the development, application andimplementation of the RFID technology.
Having said this, an important observation isthat results on socio-economic research on accept-ance, adoption and use of RFID are still ratherscarce.
The same is true for the second topic in thischapter: the effects of RFID on the workplace andthe employment market and the development ofeducation and training in relation to RFID.
In relation to the issue of education and train-ing one could also mention the issue of awareness,which is still lacking. As a result of consumer sur-veys one could conclude that RFID is still a ratherunknown concept amongst consumers: only 30%of the consumers in the USA, and only 18% of theconsumers in Europe are aware of the existenceand application of RFID, the rest has never heardof the concept before.
This means that for consumers even the firstphase of the process of diffusion of innovations, asdefined by Rogers, hasn’t started yet.
In this chapter we do not restrict ourselves tothe analysis of consumer aspects, but we look at
RFI
D te
chno
logi
es
115
Tech
nica
l Rep
ort S
erie
s
61 RFIDba is a global, not-for profit, vendor-neutral, educational trade association focused on serving end-users who have a need for edu-cational programs that will help them achieve successful implementation and deployment of RFID technologies. The Association is de-veloping internationally accepted standards for RFID education, training, and certification based on the RFIDba WSM.
the introduction of RFID in the whole value chain,so including manufacturers and suppliers, retailersand other intermediary organizations, andusers/consumers in various sectors in our society..
Taking the retail sector as an example wehave started to analyze which factors influence theacceptance and implementation of RFID andwhich advantages and disadvantages of RFID canbe identified.
Conclusion is that for many different reasons,many companies are still in the first phases ofadoption and implementation of RFID. This is evenmore the case in various other sectors of our soci-ety. One of the reasons is that RFID is a complextechnology, in which still little experience isgained in most organizations. Further pilots andexperiments around RFID implementation, withinvolvement of all main partners (so also the users)will overcome a lot of problems and will stimulatethe learning and acceptance process. Main driversfor this development are perceived benefits, theexistence of dominant supply chain pressure, andthe existence and adoption of standards for intel-lectual property ad ownership of the data gener-ated by the RFID systems.
In relation to the introduction of RFID notonly technological and cognitive knowledge is im-portant, but also the affective quality of the wholeRFID system should be taken into consideration.Perceived affective quality of a system for instancehas a positive impact on user’s perceived usabilityof the system.
The same is true for pre-existing knowledgeon the system. People who know already whatRFID is are in general more positive on the effectsof RFID than people who just learned about theexistence of RFID. This observation also pleads foran extension of awareness activities both for theconsumers and the other actors in the supply chainor value chain.
A main conclusion regarding the theoreticalanalysis of the issue of trust and RFID is that thebasic level of trust is different for different people.Some people are very trustful, while others have ahigh basis level of distrust.
Another observation is that feelings of trustand risk can be established quite independently,and together they determine the final success of
introduction and acceptance of RFID. Trust con-tributes to the acceptance of the technology in apositive direction; while risk contributes in a neg-ative direction. The effect is that the two factors in-teract with each other, so that technologyconnected with a low degree of trust may still besuccessful if there is also a low perceived risk. Butit is also possible that in very risky situations noamount of trust is able to offset the risk perceivedby a user, and in such a situation it will becomevery difficult to accept the involvement of a spe-cific technology.
In order to deal with consumer concerns re-garding the use of RFID, various organizationshave developed on the basis of self-regulationguidelines and code of practices to protect con-sumers A number of such guidelines and code ofpractices have been selected and are described inthis report (see Annex 4).
It is also very important to note that:
Development of awareness activities is veryimportant to make consumers, but also other ac-tors in supply chains for products or services,aware of the existence, benefits and existing draw-backs regarding the widespread introduction andimplementation of RFID. It is important to realisethese awareness activities from a neutral point ofview. Therefore the EC could initiate or stimulatethese developments.
Pilot activities and experiments are importantinitiatives to learn to overcome all the pitfallswhich might arise when a company or a public or-ganisation start to implement RFID. It is importantto develop such initiatives along the lines ofproven step-by-step introduction of RFID: fromstudy or proof of concept, pilots, and small-scaleprojects to large-scale roll outs.
It is also important to involve all relevantparties in the development and implementationprocess: so also potential users/consumersshould be involved from the very beginning ofsuch an initiative. The development of such apilot projects and experiment is a main respon-sibility of the market itself. However, in order todisseminate the knowledge gained and the expe-rience which has been built up, it might be help-ful if the EC could give some support to theseactivities.
6. S
ocio
-eco
nom
ic a
spec
ts o
f RFI
D
116
Tech
nica
l Rep
ort S
erie
s
A lot of research is going on regarding the fur-ther development of hard- and software for RFID.However, most of this research is technologybased and takes cognitive behaviour of the con-sumer as a point of departure. Emotional aspectsalso to a large extend influence the acceptance orrejection of the RFID technology. Therefore re-searchers should also analyse the affective qualityand affective aspects of RFID systems into their re-search projects. In general we could conclude thatthe methodology for such research is still under-developed. We could not identify any specificstudy on these aspects in relation to RFID systems.We recommend that the EC supports such studiesand stimulates the widespread application of theresults of these studies.
The positive and negative implications of thewidespread implementation of RFID on employ-ment and overall work force are still unknown.The development of a conceptual model to analy-ses this impact and the further monitoring of thesedevelopments could be considered as an impor-
tant task for the EC. Also issues related to the ren-ovation of the work place due to the implementa-tion of RFID need further attention.
RFID is only a part of the introduction of newinformation and communication technology in theretail sector and in other commercial or publicsectors. It is a part of the introduction of ubiqui-tous computing and ambient intelligence in com-panies, shops and homes. This new technologywill have an impact on the consumer, but at thesame time, due to all kind of socio-economic de-velopments in society, we also see the emergenceof the new consumer. This new consumer will alsodevelop – in a direct or indirect way - new de-mands regarding the use of new technology.
A further analysis of the role of the new con-sumer in relation to the development of new tech-nology will be fruitful for the further developmentof the RFID systems, but also for other technologysystems which have to serve the consumer or citi-zen of the future.
RFI
D te
chno
logi
es
117
Tech
nica
l Rep
ort S
erie
s
7. Privacy aspects of RFID
RFI
D te
chno
logi
es
119
Tech
nica
l Rep
ort S
erie
s
7.1. Introduction
The objective of this chapter is to position thevarious privacy consequences of RFID in a generalframework that underscores the relationship ofRFID with privacy on three distinct levels. To startwith, we will present some results and observa-tions that show the importance of dealing ade-quately with privacy in case of using RFID. Thissets the scene. The by now ‘classical’ view on pri-vacy will be presented, followed by an extensionof this view for RFID. A distinction we introduce,is the distinction between closed and open RFIDsystems, i.e. systems in which data are confinedwithin the system and systems that communicatewith other systems and that exchange (personal)data. Dealing with the privacy implications ofRFID can be done on the basis of one of the threefollowing perspective: enforcement by law, self-regulation and technical measures. Referring to thefirst, the EU-privacy directive (95/46/EC) sets thescene and is overall still valid. Self-regulation is ameans that enforces commitment by interestedparties. The US Centre for Democracy and Tech-nology has organised commitment in a set ofRFID-privacy guidelines. Finally, technical meas-ures can be used to enhance privacy. For con-sumer issues it is demonstrated that it is possible toadhere to the OECD Fair Information Principles byincluding specific forms of profiling and use spec-ification to the tag and reader information. Thiselaboration shows the viability of a ‘privacy by de-sign’ approach.
7.2. The sensitivity of RFID towardsprivacy infringements
In a recent OECD report, privacy is indicatedas an important aspect of RFID-developments. TheOECD states that “[W]ithout addressing privacy re-lated issues carefully, appropriately and transpar-ently … backlash by consumers and citizens is apotential risk that could limit long-term benefitsand development.” (OECD 2006a, p. 15) In theview of the OECD, privacy is an asset of RFID thatneeds to be taken on board, and that requires care-
ful consideration. The OECD mentions a studydone by the EU Article 29 Working Party on DataProtection, a group that has been established inaccordance with article 29 of the European pri-vacy directive 95/46/EC. (Article 29, 2005a) Thisstudy supports the findings of the OECD with re-gard to the privacy implications of RFID. TheOECD and the Article 29 Working Party share theview that in relation to RFID, privacy and securityare two sides of the same coin and require an ap-proach in which they are both tackled together.During an OECD-workshop, held in October2005, participants also addressed the double-sid-edness of privacy and security, complementingthat it might be possible to include security safe-guards that may have positive implications on pri-vacy. (OECD 2006b) The Italian member of theData Protection Commission, Stephania Congia,stated that “the majority of basic principles are al-ready laid down in the OECD guidelines, EU di-rectives, the Council of Europe Convention, butthat RFID technology has an impact on personaldignity and integrity as well as on freedom ofmovement and that personal data can beprocessed without the knowledge of the individ-ual.”(OECD 2006b, p. 14) The EU-workshop onRFID, held early May 2006, once more proved theimportance of tackling privacy and security as twodominant aspects for successful introduction ofRFID. Much of the workshop, devoted to privacy,security, health effects and employment was ded-icated to underscoring how privacy and securitymight profit from each other in improving user ac-ceptance of RFID. The double-sidedness of privacyand security requires attention right away, since itdeals with embedding privacy regulations in thestandards that are developed just now on the var-ious aspects of the RFID system (encompassingtags, readers, middleware and the adjacent back-end information systems).
A recent study, performed by Capgemini(2005) supports the concerns that are raised by theOECD and the Article 29 Working Party. Capgem-ini concludes that overall awareness for RFID inEurope is low, and on average lower than in theUnited States (18% in Europe versus 23% in the
USA). Within Europe, awareness is highest in theUK (24%) and lowest in the Netherlands (12%).Though US consumers expressed greater concernfor privacy related issues than European con-sumers, Europeans did put privacy issues “at thetop of the list, leaving no doubt that companiesmust address these concerns as they communicatewith their customers about the technology.”62
Overall, the higher the awareness, the higher theresponse to expected privacy concerns of RFID.
This indeed is an important message. The moreone becomes familiar with the opportunities RFIDtechnology offers, the higher the critical awarenessthat the technology may impose privacy threats.For Europeans, the highest ranked privacy threatsare consumer data used by third party, tags thatcan be read from a distance, tracking of consumersvia product purchases, and being targeted morewith direct marketing (see Table 7-1).
7. P
riva
cy a
spec
ts o
f RFI
D
120
Tech
nica
l Rep
ort S
erie
s
62 CapGemini (2005). p. 463 Percentage of consumers saying “concerned” or “extremely concerned. Capgemini (2005), p. 11
Table 7-1: Consumer concerns related to RFID63
Issues of concern EU [%] USA [%]
Consumer data used by third party 59 69
Tracking of consumers via product purchases 55 65
Tags could be read from a distance 52 42
Targeted more with direct marketing 52 67
Environmental impact 44 45
Health issues stemming from RFID 35 56
RFID tags that can be eaten/dissolved 31 43
The table shows priorities in the USA to bedifferent from the priorities in the EU, with privacyconcerns in the USA overall higher. The biggestgap between the USA and Europe is in prioritisinghealth issues (dangers from RFID radiation), wherethe USA prioritises these issues considerablyhigher than Europeans.
In a study, performed at the Humboldt Uni-versity of Berlin, people were invited to indicatewhat they perceived as potential major privacyrisks of RFID.(Spiekermann 2006) They identifiedthe following list of threats:
1. Unauthorised access
2. Tracking of objects via data
3. Retrieving social networks
4. Technology paternalism
5. Making people responsible for objects.
The first two of these threats are related to thedirect use of RFID: they relate to violation of con-fidentiality and security of communication and thedirect use of data to monitor people, and are inline with the first four threats identified by Cap
Gemini. The third threat is related to profiling spe-cific groups on the basis of shared characteristicswhich make people part of social networks. Theprivacy threat here is, for one, the intrusion in theintimacy of the personal sphere, and for anotherthe identification of people belonging to a networkon the basis of shared characteristics (profiling),which may lead to inappropriate assumptionsabout individual persons. Technology paternalismrelates to the enforcing power of RFID to controlbehaviour of persons. Examples provided are thesmart shelves that raise alarm when objects are re-placed wrongly, and cinema’s that signal whenpeople bring with them their own (RFID-tagged)food and drinks. The fifth issue refers to the use ofRFID in linking objects to people, for instance inorder to register deviant behaviour. An example isthat objects can be linked to people (a can boughtat a supermarket and thrown out of the car afterconsumption).
The Capgemini survey presented an other in-teresting result. Table 7-2 compares the perceivedimpact on privacy of RFID relative to other tech-nologies, such as mobile phone, credit cards,smart cards, etc. Though some of the technologies
may have RFID embedded in them (for instanceaccess control badges and smart cards) the tech-nologies are rated as if they are independent fromeach other. RFID is rated to have a higher or equalprivacy impact for all technologies that were pre-sented. 45 and 46% respectively rated the privacyimpact of RFID higher than the privacy impact of
access control badges and smart cards. It is inter-esting to note that in all cases only 10% of con-sumers or less considered the privacy impact ofRFID to be less than the privacy impact of the al-ready existing technologies! This implies that RFIDis considered to be a technology with a very highprivacy profile. R
FID
tech
nolo
gies
121
Tech
nica
l Rep
ort S
erie
s
64 Source Capgemini, 2005
Table 7-2: The impact on privacy from RFID vs other technologies – Europe64
Consumers saying RFID has … Greater impact Same impact Lesser impact Don’t know
Mobile phones 36 33 10 21
Debit cards 36 29 7 26
Credit cards 41 31 8 20
ATMs 41 32 8 19
Frequent shopper/loyalty cards 42 33 7 18
Access control badges 45 31 6 18
Smart cards 46 28 6 20
Camera phones 34 32 10 24
The survey of Capgemini thus underscores thestatements of the OECD and the Article 29 Work-ing Party that privacy implications of RFID have tobe taken seriously. The survey indicates that theconsumer does not expect the introduction ofRFID to lead to cost reductions. The consumerdoes however perceive potential benefits of thetechnology such as car anti-theft measures, fasterrecovery of stolen items, improved security of pre-scribed drugs, improved food safety and quality,and potential consumer benefits (such as fastercheck-out, better price accuracy, improved accessto products and information). These potential con-sumer benefits are ranked low on the list, which isin combination with the high profile for privacy re-lated issues, reason to start raising awareness of theconsumer on benefits and potential dangers ofwidespread introduction of RFID.
7.3. Privacy in RFID systems
In the classical sense of the concept, privacyrelates to the right of shielding off the home envi-ronment, the intimacy of life, confidential commu-nication, and safeguarding the integrity of thebody. Privacy was, and is, considered to be one of
the conditions a person needs to develop and de-termine oneself. One needs to have the opportu-nity to protect oneself for the intrusion in onesprivate life in order to create prosperous condi-tions for realising autonomy and self-determina-tion. This is part of the classical approach ofprivacy. It hinges on what can be labelled as ‘rela-tional privacy’. Due to the rise of information sys-tems and the ubiquitous presence of data in digitalform, the traditional concept of (relational) privacyhas been extended to include ‘informational pri-vacy’, privacy in which the data shadow of a per-son is at stake. Alan Westin’s famous dictumdefines informational privacy as “the claim of in-dividuals, groups or institutions to determine forthemselves when, how and to what extent infor-mation about them is communicated.” (Westin,1967) In Germany, one finds reference to the ‘in-formationelle Selbstbestimmung’ (self-determinacyover one’s own information) in the German Con-stitutional Law (Article 8, Paragraph 9):
“If somebody cannot overlook with sufficientcertainty which information concerning certainareas is known to his social environment … he canbe significantly hindered from planning and decid-ing in a self-determined way … If somebody has toreckon with the registration of his participation in
a meeting or a citizens’ initiative by the authoritiesand with the danger that risks for him are involved,he will perhaps not exercise his correspondingbasic rights.”65
RFID is a means for identification. The iden-tification can be of products, services or persons66
(cf. OECD, 2006b). In most cases, RFID-tags willbe related to products. When however, a person iscorrelated to specific products by means of atoken, an index or another pointer, the identifiedinformation becomes personal information (or in-formation that enables the identification of a per-son). Due to the ‘enabling’ characteristics ofRFID-tags – they can be used everywhere, in anysituation for any purpose – the threat to privacy isa major concern, for the public, companies andgovernments alike (albeit for different reasons). Asstated in the introduction, several bodies have in-dicated to perceive privacy as a kind of criticalsuccess factor for the widespread use of RFID. Thenear past has shown that trials with RFID – eventrials in which the utmost care was given to pri-vacy considerations – led to public arousal, due toperceived risks regarding the privacy.67
A literature review shows that authors addressa broad range of privacy issues, related to severalforms (‘scenario’s’) of intrusion in the personalsphere of people.68 The starting point for our ownanalysis is presented in Figure 7-1 (adopted from(Garfunkel, 2005, p. 36). Though Figure 7-1 refersto the EPC network, we think it is useful for moregeneric purposes. In Figure 7-1, two direct privacythreats are identified: one in relation to the tag-reader system, and one in relation to the informa-tion that is collected and disseminated outside thetag-reader system. The first kind of threat is the onethat is most directly related to RFID. It focuses onthe privacy implications of the tag-reader-systemitself. The second kind of threat relates to the useof data collected by means of an RFID-system. Thedata that are disseminated by the tag-reader-sys-tem may be collected in a database, for instance tomonitor pallets in a supply chain management sys-tem, in case of electronic payments, etc. This kindof threat is not uniquely determined by the RFID-system, but due to RFID the threats may be aggra-vated and have very specific dimensions.
7. P
riva
cy a
spec
ts o
f RFI
D
122
Tech
nica
l Rep
ort S
erie
s
65 Quoted in: Von Locquenghien, K. (2006). p. 61-62.66 Distsinction made by Jeroen Terstegge, Corporate Privacy Officer, Philips.67 See http://www.boycottgillette.com/on the controversy surrounding Gillette using RFID to monitor buyers of Gillette razors; see http://net-
works.silicon.com/lans/0,39024663,39118760,00.htm for the privacy concerns surrounding the introduction of RFID in Metro; seehttp://www.spy.org.uk/cgi-bin/rfid.pl for an argument about the privacy implications surrounding the introduction of item-level taggingby Marks and Spencer.
68 See (Article 29 2005a), (ECP.nl 2005), (Juels 2005), (Garfunkel 2005), (Spiekermann 2006)69 Adapted from Garfunkel et al.2006, p. 36. N.B.: The opaque circle identifies the direct privacy threat for the tag-reader system, the line
through the tag-reader-middleware system identifies the linking of personal identity to a set of unique tags
Figure 7-1: Abstract view on privacy risks in EPC network69
The privacy threats will – in the end – bethreats to an individual. The threat may howeverbe a threat to a group of individuals, for instancein case of using profiling techniques to identify
specific characteristics of groups of users. Thisleads to the following matrix, identifying the vari-ous privacy threats that will be discussed hereun-der.
RFI
D te
chno
logi
es
123
Tech
nica
l Rep
ort S
erie
s
70 This argument was spelled out in the consultation following the publication of the Article 29 Working Party report on RFID. See (Article29 2005b).
Table 7-3: Direct and indirect privacy threats, originating from RFID-systems
Privacy threats Reader-tag system Back-end
Individual Unauthorised reading of Aggregating personal informationpersonal information Using data for purposes other than Real-time tracking of individuals originally specified
Collective/Group - Profiling and monitoring specific behaviour
7.4. Privacy threats within the tag-reader system
Privacy threats related to the tag-reader sys-tem refer to the following issues:
• The unauthorised reading of tags,
• Real-time tracking of individuals.
7.4.1. The unauthorised reading of tags
A tag may contain personal information. Iden-tity cards and specific forms of public transportcards (seasoning tickets, for instance) will containidentifiable information. They may contain directlyidentifiable information on the card such as nameand birth date. They also may contain data thatfunctions as a key for a database in which personalinformation is stored. The privacy threat in the firstcase is obvious. When the data can be read out, adirect link can be made to a person. If other datais collected as well on the card (multi-purposecards) a link may be made to these other data, thusrevealing additional information about the holderof the card. In case a card holds indirectly identi-fiable information (a pointer that may refer to infor-mation about an identifiable person in a database),the privacy threat is indirectly present. Only whenthe intruder is able to link the pointer to the realperson, privacy will be invaded. Within Europe, adispute is continuing on whether all identifiabledata should be considered as personal data (Arti-cle 29 WP, 2005). This is a difficult to solve issue.Private companies oppose a too strict definition;in their view pointers and tokens should not be
considered as personal data.70 General consensusexists that cards containing personal data requirespecific measures to prevent unauthorised personsto read the content of the card (for instance in caseof loss of the card, or in case of unauthorised read-ing of the content of the card).
People consider the unauthorised reading oftags to be the most prominent privacy threat (Spiek-ermann 2006). Unauthorised reading is possible,especially in case of using UHF-based tags withreading ranges of approximately 7-10 m. EPCglobalpushes the market towards adapting UHF-basedtags in order to enable multiple readings (higherbit-rate possible) and towards the introduction ofsmart shelves. The threat is most serious in case ofitem-level tagging. Implementation schemes ofitem-level tagging show that this will not happenon a large scale in the coming five to ten years. Onthe other hand field trials are occurring in whichspecific items are tagged. Next to the read range, itis necessary that the tag data can be read out. Thispresupposes that the data on the tag is not en-crypted and that protocols are used which enableany reader to read out the data. Spiekermann(2006) indicates that this was the case with the EPCGeneration 1 tags. When the tag can not be readout directly, read out can be attempted by means ofeavesdropping. Eavesdropping is a special class ofprivacy threat. For this kind of threats a number oftechnical conditions have to be fulfilled, such asthose concerning the read range and the clearavailability of the data. Regarding the first aspect,one may determine a relation between read rangeand privacy issues. In general, there is a strict cor-
relation between frequency used and read range;using UHF frequencies enlarges the read range to7-10 metre, the 13.56 MHz read range (commonlyin use for smart card applications) has a read rangeof 1.5 m and proximity cards only work at dis-tances of approx. 10 cm. Juels (2005) discerns be-tween different sorts of read ranges and argues thatthe tag-to-reader eavesdropping range and thereader-to-tag eavesdropping range outpace thenominal read range as specified in standards andproduct requirements. Within smart cards, whichmay contain personal information, the use of en-cryption may prevent successful eavesdropping.Authentication handshake protocols, in which thereader and the tag have to make themselves knownto each other and where successful communica-tion will only be established when they recogniseeach other, may be used to enhance secure com-munications.
7.4.2. Using tags to track persons
This is identified by Spiekermann as being thesecond biggest threat to privacy as identified bythe people engaged in her research (Spiekermann,2006). Tracking of persons via objects presupposesthe linkage of identification data with individualtrack movements. Identification data can be ac-quired on the basis of electronic payments, loyaltycards, season cards in public transport, etc. Whena person carries an object that is linked to that per-son (such as a wristwatch) the data of the tag at-tached to the wristwatch may be used asidentifiable information for the person carrying thewrist watch. It is possible to track the movementsof this person by surveying the movement of theobject for which the tag data are known. The infor-mation can for instance be used to retrieve per-sonal preferences. Information on specificcustomers in a shop can be collected on the basisof an identifiable loyalty card. The loyalty card isused to identify the customer and to follow thecustomer during his or her shopping sessions.Readers in the shop collect information aboutshopping habits of the customer, including thetime spent in specific sections of the shop. Onestep beyond is the use of readers to identify verypersonal items (such as banknotes, medicines andidentity cards). Information on these items, with-
out the person knowing it, invades the privacy ofthe person. A person need not only be identified asa person, but s/he can also be identified as part ofa group on the basis of a specific token (such asan identity card which may reveal the nationalityof the individual). For this situation the Article 29Working Party discerns specific privacy risks, in-cluding the risk that deploying this kind of tech-nologies “will cause a boost in data to beprocessed by a wide variety of controllers, givingcause to concern”.71
7.5. Privacy threats at the backend ofthe RFID system
The threats mentioned above, correlate di-rectly with the RFID-reader to tag communicationand the direct use of these data. Most privacythreats however refer to the collection and subse-quent use of information outside the tag-readersystem. Tags with unique IDs can easily be associ-ated with a person’s identity and smart cards withtheir own processing capacities may contain sen-sitive personal information. When linked to data-base systems, privacy threats may occur that arenot unique for RFID but nevertheless pose seriousproblems. We have identified the following pri-vacy threats related to the use of data outside thetag-reader system:
1. Using data for aggregating personal infor-mation,
2. Using data for purposes other than origi-nally specified,
3. Using data to monitor specific behaviours.
7.5.1. Aggregating personal information
By means of data mining techniques it is pos-sible to find correlations between hitherto sepa-rated objects (and subjects). When two personsexhibit similar travelling patterns and spend timetogether during travel, it may be assumed that theyare somehow related to each other. This informa-tion can be enriched by confronting it with otherinformation collected by other sources. When theseasoning ticket can be used as an electronicpurse, shopping preferences may be added for in-
7. P
riva
cy a
spec
ts o
f RFI
D
124
Tech
nica
l Rep
ort S
erie
s
71 Article 29 Data Protection Working Party, 2005, p. 6
stance. Data will be analysed in order to deductsocial links between persons. This privacy threatwas ranked third in the outcomes of Spiekermann’sresearch. Deducting social networks may be espe-cially interesting for intelligence agencies, for in-stance in trying to discover social networks ofcriminals: if one criminal can be traced, it is pos-sible by datamining and pattern recognition tech-niques to sort out who else has a similar pattern ofmovement. This privacy threat is closely related tothe following one.
7.5.2. Using data for purposes other thanoriginally specified
RFID data may be collected for use in specificsettings, but subsequently used in other settings.This is an example of ‘function creep’: though orig-inally not perceived, data collected for a specificpurpose turns out to be useful for other purposes aswell. To stay with the example provided under theprevious bullet: under the data retention acts thatcome into existence in Europe, national intelli-gence agencies may request the data on travel pat-terns in order to be able to select travellers whofulfil a specific profile. This has not been the in-tended use of this data. In this case one couldargue that law enforces the use of data for this typ-ical situation. The counter argument can be thatwith a specific design of the data system functioncreep may be prevented (for instance byanonymising data or by having strict rules for theperiod of data retention).
7.5.3. Using data to monitor specific be-haviours
Monitoring can be done in real time (seepoint 3 above), but it also can be done on the basisof aggregated data, that are subsequently analysedin order to deduct specific patterns of behaviour.An example of using RFID technology for individ-ual monitoring is the shop-owner who uses anidentifiable token (such as a loyalty card) to col-lect information on shopping behaviour and usesthis information to base decisions related for ex-ample on pricing without the consent of the cus-tomer. Even when the identity is not known, theshop-keeper can try to collect personal informa-tion on the basis of an identifier (such as a tag re-lated to a personal belonging of the customer).
7.6. Open and closed RFID systems
To these privacy risks we will add the follow-ing two dimensions of RFID systems (OECD,2006a). RFID systems are either open or closed.Closed RFID systems are systems that do not havelinks with an outer environment. According to theintention of the designer, data that are collectedwithin the system do not trespass the system’sboundaries and remain entirely within the system.Data from outside the system will not trespass thesystem’s boundaries either. Open systems are sys-tems in which data that are collected within thesystem may be shared with other systems.
An example of a closed system is a logisticsystem which uses proprietary solutions for dealingwith the data it collects from its tags. The tags areused to identify pallets. Tracking the pallets is eas-ier when using RFID since line of sight is not re-quired and if needed, the tags can have additionalfunctionality when combined with sensors (tomeasure temperature for instance). Additional in-formation can be stored, on the level of individualpallets. In case the data collected are only used forsupply chain purposes (following the supplies intransport), the system is a closed system. In caselinkages are made with other systems the systemmay turn from closed into an open system.
An example of an open system is a publictransport ticketing system which is used in con-junction with an electronic shopping system, forinstance by adding e-payment functionality to thetransport ticketing card for shopping at shoppingmalls. This functionality may be an interesting onefor the passenger since for example it may givehim or her benefits for shopping in shops related torailway stations. In this situation, however, the pur-pose of the travelling system and the purpose ofthe shopping system are distinct from each other.Though data sharing may be strictly bound to spe-cific rules, set in advance by the responsible au-thorities, it can not be excluded that misuse of datawill occur, since data collected for one purposemay be used for quite distinct purposes. Keepingtrack of the collected data becomes more prob-lematic in an open situation; relations may existwith third parties outside the system who use theinformation collected for other purposes. This inthe end will lead to a complicated mix of inter-twined systems in which it becomes increasinglydifficult to disentangle the various purpose speci-
RFI
D te
chno
logi
es
125
Tech
nica
l Rep
ort S
erie
s
fications of each of the systems and see whetherthey are in line with each other. Issues as ‘informedconsent’, ‘purpose specification’, ‘use limitation’and the like will have become problematic.
7.7. Strategies to cope with the privacy threats
The use of RFID poses privacy threats, eitherdirectly by its tag-reader system or indirectly by thepossible intrusion on personal information gatheredin RFID-related databases. In attempting to safe-guard privacy, different strategies may be pursued:
1. using law,
2. using self-regulation,
3. using technical solutions,
In case of RFID all three strategies are used.
Much is expected of the possibility to safeguardprivacy by technical means (‘Privacy by design’).In the following subsections we present the threestrategies in more detail.
7.8. Privacy laws
Started in 1973 with the Principles of Fair Infor-mation Practice as formulated by the US Depart-ment of Health, the OECD published in 1980 itsprivacy guidelines – which were based on thesePrinciples of Fair Information Practice; the EuropeanDirective 95/46/EC in turn was based on the OECDguidelines. The European Directive formed the basisof many national data protection laws within Eu-rope, in which national differences are of course in-troduced. Many of these are in effect today; they allencapsulate the same set of principles. This set ofprinciples is summarised in Box 7-1
7. P
riva
cy a
spec
ts o
f RFI
D
126
Tech
nica
l Rep
ort S
erie
s
72 OECD, 2006, p. 23
“The OECD Guidelines on the Protection of Privacy and Transborder Flows of Personal Data … continue to rep-resent international consensus on general guidance concerning the collection and management of personal data. …The Guidelines contain the following eight principles.
1. Collection limitation: There should be limits to the collection of personal data and any such data should beobtained by lawful and fair means and, where appropriate, with the knowledge or consent of the data subject.
2. Data quality: Personal data should be relevant to the purposes for which they are to be used, and, to the ex-tent necessary for those purposes, should be accurate, complete and kept up-to-date.
3. Purpose specification: The purposes for which data are collected should be specified not later than at the timeof data collection and the subsequent use limited to the fulfilment of those purposes or such others as are notincompatible with those purposes and as are specified on each occasion of change of purpose.
4. Use limitation: Personal data should not be disclosed, made available or otherwise used for purposes other thanthose specified except a) with the consent of the data subject or b) by the authority of law.
5. Security safeguards: Personal data should be protected by reasonable security safeguards against such risks asloss or unauthorised access, destruction, use, modification or disclosure of data.
6. Openness: There should be a general policy of openness about developments, practices and policies with re-spect to personal data. Means should be readily available of establishing the existence and nature of personaldata, and the main purposes of their use, as well as the identity and usual residence of the data controller.
7. Individual participation: An individual should have the right a) to obtain from a data controller, or otherwise,confirmation of whether or not the data controller has data relating to him; b) to have communicated to him,data relating to him (within a reasonable time; at a charge, if any, that is not excessive; in a reasonable man-ner; and in a form that is readily intelligible to him); c) to be given reasons if a request made under subpara-graphs a) and b) is denied, and to be able to challenge such denial, and d) to challenge data relating to himand, if the challenge is successful to have the data erased, rectified, complemented or amended.
8. Accountability: A data controller should be accountable for complying with measures which give effect to theprinciples.”
Box 7-1: 1980 OECD Guidelines on the protection of privacy and transborder flows of per-sonal data72
These eight principles define the informationspace in which legal forms of acquiring and pro-cessing data will take place. Some of the princi-ples may be enhanced by using technical means,some of them require organisational approaches,for instance in defining roles and responsibilitiesconcerning access to personal data. Two addi-tional principles can be formulated that may beused to control the privacy sensitivity of the appli-cations in which personal data are collected(Holvast, 2001):
• the principle of subsidiarity: the responsibleagency for the data collection has the re-sponsibility of choosing that form of datagathering, storing and processing that lim-its the impact on privacy most.
• the principle of proportionality: purposeand scope of data collection needs to bebalanced with possible privacy impacts.
Overall, consensus exists that the Europeanprivacy directive (/95/46/EC) enables a propertreatment of privacy aspects related to RFID.Some issues are still contested. The consultationof the report of the Article 29 Working Party onData Protection showed disagreement betweenprivate and public parties about the precise defi-nition of ‘personal data’ (Article 29, 2005b). Pri-vate parties disagreed with the strict approach ofthe Working Party who defined personal data as“any information relating to an identified or iden-tifiable person”. They did not consider all RFIDdata to be related to a person and they consid-ered the approach of the Working Party too re-strictive. The Working Party especially warned forthe broad scoping of identifiable information instating that “account should be taken of all themeans reasonable to be used either by the con-troller or by any other person to identify the saidperson.” (Article 29, 2005a, p.8). The consulta-tion revealed a difference of opinions about thequestion whether item level tagging based onEPC global standards will usually entail a pro-cessing of personal data. This dissensus has alsobeen acknowledged at the recently held EU Con-sultation Workshop on RFID privacy implica-tions.73 To the immediate identification the OECDadds that identification may take place some timeafter having collected the data, may be by other
parties than the parties originally responsible forthe data collection process (OECD, 2006a). Thisaddition increases the likelihood that RFID-datamay turn out to be related to individual persons,and seems to be in line with the more stringentapproach of the Article 29 Working Party.
Informed consent is another major challenge.The Article 29 Working Party stipulates the needfor informed consent when this is legally required.Consent should be freely given, should be specific,should entail an indication of the individuals ef-fective will, should be informed and should be un-ambiguous. The Working party provides theexample of a supermarket for which informed con-sent is required and the example of surgery inwhich case there is no need to inform the patientabout the data that is acquired on the tools that areused during the surgery. The practice of informedconsent around RFID will have to be sorted out,especially in circumstances when third parties mayuse the data collected.
To enable individuals to exert their rights, theWorking Party defines a number of information re-quirements that have to be met to comply with ar-ticle 10 of the Directive. Responsible partiesshould provide information on:
• the identity of the controller,
• the purpose of the processing,
• the recipients (third parties),
• the existence of a right of access.
It continues by presenting the right of accessby individuals (Article 12 of the EU directive). In-dividuals need to be able to check the accuracyof data ànd check the accuracy of the data pro-cessing.
RFID-data processing has to comply withsimilar requirements as other forms of data col-lection and processing. The European Privacy di-rective addresses the issues responsible partieshave to be aware of. It is difficult to judge thepractical consequences of a very strict interpre-tation of the directive. Concern is uttered by pri-vate parties who fear the RFID innovationprocess (and thereby economic growth) to behindered by a too strict interpretation. The OECD
RFI
D te
chno
logi
es
127
Tech
nica
l Rep
ort S
erie
s
73 EU Consultation workshop on RFID: Privacy, security, health and employment issues (16-17 May 2006, Brussels).
underscores this concern in its recent documentwhen stating “To safely construct a broad RFIDinfrastructure, a balance must be achieved be-tween regulation and innovation, whereby pri-vate sector innovation is preserved and userbenefits are available, while legitimate concernsthat determine acceptance are identified and ad-dressed.” (OECD, 2006a, p. 6).
Except for the 95/46/EC directive another di-rective may bear importance for RFID applica-tions. This is the European directive 2002/58/ECon Privacy and Electronic Communication (the‘e-Privacy directive’), which deals with issues re-lated to personal data protection rules in casedata are generated as a derivative of telecommu-nications traffic (for billing purposes for in-stance). There is some dispute about theapplicability of this directive to RFID.74 The com-bination of RFID with Location Based Servicesmight turn RFID in location based data that beara relation with subscription data and the like.The combination of RFID with a cell phone,turning the cell phone in a multifunctional de-vice, capable of Near field Communication maybe a situation in which RFID data should be con-sidered to fall under the EU directive. This pointof view was presented as a conclusion at the EUConsultation Workshop on Privacy, Security,Health and Employment effects.
7.9. Self–regulation
The private sector is willing to be engaged ina form of self-regulation. Self-regulation is in placein case legal regulations are considered to haveadverse consequences one would like to prevent,in case self-regulation clearly has an added valuein safe-guarding public interests and/or in caselegal arrangements are not opportune given thetechnical state of affairs. In case of RFID one con-siders legal arrangements to be out of line, giventhe still immature technological basis of RFID. Thisopens the way to self-regulation. So far, a numberof initiatives have taken place to stimulate self-reg-ulation.
7.9.1. Addressing the issue by NGOs
In November 2003, civil liberty organisationsin the USA (including Privacy Rights ClearingHouse, American Civil Liberties Union, Caspianand several academics) published a “PositionStatement on the use of RFID on Consumer Prod-ucts.” The Statement was very critical about RFIDand stated that “if used improperly, RFID has thepotential to jeopardize consumer privacy, reduceor eliminate purchasing anonimity, and threatencivil liberties.” (Garfinkel, 2005, p. 36). The organ-isations plead for a moratorium on the deploymentof RFID until a formal Technology Assessment hasbeen undertaken.
7.9.2. EPCglobal guidelines for EPC usage
EPCglobal has recently (2005) published a setof guidelines for EPC usage.75 Components of thisset are: notice, choice, security, record use, reten-tion and consumer education. Notice is given byusing marks on tagged objects and readers; choicerefers to the possibility consumers may have to de-activate or remove the tag; security, record use andretention are safeguarded by EPC’s statement that“the Electronic Product Code does not contain,collect or store any personally identifiable infor-mation.” (quoted in OECD, 2006a, p. 25). This ap-proach hinges on a clear separation between thetag-reader system and the use of the aggregated in-formation in back-end systems, where product in-formation can be combined with personalinformation, such as a loyalty card. Consumer ed-ucation is perceived to be time consuming; theywill have to be educated in order to recogniseproducts with EPC tags.
7.9.3. Centre for democracy and tech-nology guidelines for the deploy-ment of RFID technology
The American Centre of Democracy andTechnology has recently published a draft set ofguidelines for the deployment of RFID technology(CDT, 2006). The guidelines have been discussed
7. P
riva
cy a
spec
ts o
f RFI
D
128
Tech
nica
l Rep
ort S
erie
s
74 See for instance the Dutch position paper, written by a Dutch interest group on RFID, hosted by the Electronic Commerce Platform ECP.nl.Within this position paper, it is argued that European Directive 2002/58/EC is not applicable to RFID since no specific telecommunica-tions infrastructure is in place for RFID and no specific operators for RFID are known (ECP, 2005).
75 www.epcglobalinc.org/public_policy/public_policy_guidelines.html
with and are supported by a variety of importantAmerican stakeholders in the privacy dispute, suchas Procter and Gamble, Microsoft, VISA USA andthe National Consumers League. The guidelinesare based on three general principles:
1. Technology neutrality: RFID technology byitself does not pose a privacy threat; pri-vacy is threatened due to failing responsi-bilities in dealing with the datadisseminated by RFID.
2. Privacy and security as primary design re-quirements: Users of RFID technology
should address privacy and security issuesas part of its initial design.
3. Consumer transparency: There should beno secret RFID tags or readers. The guide-lines resemble the EPCglobal guidelines;the most important elements are equivalentto the EPCglobal guidelines; a few new en-tries are added.
The guidelines comprise: give notice; choiceand consent; onward transfer, access and security(see Box 7-2).
RFI
D te
chno
logi
es
129
Tech
nica
l Rep
ort S
erie
s
76 This is fully in line with the Sydney declaration (2003) in which it is stated that “Whenever RFID tags are in the possession of individu-als, they should have the possibility to delete data and to disable or destroy the tags”. www.privacyconference2003.org
77 Source CDT, 2006
CDT Guidelines for deployment of RFID Technology
1. Give noticeClear notice should be provided when information, including location information is collected through an RFID sys-tem and linked to a Personal Identification Information system (PII).Consumers should be notified when entering an environment (public or private) where RFID technology is in use. Consumers should be informed about the purposes of collection and use of the data collected.Consumers should be informed when there is the possibility to deactivate or remove a tag; the burden of removingthe tag should not be by the consumer.Consumers should be noticed before the completion of a transaction.The company collecting the data is responsible for providing notice.
2. Choice and ConsentConsumers should be notified in case they have a choice for usage or non-usage of RFID. Consumers should be notified in case they have a choice for removing, de-activating or destroying the tag; in caseconsumers exercise their choice to remove, de-activate or destroy the tag, benefit from a warranty, or benefit fromthe protection of local law should not be compromised.76
In case linked information is solely used in order to facilitate a service delivered (including the functioning of a de-vice) notice can be given, but consent or choice need not to be solicited. In other cases, consumers should be of-fered the opportunity to consent to such uses.
3. Onward transferIn case personally identifiable information is shared with third parties, the contract with these parties should entailprovisions with respect to level of protection of shared data to be equal or greater than afforded by the companycollecting the data.
4. AccessWhen personal identifiable information is maintained on the tag itself, individuals should have reasonable accessto their informationIf an individual receives an adverse decision based on linked information about him or herself, that individual shallhave reasonable access to that information.
5. SecurityCompanies should exercise reasonable and appropriate efforts to secure RFID tags, readers and any corollary in-formation from unauthorised reading, logging and tracking.Companies should establish and maintain an information security programme in keeping with industry standards,appropriate to the amount and sensitivity of the information stored on their system.Companies should minimize the information stored on the tags themselves.
Box 7-2: Privacy guidelines by centre for democracy and technology working group on RFID77
The various approaches towards privacyguidelines known today are all USA-based. WithinEurope, discussion about appropriate guidelinesand the role of guidelines vis-à-vis law enforce-ment has to be initiated yet. Discussing guidelineshas the advantage above imposing regulations thatit opens the debate, raises awareness and enablesthe sector to regulate the expected detrimentalconsequences of RFID themselves, with probablybetter results than when enforced by governments.Still, self-regulation will always be an add-on toformal regulation and will not replace regulation.
7.10. Technical solutions
There seems to be general consensus that pri-vacy and security are two sides of the same coin incase of RFID. The Consultation Workshop in RFID,held 16 and 17 May 2006 in Brussels, showed aremarkable convergence on this by all partici-pants, both from industry and academia. TheOECD and the Article 29 Working Party on DataProtection endorse this view. The Article 29 Work-ing Party “considers that technology may play akey role in ensuring compliance with the data pro-tection principles in the context of processing per-sonal data collected through RFID technology. Forexample, the design of RFID tags, RFID readers aswell as RFID applications driven by standardiza-tion initiatives may have a great impact in min-imising the collection and use of personal data andalso in preventing any unlawful forms of process-ing by making it technically impossible for unau-thorised persons to access personal data.” (Art 29WP, 2005, p. 12)
The OECD refers to many security researcherswho argue in favour of considering both privacyand security issues that RFID raises before stan-dards are set and implemented. According to theOECD “this ‘privacy by design’ approach mightprove to be more efficient in the long run.”, refer-ring to the other approaches (law enforcement andself-regulation). (OECD, 2006a, p. 19).
Various solutions have been presented fortackling privacy issues by means of technologies,but most of them face practical drawbacks. Over-all, these approaches should be considered asbeing part of Privacy Enhancing Technologies(PET). PET is based on minimising data collectionthat may entail personal data. The Common Crite-
ria (part of ISO 15408) describe the following func-tionalities of PET:
• Anonymity: PET enables individuals to getservices without revealing their identity.
• Pseudo-identity: PET enables individuals toget services without revealing their identity,by giving them a pseudo-identity; the realidentity is related to the pseudo-identities ina database which only can be accessed byauthorised persons.
• Unlinkability: individuals can use specificservices while the use of the services cannot be linked to each other.
• Unobservability: users can use services un-noticed by third parties.
Anonymity is stronger than pseudo-identity;unobservability is stronger than unlinkability (Reg-istratiekamer/TNO, 1995). Looking at the purposesof RFID, which is identification of objects or per-sons and linking this to services, the four PET func-tionalities need to be explicitly taken into accountwhen developing an RFID-based information sys-tem. They may serve as systems requirements thatneed to be fulfilled. They refer, amongst others, tousing encryption techniques in case of storing per-sonal data on a RFID tag (or smart card), to pre-vent unauthorised access. They also refer tointroducing pseudo-identities in case the identityof persons is not strictly required. Pseudo-identi-ties enable using the same RFID-cards for separatedomains by enforcing different identities. The PET-functionalities may be used for the entire RFID-sys-tem, thus including the back-end systems whereusage of the data is made and where linkages be-tween different sources can be prepared. Theseapproaches do not necessarily address RFID-is-sues, since they address more generic privacy con-cerns in dealing with stored and processed data.
Solutions that are more directly related toRFID are solutions that try to keep control over thedata flow to the user (by means of killer andblocker tags) in order to prevent information to bedisseminated against the wish of the user, and tooffer the users an ‘opt-in’ choice. These solutionsare based on the technical functioning of the RFIDsystem, especially in the communication of RFIDtag and reader. Other proposed solutions in thisvein are using a Faraday cage to shield the tagfrom being read and reducing or removing the an-
7. P
riva
cy a
spec
ts o
f RFI
D
130
Tech
nica
l Rep
ort S
erie
s
tenna (in first case as a means to reduce the read
range, while in the last case as a means to disable
the tag).
‘Privacy by design’ means that compliance
with the privacy principles is sought by means of
appropriate technical measures. Security re-searchers have shown that almost the full set ofprinciples for Fair Information Practices can bemet by an appropriate choice of data handlingprotocols. Box 7-3 presents an overview of theapproach.
RFI
D te
chno
logi
es
131
Tech
nica
l Rep
ort S
erie
s
78 Source Floerkemeier et al., 200579 See (OECD, 2006a), (Juel 2005).
Box 7-3: Enforcement of compliance of RFID with fair information principles78
Scanning with a purpose – Supporting the fair information principles in RFID Protocols
Openness through reader and policy identificationToday tags can not identify readers they are communicating with. It is proposed to add a unique reader policyID (RPID) into the inventory command of the reader. This RPID can have a similar structure as the General Iden-tifier Encoding (GID96) of EPC.
Purpose specification in inventory commandThe Platform for Privacy Preferences Project (P3P) discerns twelve abstract purpose types. For RFID, fourteen pur-pose types have been discerned of which thirteen can be encoded as single bits. Five different profiling typescan be discerned: - ad-hoc tailoring (immediate and anonymous tailoring; example: providing recommendations on the basis of
the content of a shopping basket); - pseudo-analysis (use data to learn about preferences and characteristics of individuals; example: use informa-
tion for re-arranging shelves); - pseudo-decision (make customization decisions based on the interests of individuals without identifying them); - individual-analysis (use collected and aggregated data to make personal profiles of individuals); - individual-decision (use the collected information to determine individual preferences and to link them with
identified data; this profile allows personal suggestions). The latter profiles include the former.
Use limitation through collection typesFour different collection types are discerned: anonymous monitoring (collection status information without theneed for actual identification); local identification (collection of unique IDs without the need for correlation ofevents); item tracking (monitoring item movements); and person tracking. By using collection types, boundariesare drawn between the various forms of data collection.
Collection limitation by appropriate tag selectionOne can use selection masks to restrict tag ID collection. This requires the tag ID’s to follow a known structure.This is the case with EPC tags.
Watchdog tagIn order to empower the user, a so-called watchdog tag can be used. A watchdog tag is an ordinary tag with abattery, a screen and a long range communication channel. It decodes commands transmitted by a reader andmakes them available on screen. It can inform the user that some anonymous reader is scanning for tags in itsvicinity. It can provide the operators ID, the purpose and type of data collection and the target range of tags.
The approach sketched above relates to theuse of the Electronic Product Code. It is not a so-lution for use by more sophisticated tags, for in-stance in smart cards. Still, it is an interestingapproach since it shows the viability of addressingprivacy and security measures before standards areformulated and deployed. In practice, a number ofproblems still have to be overcome.79 For one, toinclude issues such as air interface encryption and
mutual authentication (between tag and reader)one requires readers with bi-directional commu-nication (i.e. readers that transmit informationabout their status to the tag). Today, these readersare quite expensive (a few thousands of dollars perpiece) which makes the deployment of these read-ers in environments where many of them are re-quired, prohibitive. Another problem is the factthat low cost RFID devices do not have the com-
putational resources to use selected cryptographicmethods. The kill tag, though appealing throughits radical approach, may kill beneficial uses of theinformation that is hidden on the tag as well. Thismay be circumvented by using password driventags, i.e. tags that can be re-activated by the userby means of a password. Using encryption may behindered by problems of key distribution.
7.11. Conclusions
The European directive 95/46/EC and the na-tional laws that are based upon it offer a goodstarting point for tackling privacy issues related toRFID. What should be questioned is the extent inwhich the Directive is able to deal with the realityof a situation in which RFID becomes widespreadand is related to personal or identifiable informa-tion. What precisely should be considered as per-sonal data is still an open issue. Aspects, such ashow to practically organise informed consent, willhave to be tackled as well.
In the future, the European e-Privacy directive(2002/58/EC) may become more important forRFID systems. This will especially be the case forthe combination of RFID with location based serv-ices. For the time being, use of RFID does not seemto comply with the requirements of the e-Privacydirective.
Self-regulation is considered as having severalpositive effects: it creates commitment by stake-holders, it creates awareness by stakeholders andthe general public, and it will contribute to com-ing to terms with the boundaries of existing pri-vacy laws. Several initiatives for creating Codes ofconduct are in place yet, most of them being US-based. Europe has a backward position in this re-spect. Codes of conduct handle such issues asnotification, choice and consent, transfer to thirdparties, access and security.
Technical solutions to enforce privacy com-pliance may be of various kinds. For one, spe-cific technical measures are possible thatprevent collection of (personal) data and en-hancing control by users (blocker and killer tags,‘deep sleep mode’, using Faraday cage and de-stroying antenna capacity). For another, it hasbeen shown that the Principles of Fair Informa-tion Practice can be realised by an appropriateconfiguration of the reader-tag communication.Privacy Enhancing Technologies enable privacyenhancing functionalities of RFID systems, suchas realising anonymity, using pseudo-identitiesand realising unlinkability and unobservability.Technical solutions may have a drawback, inthat they are costly, require managerial re-sources, or deny useful functionalities of RFIDsystems to users.
7. P
riva
cy a
spec
ts o
f RFI
D
132
Tech
nica
l Rep
ort S
erie
s
8. Security aspects of RFID
RFI
D te
chno
logi
es
133
Tech
nica
l Rep
ort S
erie
s
8.1. General overview of RFID secu-rity threats
This chapter will contain a general overviewof security threats of an RFID system, consisting ofan RFID tag and a reader. The security threats areclassified as either threats for the tag, or the air in-terface between the tag and the reader, or thereader.
8.2. Security threats for the tag
8.2.1. Falsification of contents
Data can be falsified by unauthorized writeaccess to the tag. This type of attack is suitable fortargeted deception only if, when the attack is car-ried out, the ID (serial number) and any other se-curity information that might exist (e.g. keys)remain unchanged. This way the reader continuesto recognize the identity of the tag correctly. Thiskind of attack is possible only in the case of RFIDsystems which, in addition to ID and security infor-mation, store other information on the tag.
8.2.2. Falsification of tag ID
The attacker obtains the ID and any securityinformation of a tag and uses these to deceive areader into accepting the identity of this particulartag. This method of attack can be carried out usinga device that is capable of emulating any kind oftag or by producing a new tag as a duplicate of theold one (cloning). This kind of attack results in sev-eral tags with the same identity being in circulation.
8.2.3. Deactivation
These types of attack render the tag uselessthrough the unauthorized application of delete orkill commands (Auto-ID center). Depending on thetype of deactivation, the reader can either nolonger detect the identity of the tag, or it cannoteven detect the presence of the tag in the readingrange.
8.2.4. Physical destruction
Tags could be physically destroyed by chem-ical or mechanical means, or by using strong elec-tromagnetic fields (like in a microwave oven).Active tags could also be shut down by removingor discharging the battery.
8.2.5. Detaching the tag
A tag is separated physically from the taggeditem and may subsequently be associated with adifferent item, in the same way that price tags are“switched”. Since RFID systems are completelydependent on the unambiguous identification ofthe tagged items by the transponders, this type ofattack poses a fundamental security problem, eventhough it may appear trivial at first sight.
8.3. Security threats for the air inter-face
8.3.1. Eavesdropping
The communication between reader andtransponder via the air interface is monitored byintercepting and decoding the radio signals. This isone of the most specific threats to RFID systems.The eavesdropped information could for examplebe used to collect privacy sensitive informationabout a person. It could also be used to perform areplay attack, i.e. the attacker records all commu-nicated messages and later on can either simulatethis tag towards the reader, or simulate this readertowards the tag.
8.3.2. Blocking
So-called blocker tags (Juels et al., 2003) sim-ulate to the reader the presence of any number oftags, thereby blocking the reader. A blocker tagmust be configured for the respective anti-collisionprotocol that is used.
8.3.3. Jamming
Jamming means a deliberate attempt to dis-turb the air interface between reader and tag andthereby attacking the integrity or the availability ofthe communication. This could be achieved bypowerful transmitters at a large distance, but alsothrough more passive means such as shielding. Asthe air interface is not very robust, even simplepassive measures can be very effective.
8.3.4. Relay attack
A relay attack (Kfir et al, 2005) for contactlesscards is similar to the well known man-in-the-mid-dle attack. A device is placed in between thereader and the tag such that all communication be-tween reader and tag goes through this device,while both tag and reader think they communicatedirectly to each other. Smartly modifying this com-munication could for example in payment systemslead to charging the wrong electronic wallet (asmart card with an RFID tag). To make this attackmore practical one could increase the distance be-tween the legitimate card and the victim’s card bysplitting the device into two components, onecommunicating with the reader, and one with thevictim’s card. The communication between these
two components could be implemented by anykind of fast wireless technology.
8.4. Security threats for the reader
8.4.1. Falsifying reader ID
In a secure RFID system the reader must proveits authorization to the tag. If an attacker wants toread the data with his own reader, this reader mustfake the identity of an authorized reader. Depend-ing on the security measures in place, such an at-tack can be “very easy” to “practically impossible”to carry out. The reader might need access to thebackend in order, for example, to retrieve keys thatare stored there.
8.4.2. Security threats for other parts ofRFID systems
When considering the security challenges ofRFID in a broader perspective, one has to take intoaccount the infrastructure including a back officewhere additional information of all tags is stored,and the aspect of convenience in use. A generalRFID architecture is depicted in Figure 8-1.
8. S
ecur
ity a
spec
ts o
f RFI
D
134
Tech
nica
l Rep
ort S
erie
s
Figure 8-1: A general RFID architecture
Real-life RFID deployments employ a widevariety of physically distributed RFID readers, ac-cess gateways, and databases. The middlewarereceives events from the RFID readers when tagsare scanned. These events are passed through anumber of filters, which process the events in an
application-specific manner. When an event haspassed through all filters, it is dispatched to thecomponents that have registered an interest insuch events. Often, one of these components willstore the event in a database, for further process-ing.
RFID readers are generally connected to themiddleware using modular drivers much like Win-dows uses device drivers to communicate with agraphics card. This allows different readers to beused with the middleware, without having to mod-ify the middleware.
In addition to event-processing, the middle-ware handles different kinds of user interfaces. Auser interface is generally provided for system-management purposes, for example to modify theseries of filters through which an event is passed.There will also be user interfaces that allow regu-lar users to access the system and use it. For ex-ample, in a supermarket distribution centre, therewill be a user interface that provides informationon the current stock levels.
The middleware also communicates withother software systems, which implement the ap-plication’s business logic. To stay with the super-market example, it is likely that the supermarketRFID system is connected to a stock managementsystem, which orders new stock from suppliers be-fore it runs out.
When considering the broader RFID architec-ture of Figure 8-1, new security risks and counter-measures come to mind:
8.4.3. Tag-borne attacks at back office80
One could foresee an attack at the back officethrough information stored at the tag, which wasrecently shown by PhD student Melanie Rieback,MSc student Patrick Simpson, Assistant ProfessorBruno Crispo, and Professor Andrew Tanenbaumof the Vrije Universiteit in Amsterdam (Rieback etal., 2006). Basically there are three types of RFIDmalware which are mentioned in increasing com-plexity of implementation:
1. RFID exploits: Just like other software, RFIDsystems are vulnerable to buffer overflows,code insertion and SQL injection.
2. RFID worms: A worm is basically an RFIDexploit that downloads and executes re-mote malware. A worm could propagatethrough the network or through tags.
3. RFID viruses: An RFID virus starts with ma-licious content of a tag. When the tag isread out, this initiates a malicious SQLquery which would disturb a database inthe back office. Although such an attackhas not yet been performed in practice(AIM Global, 2003), such a type of threatcannot be excluded.
8.4.4. Misuse of gateway interface
The user interface to the gateway could bemisused by unauthorised people to attack the in-tegrity of the filters and to misguide the productmanagement system.
8.4.5. Corrupted drivers
The drivers that are used by RFID readers tocommunicate with the middleware could be cor-rupted. This could be done either by modifying thedriver of a legitimate reader, or by replacing the le-gitimate reader with a fake reader that has a cor-rupted driver. A corrupted driver could be used toattack and misguide the gateway.
8.4.6. Attacking the reader-gateway com-munication
The communication between reader andgateway could be eavesdropped or modified.
8.5. Security measures for the tag
8.5.1. Security measures to prevent unau-thorized modification of tag data(contents and ID)
An obvious security measure to prevent mod-ification of tag data is to use read-only tags forwhich unauthorized modification is intrinsicallyimpossible. Another effective measure, also rec-ommended for reasons of data management, is toshift all data except the ID to the backend. Sometypes of tags dispose of an authentication method(like the ISO 9798 standard), through which the
RFI
D te
chno
logi
es
135
Tech
nica
l Rep
ort S
erie
s
80 We only consider attacks at the back office that are RFID related.
reader can be authenticated by the tag such thatonly authorized readers can modify the tag con-tents.
8.5.2. Security measures for deactivation
Unauthorized application of delete com-mands or kill commands can be prevented byusing an authentication method (when available).
8.5.3. Security measures for physical de-struction
A counter measure for physical destruction ofthe tag would be a close mechanical connectionbetween the tag and the tagged item to make it dif-ficult to destroy the tag without damaging the item.To prevent discharging the battery of an active tagone could implement a sleep mode in the tag.
8.5.4. Security measures for detaching thetag
A counter measure for detaching the tag fromthe tagged item would be a tight mechanical bondbetween the tag and the tagged item to ensure thatremoving the tag will also damage the product. Incase of active tags, an alarm function is conceiv-able: a sensor determines that the tag has been ma-nipulated and transmits the alarm to a reader assoon as it comes within range. For high valueitems an option would be to manually checkwhether the tag is attached to the correct item.
8.6. Security measures for the air in-terface
8.6.1. Security measures for eavesdrop-ping
An effective measure to reduce the effect ofeavesdropping is to shift all data to the backend. Aconsumer that just bought some tagged object,which tag has no legitimate use any more, coulduse shielding to prevent the tag from being readout by intruders. This could be established bywrapping the tag in metal foil or by placing it inan aluminium-coated bag. More advanced tagshave a module to encrypt the communication with
the reader which also prevents eavesdropping.Such advanced tags cannot by read out by intrud-ers, and are still available for legitimate use. An-other measure would be to design the RFID systemsuch that tags are used with a small range which isjust sufficient for the legitimate readers (andthereby shutting out a class of unauthorised read-ers).
8.6.2. Security measures for blocking
There are no technical measures to preventthe use of blocker tags, but a solution is to bantheir use in the standard terms and conditions ofbusiness.
8.6.3. Security measures for jamming
It is possible to detect jamming transmittersby performing random measurements or by usingpermanently installed field detectors.
8.6.4. Security measures for relay attacks
One way to guard against relay attacks is toshield the tag when it is not used e.g. by puttingthe tagged card in a Faraday like cage (Kfir et al.,2005). Another way is to require an additional ac-tion by the user (push a button, type in a PIN codeor use a fingerprint) to activate the tagged card, al-though this solution eliminates some of the con-venience of the contactless system.
8.7. Security measures for the reader
8.7.1. Security measures for falsifying thereader ID
To prevent readers to falsify their ID and ob-tain unauthorized access to a tag, an authentica-tion method (when available at the tag) can beused to authenticate the reader towards the tag(ISO/IEC, 1999). This risk can be further reducedwhen the reader has to access the backend duringthe authentication procedure, e.g. to retrieve cryp-tographic keys.
Note that these measures are designed to as-sure the integrity of a reader that is about to com-municate with the tag. For measures like shielding
8. S
ecur
ity a
spec
ts o
f RFI
D
136
Tech
nica
l Rep
ort S
erie
s
which prevent an unauthorised reader from com-municating at all see “Security measures for eaves-dropping” (8.6.1).
8.8. Security measures for otherparts of RFID systems
8.8.1. Security measures for tag-borne at-tacks at back office
To avoid such attacks, the content of tagsshould be checked by the reader, and regular se-curity measures should be taken to protect thegateway. A typical countermeasure against RFIDviruses is to improve the software in the gatewaywhich is able to distinguish a regular tag ID froman SQL query such that these attacks can be pre-vented from entering a database.
8.8.2. Security measures for misuse ofgateway interface
To prevent such an attack the user interfaceshould be provided with some kind of authentica-tion mechanism such that only authorised usersare able to access the gateway. Another measurewould be to place the gateway and the user inter-face in a physically protected room such that onlyauthorised employees that have access to thisroom can access the user interface.
8.8.3. Security measures for corrupteddrivers
A possible solution to this problem is to useonly signed drivers, i.e. each legitimate drivershould be digitally signed such that the gatewaycan check that communicating readers contain alegitimate driver.
The use of drivers enables the fact that differ-ent readers can be used to communicate to thegateway. From a security point of view the use ofdifferent readers should be encouraged becausean attack is likely to be specific for one type ofreader or one type of driver, so a diversification oftypes lowers the impact of a possible attack.
8.8.4. Security measures for attacking thereader-gateway communication
The communication between reader andgateway could be eavesdropped or modified.
8.8.5. Security measures against cloning
When considering one tag and one reader asa system, which has been done in the previoussections, the risk of cloning (duplication of the tagID in a new tag) has been identified. Only in thebroad view of the complete architecture, such arisk could be handled: in the database where allthe different tag IDs (with respect to a specific ap-plication) are collected, a duplicate ID could bedetected and in some cases even the clone couldbe recognized (i.e. be distinguished from the orig-inal tag).
8.9. General security evaluation ofRFID
Given the security risks of an RFID system,and the available security measures, we can eval-uate the security of RFID. This means incorporat-ing (a qualitative estimate of) the costs of eachsecurity measure and on the other hand (a qualita-tive estimate of) the costs of performing a specificattack (FOIS, 2004). The comparison of these twotypes of costs will give insight into the vulnerabil-ities of RFID systems.
RFI
D te
chno
logi
es
137
Tech
nica
l Rep
ort S
erie
s
Table 8-1: Summary of security evaluation
Object Threat Cost of performing attack Cost of countermeasures
Tag Unauthorized modification of data Medium to high Low to medium
Deactivation Low to medium Medium
Physical destruction Low to medium Low to medium
Detaching the tag Low Low to medium
Air interface Eavesdropping High Medium
Blocking Low Low
Jamming Medium to high Medium to high
Relay attack High Low to medium
Reader Falsifying reader ID Medium to high Medium
8. S
ecur
ity a
spec
ts o
f RFI
D
138
Tech
nica
l Rep
ort S
erie
s
The summary of the security evaluation isshown in Table 8-1. The qualitative estimates ofthe costs are explained in the following sections,followed by a separate section of conclusions.
8.9.1. The costs for unauthorized modifi-cation of data
To perform an unauthorized modification ofdata in case of re-writable tags, the attacker wouldhave to acquire a reader that is capable of writingon the tag. Due to the short range involved thepossibility of this attack is limited. The longer therange of the reader, the more expensive the attackwould be.
In general, a read-only tag is less expensivethan a re-writable tag, so in case the applicationallows, a replacement by read-only tags would bea fine countermeasure. When the tag has an au-thentication method available, the costs of switch-ing it on are low, most expenses would go in themanagement of tags and readers which have to beloaded with cryptographic keys. To shift all dataon the tag to the backend requires a new infra-structure (in the backend and for provisioning ofthe tags and readers) which brings high initialcosts, but will fade out later.
8.9.2. The costs for deactivation
A deactivation by means of a kill commandrequires a dedicated device and usually a pass-word.
When the tag has an authentication methodavailable, the costs of switching it on are low, most
expenses would go in the management of tags andreaders which have to be loaded with crypto-graphic keys. This would prevent unauthorizedusage of the kill command.
8.9.3. The costs for physical destruction
To physically deactivate a tag is easy bymeans of chemicals or exposure to an electromag-netic field, or to destroy the antenna.
To prevent physical deactivation one couldintroduce a tight mechanical bond between the tagand the tagged item to ensure that removing thetag will also damage the product.
8.9.4. The costs for detaching the tag
In general a tag can be easily detached fromthe tagged item, unless some mechanical bond isplaced between the tag and the tagged item. Alarmfunctions in which tag manipulation is detected bya sensor are only available in more expensive ac-tive tags.
8.9.5. The costs for eavesdropping
To perform unauthorized reading of data, theattacker would have to acquire a suitable reader.Due to the short range involved the possibility ofthis attack is limited. The longer the range of thereader, the more expensive the attack would be.
A cheap and effective way to prevent eaves-dropping is to use some kind of shielding of thetag, although this would have to be performed forevery tag. When the tag has an encryption method
available, the costs of switching it on are low; mostexpenses would go in the management of tags andreaders which have to be loaded with crypto-graphic keys. To shift all data on the tag to thebackend requires a new infrastructure (in the back-end and for provisioning of the tags and readers)which brings high initial costs, but will fade outlater.
8.9.6. The costs for blocking
A blocker tag is relatively cheap and can pre-vent a reader from working properly, although theyonly work for specific anti-collision procedures.An easy countermeasure is to ban their use in thestandard terms and conditions of business.
8.9.7. The costs for jamming
A jamming transmitter has to be powerfulenough to jam the tag-reader interface, and it re-quires some technical experience. The price of thetransmitter increases with its range.
A field detector to detect possible jammingtransmitters is a dedicated device, and measure-ments are performed by skilled engineers.
8.9.8. The costs of a relay attack
To perform a relay attack requires a specialdevice to intercept and modify the radio signal,and especially the communication between thetwo main components would be sophisticated.
To place the smart card in a Faraday saveholder is relatively easy to do. An extra action bythe user before activating the smart card would re-quire a more sophisticated card and/or reader.
8.9.9. The costs for falsifying the reader ID
To falsify the reader ID, an attacker wouldhave to obtain some secret key. The difficulty forobtaining such a key depends on the implementa-tion.
When the tag has an authentication methodavailable, the costs of switching it on are low, mostexpenses would go in the management of tags andreaders which have to be loaded with crypto-graphic keys.
8.10. RFID security challenges in abroader perspective
The security risks that are mentioned in theprevious paragraphs depend of course on the typeof application in which RFID is used. The serious-ness of each risk will vary along the different appli-cation areas. Therefore, we will analyse theseriousness of the security risks mentioned in sec-tion 8.1 for the most relevant application areas,which will give some insight in the considerationsinvolved.
We consider five application areas of whichthe first four are cases within the overall RFIDstudy and the fifth offers an interesting case from asecurity perspective:
• Healthcare: consider the environment of ahospital or clinic. RFID in such environ-ments is typically used for tracking and list-ing tagged medicines and blood bags. Alsopersons could be tagged. We consider twosituations in which persons are taggednamely doctors that have to be tracked (inwhich room they are) in case of an emer-gency, and patients that have to remainwithin specific areas (e.g. an area for seri-ous psychiatric patients). In the latter caseRFID is used for access control at the bor-ders of these areas.
• Animal tracking: in some situations animalsare tagged (externally or internally) in orderto trace them in case of an infectious dis-ease. Currently this is only done with goats,sheep and pets.
• Public transport: in several cities (e.g. Lon-don, Porto) and countries (e.g. the Nether-lands) an electronic ticketing system hasbeen developed such that only people witha valid ticket can pass the gate and enter thebus, tram or train. Some tickets are anony-mous, some are personalised.
• Identity card: some identity cards, like thenew passport in the Netherlands, containRFID chips such that the passport can beread automatically. To hinder unauthorisedreading, an initial step is required before theRFID tag can be read. In this initial step anoptical device will have to look into thepassport and read the cryptographic keywhich is subsequently used to encrypt the
RFI
D te
chno
logi
es
139
Tech
nica
l Rep
ort S
erie
s
communication between tag and RFIDreader.
• Smart shop: articles in a shop are taggedusing Object Naming Service (ONS). Thetag is not only used for logistics and identi-fication, but also for providing extra serv-ices to the customer. The tag number leadsto an Internet site where additional informa-
tion about the article can be found like awarranty, the ingredients of the product, etc.
Within each application area, an estimate ofthe seriousness of the different security risks ismade. The summary of this evaluation is shown inTable 8-2, where “N/A” means that this securityrisk is Not Applicable to (or not realistic within)this application area.
8. S
ecur
ity a
spec
ts o
f RFI
D
140
Tech
nica
l Rep
ort S
erie
s
For a clarification of the security risks see sec-tion 8.2. The results of Table 8-2 are explained foreach application area in the following sections.
8.10.1. Healthcare
When the tag number of medicines or bloodbags could be modified by unauthorised people,the impact of such an action would be high be-cause it might lead to patients receiving bad med-icines or wrong blood types. Although theprobability of occurrence and success could below, the high impact of such an attack still justifiesadequate measures to prevent it.
The deactivation of a medicine tag in a hospi-tal environment for privacy reasons will probablybe less useful since the linking between medicinesand patients is usually performed in a database inthe back-end.
A physical destruction of a tag on a medicineor blood bag might cause confusion but will not
lead to patients receiving bad medicines or wrongblood types. A patient whose action radius isbounded by his tag however has a clear motiva-tion for destroying the tag. A possible measurewould be to require a valid tag before leaving thearea, but this would also have consequences forvisitors and hospital personnel. A doctor that isbeing traced by his tag could incidentally destroyhis tag, so some alert mechanisms could be built infor this.
Detaching the tag of a medicine has the sameconsequence as physical destruction of the tag.The hospital should have alternative ways (e.g. eti-quettes) to identify medicines. The main differenceis that this tag could be (accidentally) replaced atanother medicine with possible severe conse-quences. The same reasoning goes for detachingthe tag on patients or doctors.
Other security threats like eavesdropping andjamming are possible but seem unrealistic in thisapplication area.
Table 8-2: Security risks per application area
Health Animal Public Identity SmartSecurity risk care tracking transport card shop
Unauthorized high tags are relevant for modification impact read-only relevant high impact rewritableof data variants
Deactivation linking in N/A frustration N/A privacy vs.database extra service
Physical only for possible procedural fraud consumerdestruction persons by animal measures right
Detaching both persons possible by leads to physical leads to physical consumerthe tag and objects animal destruction destruction right
Eavesdropping N/A N/A replay attack relevant privacy
Blocking N/A N/A sabotage sabotage sabotage
Jamming N/A N/A sabotage sabotage sabotage
Relay attack N/A N/A possible free transport ID fraud possible
Falsifying reader ID N/A N/A replay attack relevant privacy
8.10.2. Animal tracking
Most of the tags in this application area areread-only tags, so there is no risk of unauthorizedmodification of data. Since there is also no reasonfor having a deactivation function, this risk ishardly applicable. In case of rewritable tags, thereis a risk of unauthorized modification of the tags bythe owner, especially in case of fraud. This wouldblock the goal of tracking the animals in case ofinfectious disease. However, since all animals areregistered in a central database, this action will notbe effective.
The highest risk in this application area is therisk of physical destruction or detachment of thetag by the animal. This would block the goal oftracking the animals in case of infectious disease.A measure to reduce this risk is to regularly checkthe presence of a valid tag on these animals.
Note that it might be in the interest of theowner to destroy tags of his animals to avoid beingheld liable by animal health authorities. However,as noticed before, since all animals are registeredin a central database, such an action will not beeffective.
8.10.3. Public transport
Unauthorized modification of the contents ofa ticket is very relevant in a public transport tick-eting system. The departure or arrival location in aticket could be changed, or billing information ofthe ticket could be changed. Some ticketing sys-tems incorporate an electronic purse that could beuploaded.
The tags in the tickets might have deactiva-tion functionality for deactivating the tag duringdistribution to the ticket office. There is a risk thatpassengers will cause frustration to other passen-gers by deactivating their tickets during transport.This risk can be limited by using proper authenti-cation mechanisms for the deactivation function.
Physical destruction of the tag, either acciden-tally or on purpose, is a clear risk of such a ticket-ing system. Clear procedural measures should betaken to cope with it.
The tickets are usually designed such that apossible detachment of the tag can only be doneby physical destruction of the ticket. Replacement
of a tag on another ticket is not a serious threat be-cause tickets can only be used once.
By eavesdropping an RFID communication,e.g. by putting an eavesdropping device in a gateor using an illegal RFID reader, one could be ableto reuse (replay attack) this communicated infor-mation to form invalid tickets.
Blocking and jamming will probably not leadto free tickets, but could severely frustrate (or evenshut down) the public transport system.
A (sophisticated) relay attack could lead topublic transport on the cost of other persons. Sincesuch an attack is rather elaborate to develop, it willonly be interesting when it results in a large num-ber of free passages. A detecting mechanism in theback-office could reduce the risk of such an attack.
8.10.4. Identity card
Unauthorised modification of data is ofcourse absolutely undesirable in case of an iden-tity card. Therefore, in the design of the ID card,sophisticated measures are taken to reduce the riskof such an attack.
There’s no reason to implement deactivationfunctionality into an ID card, so there’s no risk fordeactivation.
The ID card is designed in such a way that de-tachment of the tag will usually lead to physicaldestruction of the tag. Although the tag of an IDcard could be destroyed accidentally, such de-struction will usually lead to a fraud investigation.
Eavesdropping (including reading the cardwith a fake reader) is a very relevant threat forRFID based ID cards, so extra measures are takenin the design of the card. Think for example at therisk of a terrorist scanning passports looking for aspecific nationality to attack.
Both blocking and jamming of the communi-cation between ID card and RFID reader can beconsidered as sabotage and could even be prohib-ited by law.
A relay attack in an ID card setting makessense and would eventually lead to ID fraud. Onthe other hand, the extra measures that are takenin the design of an ID card will make such an at-tack much tougher to complete.
RFI
D te
chno
logi
es
141
Tech
nica
l Rep
ort S
erie
s
8.10.5. Smart shop
For cheap articles the RFID tags used will beprobably read-only, but for more expensive arti-cles one might want to reuse the tags while at thesame time becoming vulnerable to unauthorizedmodification of data. This might lead to wronglypriced items, extended warranties, etc.
For privacy reasons a consumer would like todeactivate (sleep mode, kill) the tag after leavingthe shop. On the other hand, the producers wouldrather see this tag activated because it enablesthem to provide lots of extra services to the con-sumer. The debate about whether to provide de-activation functionality is still going on [7].
The consumer has the right to either physi-cally destruct, or detach the tag to protect his pri-vacy. Unauthorised persons could get access toprivacy related information on the tag by means ofeither eavesdropping on a legitimate reader or byfaking a legitimate reader ID. The use of fake RFIDreaders in a shop could be detected by suitablescanners.
Blocking and jamming are techniques thatcould be used to frustrate RFID readers and sabo-tage the legitimate use of RFID tags.
A relay attack could be possible, for exampleby a consumer that is paying for a cheap productwhile he actually bought an expensive product, al-though it’s questionable whether such an attackwould be worthwhile in practice. It might for in-stance be easier to just switch the tags of the cheapand the expensive product, or to use a device thatfakes the tag of the cheap product (without actu-ally communicating with the tag of the cheapproduct).81
8.11. Security aspects of RFID in EU research projects
RFID is an actual research topic in many Eu-ropean projects and publications, such as the for-mal EU research projects in the IST-programme
and the (predecessors of the) CIP-programme.Besides, there are many academic researchersworldwide who are studying a broad range of se-curity aspects of RFID. Since 2002, GildasAvoine (a French researcher, currently workingat MIT, USA) maintains a website with refereedpapers published in journals and conference pro-ceedings, as well as technical reports and thesesrelated to security and privacy issues in RFID sys-tems.82 Most of these research papers concern se-curity issues regarding the communicationbetween tag and reader. Briefly, in this area aca-demic research is mainly focused on the moreexpensive smartcard solutions (e.g. electronicticketing in public transport, identity cards,healthcare sector) and less on the logistic process(e.g. replacement of barcodes by RFID-tags).Given the sensitivity of the data processes thatare in use in these domains, the development ofsecurity mechanisms (by cryptographic tech-niques) is of high relevance to the overall devel-opments within RFID. Even the less sophisticatedpassive and relatively simple tags will be moreand more equipped with cryptographic tech-niques.
This section primarily focuses on RFID in theEuropean research programmes and specificallyon the security issues of RFID.
8.11.1. Research projects on RFID
A recent overview of RFID research in Eu-rope shows a total of 40 collaborative researchprojects supported by European industry and re-search organisations. The European Commissioncontributes €153 million to a total investment of€312 million. These research projects are all partof the Fourth, Fifth or Sixth Framework Pro-gramme. The 40 projects cover a broad array ofissues. 41% of the project funding is related tointeroperability and standards-setting, 16% to re-search of the radio spectrum, 20% to governanceaspects and 23% to protection of personal dataand privacy.
8. S
ecur
ity a
spec
ts o
f RFI
D
142
Tech
nica
l Rep
ort S
erie
s
81 Although not part of this application area, a relay attack could be more useful when an RFID tag is used during payment e.g. by meansof a payment card. In such cases it could be possible to pay products with payment cards of other (innocent) people (Kfir et al., 2005).
82 http://lasecwww.epfl.ch/~gavoine/rfid/#papers
Figure 8-2: Relationship of RFID researchprojects to policy issues83
A prime example of such a research effort isthe recently launched BRIDGE-project, a €7.5Million, three year RFID-project in the SixthFramework programme for Research and Techno-logical Development.84 BRIDGE (‘Building RFIDsolutions for the Global Environment’) combinesresearch institutes, a number of GS1 offices (fivefrom Europe and one from China), twelve solutionproviders and seven business end users. The focusof BRIDGE is on providing solutions for the sup-ply chain in a number of application areas (anti-counterfeiting, healthcare, retail, textile, …). It willstudy business based research, provision of infor-mation services and hardware (sensor, tags) andsoftware development.
The potential applications for RFID are multi-plying rapidly. In the figure below the extended va-riety of application areas have been shown.
Figure 8-3: RFID projects by applicationarea85
The European funded research and relatedpromotional activities aim at helping industry, reg-ulators and consumers to better understand the po-
tential benefits and potential pitfalls of RFID, re-moving many of the risks and uncertainties fromthe market and so encouraging wide scale invest-ment (EC, 2006a).86
8.11.2. Security aspects of RFID in EU re-search projects
A wide consultation on wireless smart tags in2004 investigated the need for further research inthe technology and application domain. The con-sultation report presented the findings, conclusionsand recommendations from the wide consultationexercise relating to the research needs for the topicof smart wireless tags, which are also known asRFID (Radio Frequency Identification) or smart tags(EC, 2006a). The consultation exercise was under-taken as part of the process for the preparation ofthe IST work-programme 2005-2006. In additionhowever, the report also included recommenda-tions for longer-term research in the smart wirelesstag area, research that naturally fits within the timescale of Framework Programme Seven, which willcover the period 2007-2013.
From this consultation report it can be con-cluded that the respondents considered the pri-vacy and security of RFID tags as a fundamentalenabler or a showstopper of smart wireless tagtechnology. Some research needs that were con-cluded in the field of security were:
• Encryption to protect the tag data.
• Finding cost-effective solutions for the ex-pected increase of backend system costs.The increased security capabilities on tagswill affect backend systems since these willrequire additional functionality. This will in-crease system costs.
• Increased demand for greater security willrequire tags with computation capabilitiesand memory. In the long-term, research isneeded into the construction of highlyminiaturized devices.
We looked in more detail to the coverage of se-curity aspects of RFID in the 40 research projects
RFI
D te
chno
logi
es
143
Tech
nica
l Rep
ort S
erie
s
83 Source: http://ec.europa.eu/information_society/doc/factsheets/5-1-rfid-research-portfolio.pdf84 See http://www.bridge-project.eu85 Source: http://ec.europa.eu/information_society/doc/factsheets/5-1-rfid-research-portfolio.pdf86 URL: http://europa.eu.int/information_society/policy/rfid/index_en.htm
(FP4, FP5 and FP6). Notwithstanding the recommen-dations from the consultation report of 2004, it wasremarkable to find that security was not a prime areaof interest. In only two research projects security as-pects make part of the research objectives.
A search in the CORDIS database revealedthe two projects in which security aspects are (par-
tially) covered: Improving airport efficiency, secu-rity and passenger flow by enhanced passengermonitoring (OPTAG) and Safeguards in a World ofAmbient Intelligence (SWAMI). The projects areconcisely described below, based on informationfrom the CORDIS-database:87
8. S
ecur
ity a
spec
ts o
f RFI
D
144
Tech
nica
l Rep
ort S
erie
s
87 URL: http:// cordis.europa.eu/search/88 http://ec.europa.eu/research/aeronautics/projects/article_3718_en.html
OPTAG88
Start date: 2004-03-22 End date: 2007-02-01
Duration: 34 month
Programme type: Sixth Framework Programme
Description:
This project aims to harness emerging passenger tracking and identification technologies with the objectives of in-creasing the safety of air travel whilst maximizing the utilization of existing facilities. The proposed system could form anessential component of Airline passenger identification and threat assessment systems through the automated identifica-tion of suspicious passenger movements or through the closer the closer monitoring of individuals considered to pose arisk to secure operations. The project aims to deploy networks of enhanced Closed Circuit Television (CCTV) systems cou-pled to local, direction based, and passenger tracking systems, using far-field RFID tags.
There are three main developments required to create the OpTag system:– A compact far-field radio frequency identification (RFID) tag and a reader capable of reading a large quantity of
tags within its range without interference.– A high-resolution, panoramic imaging system and corresponding software to follow a target and confirm the iden-
tity of the tagged individual or item. The system will be able to work over a network and allow different opera-tors to select different views from the same camera.
– An ergonomic user interface to facilitate augmented surveillance, monitoring and targeting of individuals who maypose an economic or security risk to effective airport operations.
The security and efficiency environment of airports will also be researched so that the Optag system can be under-stood in context and developed to meet real requirements and with full understanding of the legal and operational fac-tors and IP of the design.
SWAMI
Start date: 2005-02-01 End date: 2006-07-31
Duration: 18 month
Programme type: Sixth Framework Programme
Description:
This project aims to identify the social, economic, legal, technological and ethical issues related to identity, privacy,trust and security in Ambient Intelligence (AmI). The third report, entitled Threats, vulnerabilities and safeguards in a worldof ambient intelligence, discussed the issues of privacy, identity, trust, security and the digital divide, followed by a chap-ter on threats and vulnerabilities and a chapter on safeguards. The final chapter contains the recommendations and con-clusions, which were specifically addressed to the European Commission, Member States, industry, academia, civil societyorganisation and individuals.
RFID is discussed thoroughly in this report as one of the enabling technologies which can be used in AmI applica-tions. The aspects of privacy, identity, security are discussed for RFID as well.
The description shows RFID-related securityto play a minor role in the research projects. Thereview of the basic descriptions of the other 38projects did not reveal a relation with RFID secu-
rity issues at all. Though this is of course not a strictguarantee that RFID security is totally absent inthese projects, at least it shows that attention forRFID-security is hardly present.
8.11.3. From research to policy
Besides these research projects in the Frame-
work Programmes, the European Commission
started a Consultation process with conferences,
workshops and studies in the field of RFID in orderto make a policy plan on the developments ofRFID. Security is one of main topics that are inves-tigated in these activities. A picture of the roadmapof the European Commission is shown below.
RFI
D te
chno
logi
es
145
Tech
nica
l Rep
ort S
erie
s
89 Source EC, 2006d90 http://ec.europa.eu/yourvoice
Figure 8-4: Roadmap: towards a RFID policy in Europe89
This roadmap was presented on the final con-ference on October 16 in Brussels on RFID.
From 3 July to 30 September 2006, an onlinepublic consultation was held via “Your Voice inEurope” (EC, 2006c) on future RFID policy.90 Intotal, 2,190 respondents (citizens, manufacturers,system integrators, academic and scientific insti-tutions, public bodies and regulators, etc.), cover-ing all the European Union Member States and anumber of countries from outside the EU) an-swered questions about: RFID use; Privacy, DataProtection and Security; Standardisation and Inter-operability; Frequency Spectrum; Research.
A large majority of all respondents (about two-thirds) have the opinion that the best solution(s) toeliminate or greatly reduce the concerns of secu-rity, data protection and privacy, which may arisefrom deploying applications of RFID technology,are the development of technical solutions allow-ing to disable RFID tags and/or awareness raising
campaigns to educate consumers. More than halfof the respondents report that some kind of legis-lation regulating RFID should be considered. A mi-nority of respondents (14%) mention a preferencefor self regulation and best practices based on the‘Fair Information Principles’.
Almost half of all respondents have the opin-ion that privacy-enhancing technologies (PETs)should be made mandatory in RFID applications.A clear majority of respondents (61% ) have theopinion that a RFID tag related to a product in asupermarket should be automatically de-activatedat the point of sale. Other solutions, i.e. a remov-able sticker attached to the product itself and a“proximity tag” with a very short reading distance– are advocated by 46% and 40% of all respon-dents, respectively.
About half of the respondents regard the con-cept of limited distance “proximity tags” as a valu-able (complementary) solution to preserve privacy.
The strong majority of respondents consider ageneric reading distance of up to 10 cm as accept-able for proximity tags. Personal data (e.g., e-pass-ports) is generally placed in the shortest readingrange. A majority of respondents see the need forappropriate security and privacy mechanisms tobe taken by RFID application providers, while alarge majority is concerned RFID-enabled moni-toring of workers.
We may conclude that this interest as voicedby the people who contributed to the Consultationprocess can not be recognized in the European ac-tivities in this field up till now.
8.12. Conclusion
The security analysis of RFID delivers the fol-lowing conclusions. The first set of conclusions referto the overall risk analysis performed in section 8.1till section 8.9. The second set of conclusions refersto the risk analysis performed for various applica-tion domains (section 8.10). The last set of conclu-sions refer to the attention for RFID security aspectsin European programmes (section 8.11).
8.12.1. Conclusions of overall risk analysis
From a financial point of view, the mostalarming risk would be the risk that has low costsfor performing the threat and high costs for takingcountermeasures. By analysing Table 8-1, thiswould be the risks of deactivating or detaching thetag because these are fairly easy to perform andcountermeasures are more involved. Althoughmuch attention in the media is paid to eavesdrop-ping on the air interface because of the privacyconsequences of the consumer, from a securitycost point of view indeed the vulnerability of thetag itself is an often overlooked aspect. Since tagsare easily removed or destroyed, and countermea-sures are costly, this can be seen as the weakestpoint of an RFID system.
At first sight it seems that a redesign of tagsmight be needed to overcome these risks. How-ever, some important considerations have to betaken in mind:
• These are the results of a general securityanalysis and a rough cost estimate has beenmade. No conclusions can be drawn with re-
spect to specific applications or scenarios.Each application or scenario would requireits own more detailed and specific securityanalysis. The (seriousness of the) conse-quences of removing or destroying RFID tagsdepend on the application. Depending onthe business case of the application, even aCommon Criteria accreditation processmight be worthwhile.
• The costs are not the only point of view. Alsouser convenience, user’s acceptance, inter-operability, etc. are important factors to takeinto account. This would require a case bycase analysis.
• There is a trade-off between security andfunctionality. In general, the less functional-ity a (RFID based) system has the more se-cure it would be. It could be the case thatcertain security risks are taken for granted be-cause the functionality involved is badlyneeded.
The RFID system is usually part of a larger ITsystem which includes the back-office. Since thesecurity chain is as weak as the weakest link, wehave to consider the entire IT system.
The security analysis shows that it is difficultto draw conclusions on the security of RFID onlyby observing an RFID tag and a reader. When re-garding the tags and readers as part of architecture,better weighed conclusions can be drawn.
The systems that are used in the back officeare not RFID specific systems. Much is knownabout the threats, risks, and countermeasures ofsuch systems. The new and possibly more vulner-able systems are the RFID specific readers andtags. Especially since tags are usually less sophis-ticated elements that cannot contain many secu-rity mechanisms, it seems worthwhile to store theleast possible vulnerable information in the tags.So from a security point of view, but also from aninformation management point of view, it seemsright to shift as much data as possible from the tagto the backend. Only the essential elements, suchas tag ID, should be stored on the tag itself. An-other advantage of such an approach would bethat less advanced tags can be used which arecheaper. Of course some additional investmentscould be necessary for the back office.
8. S
ecur
ity a
spec
ts o
f RFI
D
146
Tech
nica
l Rep
ort S
erie
s
8.12.2. Conclusions of risk analysis perapplication domain
By considering different application areas, in-sight was created in the seriousness of the differentsecurity risks (Juels, 2006). Also the goal of the at-tacker varied over the different application areas:
• Healthcare: the most important risk for tag-ging medicines and blood bags is the risk ofunauthorised modification of the tag. Not be-cause the probability of occurrence is high,but because the impact of such an ‘attack’would be immense and could lead to pa-tients receiving wrong medicines. WhenRFID is used for access control of (mentallyill) patients, the most important risk wouldbe the physical destruction or detachment ofthe tag which might lead to patients exceed-ing their allowed frontiers. When RFID isused for tracing doctors also the main risk isphysical destruction or detachment of thetag, although it would probably not be thegoal of the doctor to destroy it but it couldbe a little accident. In this case physical de-struction of the tag would lead to doctorsbeing less traceable in emergency situations.
• Animal tracking: the main threat in this ap-plication area is the physical destruction ordetachment of the tags by the animals. Theanimals would then no longer be traceablein case of an infectious disease.
• Public transport: the most important riskwithin an electronic ticketing system is thechance that illegal tickets (i.e. tickets forwhich is paid less) are made. This could beaccomplished by a replay attack aftereavesdropping an RFID communication, orby unauthorized modification of the con-tents of a ticket.
• Identity card: the risk of unauthorised modi-fication of the contents of the ID card is ofcourse a very important risk. As with IDcards without RFID, adequate measures aretaken to reduce this risk. The most importantRFID specific threat for ID cards is the risk ofunauthorised reading of ID cards. Therefore,an initial optical step is required before theID card can be electronically read out.
• Smart shop: in this application area themost important risk is the loss of privacy of
the consumer. There is an interesting debategoing on about the deactivation of RFIDtags when the customer leaves the shop.Producers want this tag activated in orderto offer many new services, but consumerswould like to have the possibility to deacti-vate the tag for privacy reasons.
It turns out that each specific application areahas its own specific security risks. The risk of unau-thorized modification of data on the tag is relevant,but (of course) only for rewritable tags. Some secu-rity risks do not pose a threat in the sense of loss ofresources, but are just annoying, frustrating, oreven a form of sabotaging the system. The risk ofdetaching the tag is an often underestimated risk,but for some application areas it’s the most impor-tant risk. On the other hand, the risk of eavesdrop-ping and consequently infringement of privacyseems to be overrated for most application areasalthough it’s especially important in the smart shopapplication area (Garfinkel, 2006).
8.12.3. Conclusions on RFID securitywithin European programmes
RFID is an actual research topic worldwide. Inthe academic world a broad range of security as-pects of RFID is studied. However, the academic re-search is mainly focused on the more expensivesmartcard solutions (e.g. electronic ticketing in pub-lic transport) and less on the logistic process (e.g. re-placement of barcodes by RFID-tags). In the EUresearch projects (Framework Programmes), onlytwo research projects (out of a total of 40 researchprojects addressing RFID) have a focus on RFID se-curity aspects. This is in contrast with the results ofa consultation report in 2004, in which the privacyand security aspects of RFID were considered as afundamental enabler of smart wireless tag technol-ogy and in which various research needs were de-fined in the field of security. It is also in contrast withthe results of the 2006 EU-consultation process onRFID which showed a primary focus on security as-pects as one of the key enabling factors of RFID aswell (in combination with privacy concerns).
Briefly, we conclude that Europe could furtherstimulate research on security of RFID, includingthe passive RFID tags which are less investigated inacademic research, and including security archi-tectures of RFID systems.
RFI
D te
chno
logi
es
147
Tech
nica
l Rep
ort S
erie
s
RFID case studiesPa
rt t
hree
9. Searching the dynamics of RFID-practices
RFI
D te
chno
logi
es
151
Tech
nica
l Rep
ort S
erie
s
91 Source IDTechEx 2006 (visited 12 April 2006)
The broad analysis of the preceding chapters ofthis study has been used to enrich our understand-ing of the dynamics of RFID-practices. To under-stand drivers and barriers of RFID we haveperformed an in-depth study of the introduction ofRFID in a number of practices. Much is alreadyknown about the use of RFID in the logistic process.Globally operating firms as Metro, Tesco andWal*Mart all enforce the use of RFID within the lo-gistic chain. This is not necessarily the best ap-proach, given the investment costs suppliers have tomake in realising compliance with the requirementsof these firms. Firms tend to chose intermediate so-lutions (such as the Slap-n-Ship approach; see sec-tion 5.1) which may turn into a ‘penny-wise
pound-foolish’ strategy: relatively cheap in terms ofinvestments and required adaptations in the workprocess in the short term but probably no use in thelonger term when the entire logistic process has tobe revised. Though much can be said about theproblems that logistic suppliers will face in introduc-ing RFID, it was decided at the beginning of thisstudy that the focus should be on other domains inwhich RFID can be used. This study should comple-ment the view on drivers and barriers of RFID intro-duction by studying other application domains.
An initial survey of RFID application domainspresented the following distribution of RFID activ-ities:
Table 9-1: Distribution of cases over societal domains91
Domain No. of cases
Retail, Consumer goods 400
Financial, Security and Safety 316
Passenger and Public transport 278
Leisure and Sports 228
Land and Sea Logistics, Postal 177
Healthcare 142
Manufacturing 135
Animals and Farming 81
Books, Libraries and Archiving 76
Military 43
Laundry 10
Other 4
Table 9-1 represents a broad class of cases,from initial pilots and field trials to full-fledged roll-outs of RFID. The table encompasses public and
private domain applications. We used this table(and the more detailed table in Annex 8) as a start-ing point for the selection process.
9.1. Selecting the appropriate cases
The intention of the study was to use casestudies to analyse the dynamics of RFID imple-mentation in a number of domains. We defined asoverall objective that case studies should enableto identify:
• Drivers for the future RFID usage.
• Barriers to RFID introduction (technologi-cal, economic, social, legal).
• Perceived market potential for the Europeanmarket.
• Distance in time to adoption.
• Stakeholders perspectives on drivers andbarriers.
Moreover, the case studies should help toidentify:
• Differences in stakeholder strategies due tovariation in Member State markets.
• Perceived EU wide benefit.
• The role of the public sector in helping toachieve this benefit.
The first four items have been made part ofthe description of the case studies as these will bepresented in the following chapters. The last threeitems have been taken up in chapter 15 (the pol-icy evaluation).
Before choosing the final set of cases, we dida pilot study on Public transport, in which we re-searched the appropriateness of the following setof criteria:
1. Drivers and barriers.
2. Threats and opportunities.
3. Role of stakeholders.
4. Role of government.
5. Technology involved.
6. Role for Europe.
The next step was the identification of the re-maining set of four cases. On the basis of desk re-search in which we studied a number of articlesand reports dealing with implementation ofRFID,92 we identified a number of domains aspromising from a European perspective. Theanalysis revealed a number of characteristics,which we present in Table 9-2.
9. S
earc
hing
the
dyna
mic
s of
RFI
D-p
ract
ices
152
Tech
nica
l Rep
ort S
erie
s
92 See (Capgemini, 2005), (Garfunkel & Rosenberg, 2005), (Gartner, 2005a), (Gartner, 2005b), (Gartner, 2005c), (IDC, 2004), (IDTechEx,2005a), (IDTechEx, 2005c), and several issues of IDTechEx, Smart Labels Analysts, a monthly periodical to which the project team hadaccess.
Table 9-2: Characteristics of RFID application domains
Technologyapplications Actors Issues
Health Varied uses Hospitals, patients, insurance Quality, privacy, securitycompanies
Cultural sector Repository, loan, Libraries, museums, visitors Privacy, data retentionadd. info
Pharmaceuticals Repository, logistics, Pharmaceutical industry, Counterfeiting, additional info, counterfeiting healthcare institutions, patients, logistics of care-system
insurance companies
Digital rights Tracking, tracing Variety (governments, commercial Appropriate use, privacy, management organisation of various kinds) new business models
Identity cards Identification Governments (National) security, privacy,civil rights
Animal tagging Tracking and tracing ‘From farm to fork’, governments, Quality assurance,consumer organizations recall issues
ICT sector Supplier of RFID Chip developers; system Competitiveness of EUapplications integrators, consultancy firms, … vs USA/Asia
Figure 9-1: Expected diffusion of RFID tags, 2006-201693.
RFI
D te
chno
logi
es
153
Tech
nica
l Rep
ort S
erie
s
93 Source IDTechEx, 2005a94 Source IDTechEx, 2005a
Figure 9-2: Expected value of RFID tags in different application domains94
From Figure 9-1 and Figure 9-2 we derivedthe importance of RFID for animal tracking andthe importance of smart cards/smart ticketing.Smart cards and animal tagging represent a veryinteresting marketing value. Smart cards will beused in a broad array of application domains. Themarket value for passport tagging is less visiblethen for animal tagging but still offers an interest-ing starting point. The sources we used indicated
a number of domains as niche markets(IDTechEx, 2005a):
• Prison and Parole
• Passports
• Live stock /Food traceability
• Healthcare
• Ubiquitous sensor networks
• RFID enabled cell phones
On the basis of this analysis we came up withthe following selection of case-studies:
1. Animal tracking (major business segment, pos-sible niche market for Europe, open market)
2. Healthcare (many small pilots, niche applica-tions, combination of public and private in-vestors, opportunities to follow people anditems, a ‘closed’ market of vendors).
3. Identity cards (sensitive issue, example of lawenforcement, privacy and security issues).
4. ICT industry (internal European market, inno-vative appeal, big European players on chips-market, leading edge firms?).
5. Public transport (major introductions; high im-pact, complex market, high investments).
9.2. Main conclusions from the casestudies
The case-studies have been analysed bearingthe following questions and issues in mind:
• What to expect from RFID: drivers and op-portunities identified in pilots and projectstaking place today?
• What experiences with RFID: what pitfallsand barriers can be identified?
• What (European) parties are involved; whichinterests do they have?
• What future issues can be discerned: what fu-ture technologies; what future drivers; whatfuture business models?
We also paid attention to the issues presentedin the previous chapters:
• What about the market potential visible in thisapplication domain (direct benefits, return oninvestment, value chain, indirect benefits)?
• What about trust, user acceptance, employ-ment aspects (reshuffling employment issues,training)?
• What about security issues (security through-out the value chain, sensitivity of the case forsecurity issues)?
• What about privacy issues (what kind of dataare collected, how are privacy issues safe-guarded, compliance with privacy directives,etc.)?
The results of the case-studies are summa-rized in Table 9-3. In the following sections theseresults will be detailed.
9. S
earc
hing
the
dyna
mic
s of
RFI
D-p
ract
ices
154
Tech
nica
l Rep
ort S
erie
s
Table 9-3: Summary of findings from the case studies
Animal tagging ICT sector Identity cards Healthcare Public transport
Drivers Law Broad Queuing time Efficiency Harmonizing enforcement application area Terrorism Cost savings ticketing system
Extended Additional services Anti-counterfeiting Travel informationfunctionality US legislation Improvement Queuing time
of care Operational efficiency
Barriers User acceptance Privacy and security Role of Privacy (trade-off) Complexity of systemHigh initial costs Cross-platform citizens/consumer Frequency High transition costsTraining and interoperability organisations interference (?) Complex actoreducation Technical environment
feasibility
Oppor- From Farm to Fork European regulation Harmonised Quality of Increasing efficiencytunities Improving animal of secure environment/ national ID cards healthcare Additional services
welfare interoperable Extension of use New medical (e-purse)platforms Experience services European experience
Threats Alternative DRM: careful Security No specific Privacytechnologies considerations not to Privacy threats AcceptanceStandardisation overshoot regulations Acceptance Technical failureUser interface Function creep Function creep
9.2.1. Animal tagging
Animal tagging is a potential billion Euro mar-ket. European legislation requires sheep and goatto be tagged as from 1 January 2008 onwards. Tag-ging is a major instrument in protecting humanhealth and promoting animal welfare. Tagging en-ables a ‘From Farm to Fork’ approach in which allparts of the value chain are expedited with RFIDtags. In case of outbreaks of infectious diseases,RFID enables a focused approach of infected ani-mals (efficiency), prevents massive slaughtering ofanimals (animal welfare) and increases confidencefor trading partners (economic incentives).
Drivers
The main driver for animal tagging within theEuropean situation is legislation. Up till now onlyovine animals (sheep and goat) and pets (transbor-der transport) require RFID identification. In caseof sheep and goat RFID identification is obligatoryas of 1 January 12008. Exceptions are made forcountries with relatively modest sized herds ofsheep and goats and for farmers with a relativelymodest herd. This is the case for many of the statesthat have just entered the European Union and anumber of Southern European countries.
Barriers
Tagging requires all farmers to be equippedwith the appropriate hardware and software andexpects all farmers to be skilled in working withthe required computer programmes. In practicethis is difficult to realise, reason to work with dif-ferent modalities (such as centralised processingfor a small group of farmers). Costs for providingthe entire herd of one farm with RFID-tags may behigh, in the light of modest revenues for the meatthat sheep (especially lambs) produce. Training allprofessionals in the entire value chain is a costlyaffair, but is essential for beneficial use of RFID.
Opportunities
Having all animals equipped with RFID en-ables a quality improvement of the ‘From Farm toFork’ approach, in which concerns of consumersand of quality control agencies can be reassured.Animal welfare can be improved (no need for mas-sive slaughtering in case of infectious disease out-breaks). The economic risk of infectious diseasescan be diminished and societal resistance against
slaughtering practices can be taken away. Effi-ciency within the entire value chain is improved.
Threats
Animal tagging with RFID is surely not theonly possibility. Though still in their infancy, DNAtechniques are under development that offer sim-ilar advantages and may meet some of the prob-lems raised against RFID tagging (loss of tags,difficult to re-use tags due to ISO agreements). Theuser interface of RFID equipment (readers, gates,tags) needs improvement; the readers for instanceare not well suited to the practice in which theyhave to function, are difficult to understand, andrequire more than default user knowledge to dealwith. The system needs to be developed in closecooperation with the user community in order toprevent massive rejection of the technology.
9.2.2. ICT sector
The ICT-sector itself has a lot of potential forintroducing RFID in products, services andprocesses. In line with RFID developments, con-sortia are built to underscore the importance oftwo way interactive devices, in which devicesfunction both as reader and as object to be identi-fied. New business models emerge, such as theelectronic purse with which one can order andpay for tickets simply by holding it in front of aposter. Other interesting applications refer to thepossibility to enforce DRM-compliant behaviour:the RFID chip enables the authentication of appro-priate uses of specific content, in whatever audio-visual format.
Drivers
A driver for RFID in ICT-products and servicesis the extended functionality it offers. This func-tionality is usually welcomed by users who con-sider extending the range of applications to bebeneficial and who may be willing to accept thetrade off with privacy and security issues that maycome with these technologies.
Barriers
Notwithstanding the positive approach to-wards consumer attitude, privacy and security areserious concerns, especially in dedicated applica-tions. Consumers may be deterred by possibilities
RFI
D te
chno
logi
es
155
Tech
nica
l Rep
ort S
erie
s
of eavesdropping which might render the e-walletvulnerable. These concerns may be difficult tocounter, albeit that, as stated above, extendedfunctionality may offer an interesting inroad. Asecond barrier is the difficulty of realising cross-platform interoperability. Lack of interoperabilitybetween platforms from different providers maylead to lack of sufficient use facilities for serviceswhich are based on these platforms, and to creat-ing lock in situations.
Opportunities
Europe might take a front runner position indeveloping appropriate regulation to creating a se-cure environment in which interoperability hasbeen taken care of. It also may position itself as apromoter of interesting novel applications that usethe functionality of RFID and that promote newservices, based on RFID.
Threats
Issues related to privacy and security, are athreat to the fast roll-out of RFID based services.Probably the biggest drawback is to be expectedfrom a too rigorous arrangement of Digital RightManagement issues. DRM is a delicate affair.Going for a too restrictive regulatory frameworkmight force consumers to opt for illegal proce-dures. This should be prevented at the cost of di-minishing returns of investment for the serviceproviders. It is a difficult task to reconcile both per-spectives in one framework.
9.2.3. Healthcare
Healthcare is a multibillion Euro market.Roadmaps indicate a market of more than 1.5 Bil-lion Euro to be reached between 2012 and 2016.Benefits of RFID are to be expected in fightingcounterfeiting of drugs. RFID may be used to tagmedical assets such as blood bags and drugs, inorder to prevent medical mistakes. Search forequipment, such as wheel chairs and infusionpumps, may become past history when an encom-passing RFID-system is in place that indicateswhere medical equipment is situated. This maysave many hours of unnecessary tracking down ofmedical objects per hospital and improve qualityof service. RFID may also be used to locate per-sonnel (doctors and nurses) in order to have theappropriate people at the right place in case of
emergencies for instance, and to locate patients(for instance those suffering mental illness) and vis-itors (to give them access to parts of a building).
Drivers
RFID has the potential to improve efficiency,to reduce medical errors, to improve quality ofcare and to fight counterfeiting. Pilots projectdemonstrate the efficiency and quality gains whichwould outweigh investment costs within a fewyears. The business case for RFID is unambiguouspositive in the case of hospital RFID systems.
Barriers
Notwithstanding the positive business case, is-sues of security and privacy will have to be treatedwith utmost care. Security is a basic asset of anymedical system: no medical faults may be madedue to failing technologies. Privacy could be con-sidered as a negotiable concept in that offering per-sonal data may improve healthcare and life savingoperations considerably. Still, it needs to be treatedcautiously, in order to prevent negative images. Afinal barrier may be the interference of RFID withmedical equipment. Interference has not been indi-cated to be a problem yet, but with the emergenceof an RFID-dense reader and tag environment, thereis a need for a thorough analysis.
Opportunities
Efficiency gains in healthcare offer interestingopportunities for all European countries. The im-provement of quality of medical services offers astrong incentive to invest in RFID-based applica-tions and services. It may also offer new services,based on early and appropriate reconnaissance ofneeds of patients and personnel. Since healthcarestill is a rather confined technological system, inwhich independence of countries is a basic asset,opportunities are present for all European coun-tries. Europe should enable the dissemination oflearning processes.
9.2.4. Identity cards
RFID-based identity cards form by far thebiggest contract known so far: the Republic ofChina has ordered the production for over one bil-lion of identity cards against a budget of more than4.5 billion Euros. US-legislation enforces the use
9. S
earc
hing
the
dyna
mic
s of
RFI
D-p
ract
ices
156
Tech
nica
l Rep
ort S
erie
s
of biometric technologies in foreign passports ofcountries which are within its visa waiver pro-gramme. As of 26th October 2006 all newly issuedEU passports have to be equipped with RFID tagsto facilitate wireless access and authentication,thereby creating a big European market.
Drivers
An important driver for RFID based identitycards in Europe is the EU legislation which de-mands RFID tagged passports (e-Passports) whichfollow international standards. Other drivers arethe increase of throughput speed at check-outpoints (though this speed will be reduced due tomore intense control checks!) and the opportunity(in theory) to add services to the e-Passports (forinstance, the combination with a driver’s licenseor other official documents).
Barriers
Within Europe, concerns are raised againstcentralised database systems which would containall data of European citizens and make these inprinciple easily accessible for central intelligenceservices. On the other hand, a centralised databasewould facilitate the protection of personal data:sensitive personal data would be stored centrally;an RFID would only need to contain an identifyingnumber that refers to personal data in the data-base. The reversal of this argument – as broughtforward by concerned citizens’ organisations – isthe increased opportunity to trace people via thecentralised database as well as the fact that such adatabase would become a prime target.
Opportunities
The Europe-wide introduction of the e-Pass-port enables the fine-tuning of European regula-tion on passports, having all e-Passports providedaccording to the same standards. This increasesthe chances to create new services (such as includ-ing the driver’s licence to the e-Passport) that maybe implanted Europe-wide.
Threats
What may be seen as an opportunity (addingfunctionality to the e-Passport) is a threat as well.Extending devices with functionalities which werenot foreseen is known as ‘function creep’. Thismeans that the original functionality of the e-Pass-
port (identification and authentication of its holder)is enlarged with new functions that are not directlyrelated to identification and authentication pur-poses. In combination with a centralised database,the information may be used for surveillance andsurveillance functions. Though formally in linewith the purposes of the e-Passport (fighting terror-ism), this may be interpreted as misuse of data. Re-lated threats are the infringement of privacy andlack of sufficient security measures to preventunauthorised reading of the information of the e-Passport (a threat which is more realistic in casethe data are on the e-Passport itself).
9.2.5. Public transport
The introduction of the Oyster card in Londonand the introduction of an entirely RFID-basedpublic transport ticketing scheme in the Nether-lands are both projects with an estimated value of1.5 billion Euros. Public transport thus offers amajor RFID-market. It is however a far from simplemarket. Public transport is usually a multi-actorgame, combining the efforts of several independ-ent public transport operators, public bodies thatorganise overview over the public transport market(transparency of prices, quality of services, com-petition) and consumer organisations. RFID-basedticketing has shown to increase boarding times inthe Paris metro fourfold! There are many trials inmany European cities with RFID-based ticketingschemes (Clermont Ferrand, Florence, London,Manchester, Paris, Porto, Rotterdam to mention afew). It shows that RFID-based ticketing offersvalue to operators.
Drivers
For public transport operators RFID-basedticketing offers an increase in operational effi-ciency: it enables a fine-tuning of operationalprocesses, such as fleet management systems; it in-creases knowledge about travel patterns of passen-gers and the use of more than one transport mode(combining train and buses or metro for instance)making better alignment of services possible.Throughput of passengers in rush hours is in-creased considerably, as the Paris example shows.Introduction of RFID-based ticketing enables a har-monization of ticketing schemes in cities, regionsor countries and between transport modalities(train, buses, metro).
RFI
D te
chno
logi
es
157
Tech
nica
l Rep
ort S
erie
s
Barriers
Public transport systems tend to be complex,multi-actor systems in which a variety of actorshave to be aligned. Public transport is increasinglyprivatized, leading to pilots and trials that involvestens of organisations (in Paris the train companySNCF and the Metro-company RATF had to align93 different private transport companies in thetransition form the traditional Carte d’Orange; inManchester 40 bus companies in 10 districts wereinvolved). The costs to migrate from the traditionalsystem to the new system are high, as is indicatedby the size of the London and Dutch case.Arrangement of data ownership is difficult in thesecomplex constellations.
Opportunities
RFID based ticketing offers opportunities tofight fraud (using public transport without ticket),to increase efficiency (fleet management, timeschedules), to structure tariffs (alteration of old sys-tem in an economic more profitable one), and toimprove services to the passenger (faster boardingtimes, better information provision, ease of use).Additional services can be the use of he electronicticket as an e-purse, thus enabling extension of thescope of use to shops, rental of bicycles (in theNetherlands), special arrangements (holiday tick-ets all included) etc. Finally, for Europe, this do-
main offers possibilities to gather expertise by Eu-ropean vendors that can be used in pilots and tri-als worldwide.
Threats
Public transport is a complex system. Intro-ducing RFID within the system implies that all ac-tors have to be aligned and that crucial decisionsabout revenue sharing, tariff structures and the sys-tems lay-out have to be made. Given the requiredinvestments, standards have to be open in order toincrease competition. If these conditions can notbe fulfilled, successful introduction of RFID maybe threatened. Acceptance of this form of ticket-ing by passengers is essential. RFID increases pas-senger throughput considerably and is fairly easyto use. The precise lay-out of how tickets are to bepriced occurs at the system backend. Questionsemerge such as: will there be an entrance fee, willit be a debiting system (meaning that passengerswill pay the maximum price of a ticket at the en-trance and the precise price of the ticket is onlycalculated when they leave the train, bus or metroat some point, thus requiring action on the passen-gers). In the London case, the number of inquiriesby the police intelligence services have multipliedsince it became possible to track people on thebasis of collected data about their travelling pat-terns. Commercial use of collected personal datamay intrude privacy as well.
9. S
earc
hing
the
dyna
mic
s of
RFI
D-p
ract
ices
158
Tech
nica
l Rep
ort S
erie
s
10. RFID in animal tagging
RFI
D te
chno
logi
es
159
Tech
nica
l Rep
ort S
erie
s
95 http://www.researchandmarkets.com/reports/c26259
The market for using Radio Frequency Identi-fication (RFID) in animal tracking is potentiallyhuge. Alarmed by recent outbreaks of animal dis-eases (such as Bovine Spongiform Encephalopathy– BSE or ‘mad cow’ disease, Foot and Mouth Dis-ease and the Avian influenza, of which the well-known H5N1 virus is dangerous for humanbeings) the call for widespread identification pro-grammes to safeguard human health may easily beunderstood as an interesting business case for theadoption of RFID-based identification systems.Contemporary laws and regulations regarding theidentification of animals offer the opportunity touse RFID in order to identify and register animalsand to follow movements of animals (moving fromone farm to the other, or from a farm to the slaugh-terhouse). This may function as an incentive forthe introduction of RFID in animal identification.Another incentive is the pressure exerted by mar-ket parties who want to be able to trace back theorigins of separate pieces of meat. This ‘From Farmto Fork’ approach interconnects different informa-tion networks: the information network used byfarms to meet the legislative demands for full trace-ability of animals, and the information networkused by the meat producing industries (fromslaughterhouse to retail sector) The opportunitiesfor RFID in animal tracking are identified to behuge, given for instance the outcomes of a fore-cast which expects in 2015 worldwide some 900billion food items to be RFID tagged and over 800million livestock to have more sophisticated, moreexpensive tags on (or in) them.95 Within Europe,the livestock of sheep and goats exceeds the 100million animals. Notwithstanding the opportuni-ties RFID offers, it has to compete with traditionaltechnologies, such as ear marking and tattoos. Barcodes on ear tags are as much an identifying tech-nology as RFID.
As part of the overall study on ‘RFID tech-nologies: emerging options, challenges and oppor-tunities’, this case-study will answer the followingresearch question:
“What barriers and pitfalls, and what driversand opportunities can be discerned for the intro-duction and adoption of RFID in animal identifica-tion and tracking?”
Animal identification may be pursued for avariety of reasons, ranging from pure research(studying movements of animals) to economic andhealth reasons (being able to trace back the originsof meat when quality standards enforce this).
The case we will present below, will elabo-rate on the following issues:
• What to expect from RFID in animal identi-fication and tracking: drivers and opportuni-ties identified in pilots and projects takingplace today?
• What experiences with RFID in animalidentification and tracking today: what pit-falls and barriers can be identified?
• What (European) parties are involved;which interests do they have?
• What future issues can be discerned: whatfuture technologies; what future drivers;what future business models?
In line with the issues that have been re-searched in a previous part of the project, we willpay specific attention to the following issues:
• what about the market potential visible in thisapplication domain (direct benefits, return oninvestment, value chain, indirect benefits)?
• what about trust, user acceptance, employ-ment aspects (reshuffling employment is-sues, training)?
• what about security issues (securitythroughout the value chain, sensitivity ofthe case for security issues)?
• what about privacy issues (what kind ofdata are collected, how are privacy issuessafeguarded, compliance with privacy di-rectives, etc.)?
This case-study will start with a short compar-ison of the overall distribution of RFID-cases be-tween the EU, the USA and other regions of theworld. A number of examples of animal trackingwithin Europe will be presented to give an indica-tion of the kind of applications RFID is used for,the technologies used and the parties involved. Wethen will continue with a presentation of the Euro-pean approach to RFID in animal tracking, as wasformulated through the European IDEA-project(Identification Électronique des Animaux) and canbe distilled from the EU-regulation on this topic.An UK pilot, commissioned by the UK Departmentof Environment, Food and Rural Areas, can beseen as the practical successor of the IDEA-proj-ect and delivers additional information about theEuropean situation. A comparison with the activi-ties in the U.S., notably the attempts to establish aNational Animal Identification System, showssome interesting cultural differences between Eu-
rope and the U.S. which can be translated in driv-ers and barriers. The results of this case-study arepresented in the last paragraph, in which the ques-tions phrased before are dealt with.
10.1. Overview RFID in animal tagging
Table 9-1 presents an overview of the distribu-tion of cases within the IDTechEx database. Itshows that Animals and Farming ranks numbereight.96 The economic potential of Animal andFarming is considered to be high; according toIDTechEx it ranks third, after killer applicationssuch as item level tagging and pallet tagging.97
In Table 10-1 we present the distribution ofthe cases in Animals and Farming over Europe, theUSA and a number of other regions.
10. R
FID
in a
nim
al ta
ggin
g
160
Tech
nica
l Rep
ort S
erie
s
96 See rfid.idtechex.com/knowledgebase/en/breakdown.asp; visited 12 April 2006; IDTechEx warns to be cautious in interpreting the fig-ures on face value. Not all cases are similar in scope and coverage. The market value of the cases differs considerably, ranging from afew thousand Euro to over a billion Euro. But overall, the table gives an idea of the relative attention that is given to RFID in the variousapplication domains.
97 See Figure 5-9 in section 5.4.298 Source IDTechEx knowledge base, visited 22 June 200699 Just to give one example: in the case-studies of Europe, we found one case that was twice registered. And we have information about a
pilot in the Netherlands that started in February 2006 but is not yet included in the IDTechEx database. We have not corrected for theseanomalies, but we have used the information as IDTechEx presents them.
Table 10-1: Distribution of cases in animals and farming over worldwide regions98
Region No. of cases
Europe 24
USA 22
Australia 14
South East Asia 12
Canada 10
Africa 3
South America 3
Again, we want to emphasize that these fig-ures only indicate an overall distribution.99 Itshows that attention for RFID in Animals and Farm-ing is evenly divided between the EU and the USA,while Australia, South East Asia and Canada arefollowing track.
In Table 10-2 we present the distribution ofcases within Europe. This table shows the UK to bethe leading European country in terms of identifiednumber of cases in the IDTechEx database. NewMember States are absent in this table. But again, thetable only presents part of the activities that are vis-ible within Europe in the field of Animal identifica-tion and tracking.
Table 10-2: Distribution of cases in animals and farming within countries of Europe100
RFI
D te
chno
logi
es
161
Tech
nica
l Rep
ort S
erie
s
100 IDTechEx knowledge base; visited 22 June 2006
Country No. of cases
United Kingdom 11
France 3
Portugal 3
Spain 2
Austria 1
Germany 1
Norway 1
EU 2
To get an idea of the content of the cases thatare registered, we have checked all records ontheir relevancy for this case-study. A number ofcases did not deal with animal identification butwith other aspects in the logistic change (vehiclesand pallets mainly). A few cases could be com-bined being very closely related or fully overlap-ping. Details on European animal identificationand tracking are presented in Table 10-3.
10.1.1. Use cases
More than half of the identified cases dealwith cattle and herds, three out of twelve are re-lated to pets (dogs, pet passports) and three are dif-ferent (keeping track of pigeons during a race andstudying foraging strategies of bees and butter-flies!).
10.1.2. Technologies used
Almost all cases deal with LF frequencies(125-135 KHz range), the only exception being theidentification of sheep in the UK DEFRA (Depart-ment of Environmental Food and Rural Affairs, UK)which has a double frequency (LF and 13.56MHz). The transponders used in case of the beesand the butterflies did not use an RFID-chip, butare based on reflections of radar waves (harmonicdoubling) to identify the bees and butterflies.
10.1.3. Application area
Except for one, all uses are directly related toidentifying an animal by means of a unique num-ber. In one case (animal care, pets, UK) use ofRFID is directed at measuring temperature.
Table 10-3: European cases animal identification and tracking.101
Description Tag system application project benefits
Animal care, - interrogator: Animal roll-out Disease control
pets UK Digital Angel (US) temperature
DEFRA, sheep LF (125-135 kHz); interrogator: various Sheep trial from 2004 Cost reductionUK 13.56 MHz integrator: identification Data capture
ADAS (UK) Speed
FEVEX tracking HITAG S IC Neoris Cattle roll-out Cost reductioncattle 2 kbit memory, (Latin America, (complete) Data captureSpain Philips Spain) Traceability
Iberian Pig LF Cost reductionSpain, Portugal FDX-B glass
transponder Integrity of supply64 bits Traceability
Lionor Poultry, TagSys interrogator: TagSys Meat conveyances roll-out Cost reductionFrance integrator: (complete) Loss of conveyances
Athelia Solutions Speed
Merial Pet, LF tag+ interrogator: Pet tagging roll-out SafetyFrance Digital Angel (on-going)
Pet Passport, Pet Passport roll-outUK (complete)
Pigeons LF tag+interrogator Homing pigeons roll-out Accurate racetracking, EU +integrator: (on-going) timing
Deister Electronics Identification
Dogs, - tag+ interrogator Pet tagging roll-out LegislationPortugal +integrator: (on-going) compliance
Digital Angel
Bee and radar Rothamsted Studying flight path roll-out Researchbutterfly transponder research of bees; studying (complete)tracking, UK foraging strategies
of butterflies
RSPCA LF; tag: Sokimar IdentificationAnimals, UK EM-Marin chip
Smorfjord, LF tag+Interrogator: Reindeer trialReindeer Jojo Automasjon (on-going) Cost reductionNorway integrator: since 2001 Efficiency
Reinkjottspesialisten System automation
10. R
FID
in a
nim
al ta
ggin
g
162
Tech
nica
l Rep
ort S
erie
s
101 IDTechEx knowledge database with case studies; visited 22 June 2006
10.1.4. Project
Most projects described are already in place.Only one describes a trial. All the other projectsare roll-out schemes.
10.1.5. Companies involved
The US-based Digital Angel (the former De-stron Fearing technologies) and its EU distributionpartner Merial is present in three out of twelvecases, taking care of the entire RFID system (tagsand readers). Philips as supplier of chips is men-tioned once (its HITAG S IC chip) and in six casesa variety of European vendors and system integra-tors are mentioned (RFID system: Deister Electron-ics, Jojo Automasjon, Sokimar, TagSys; integrator:ADAS, Athelia Solutions, Deister Electronics, Ne-oris and Reinkjottspesialisten).
10.1.6. Benefits
Cost reduction is mentioned most often; otherbenefits are traceability, speed, efficiency, datacapture and some specific benefits such as legisla-tion compliance, disease control, accurate racetiming and (reduction of) loss of conveyances.
10.2. Illustrative examples
Table 10-3 demonstrates a number of interest-ing examples of use of RFID. To track the homingof pigeons and enable a clear decision on racingtimes, Deister Electronics has developed theUnikon system.102 Unikon consists of a clock toregister the pigeons and an RFID reader and tagsystem to identify and register departure and ar-rival times of pigeons. The RFID reader can detecttwo pigeons per second, and can be connected tothe clock module (the base station) by a cable orcan be read out at a distance (up to 300 m). Deis-ter claims to be market leader in the time racingequipment for pigeons and has selling points forUnikon in 25 countries world wide.
Rothamsted Research in Hertforshire, UK hasused radar transponders to enlarge the distance totrack butterflies and bees in their foraging strate-gies.103 The transponders were tiny, did not weightmore than 12 mg and enabled the researchers totrack the motions of the bees and butterflies overa distance of approximately 900 metres. It enabledto study the imitation behaviour of recruit beeswho were informed by a scout bee about placesto go to and the strategies butterflies used for iden-tifying foraging hot spots. These experiments werebased on the reflective capacities of smalltransponders to identify and track separate beesand butterflies.104
An example of a different kind is formed byLionor Poultry, a French specialist in poultryslaughter.105 Lionor Poultry changed from card-board containers to more expensive plastic crates.Crates were identified by bar code technology.Loss of the plastic crates exceeded 25 per cent peryear and rotation time was very high with 21 days.Lionor decided to replace the barcode with smartlabels which were moulded into the crates. Theapproach was robust and showed clear benefits:the rate of loss dropped from 25 per cent to lessthan 2 per cent, and the rotation rate went downto 11 days. Lionor claims that return on investmentwas achieved in less than two years.
10.3. EU activities in animal tracking
A number of European research projects havebeen undertaken that were directed at studying thespecific requirements of an RFID-based identifica-tion scheme. The first research project mentionedis the FEOGA-project on “Electronic Identificationof Farm Animals Using Implantable Transponders”(CCAM 93-342).106 This was a one-year projectcarried out in 1993-1994 by institutes in Spain,Italy and Portugal. Its objective was to evaluate thepossibility to use existing technologies for elec-tronic identification in livestock species that re-ceived subsidies from the EC. The project focused
RFI
D te
chno
logi
es
163
Tech
nica
l Rep
ort S
erie
s
102 http://www.deister.com/content/english/ident/sports/unikon/index.htm (visited 29 June 2006)103 http://www.rothamsted.ac.uk/corporate/PressReleases/WaggleDance.html; http://oldweb.northampton.ac.uk/aps/env/lbrg/jour-
nals/papers/TrackingButterfliesCant2005.pdf#search=%22radar%20transponder%20rothamsted%22 (visited 6 September 2006)104 Communication with Mr. Alan David Smith, Rothamsted Research, Harpenden, Herts (29 June 2006)105 http://rfid.idtechex.com/knowledgebase/en/printcs.asp?casestudyid=157 (visited 22 June 2006)106 See: http://idea.jrc.it/pdf%20report/2%20antecedents.pdf, p. 1
on where to insert glass-encapsulated transponderssubcutaneously and the consequences of the in-sertion (breakage, losses, migration distance, eas-iness of injection, animal welfare). A total of 5 000sheep, 3 000 cattle and 2 000 goats were in-jected. The study showed the promise of an elec-tronic identification system and recommended afollow-up for a large scale field trial. Due to thepossible migration of the electronic identifier in thefood chain, the armpit was not pursued anymoreas a body-site to be used for the insertion of theRFID chips. The ruminal bolus107 and ear tagsshowed to offer sufficiently safe alternatives.
The second project was the AIR2304 researchproject on ‘Coupling active and passive telemetricdata collection for monitoring, control and man-agement of animal production at farm and sectorallevel” (1995-98). Ten research teams of six Euro-pean countries participated (Belgium, Germany,The Netherlands, Portugal, Spain and the UnitedKingdom) in a four year research effort. Main ob-jectives were
• to complete and validate the findings of theFEOGA-project,
• to design a protocol for a large-scale exper-iment not only testing technologies but alsoelaborating an improved animal identifica-tion and registration system.
A total of 25 000 cattle, sheep and goats werefollowed. The results were promising. A cost-ben-
efit analysis showed that net savings of 17% couldbe realised compared with plastic ear tags. Thecosts per animal were estimated at 5 Euro per year(presupposing the tagging of one million animals).
10.3.1. The IDEA project
The IDEA108 project was launched in 1998with a duration of 4 years (until 2001). It was partof a Commission Decision (98/562) which statedthat “the IDEA project is designed to verify in real-life situations the reliability and advantages offeredby an electronic identification system for the pur-poses of managing premiums and the veterinarymonitoring of animals.” To these objectives theutilisation of electronic identification for livestockmanagement by farmers and Breeders Associationscan be added.109 The results of the IDEA projectshould empower decision making over an integralimplementation of a European identification sys-tem on livestock. The IDEA project was coordi-nated by DG Agri, while JRC IPSC (Institute for theProtection and Security of Citizen) had formulatedthe tender proposal. Ten out of fourteen submittedproposals were selected, comprising a total of 370000 cattle, 500 000 sheep, 29 000 goats and 15000 buffalo. Six countries participated: France(three projects), Germany, Italy (3 projects) Nether-lands, Spain and Portugal. Three different tagswere used: ruminal boluses (620.000), electronicear tags (230.000) and injectable tags (30.000).
10. R
FID
in a
nim
al ta
ggin
g
164
Tech
nica
l Rep
ort S
erie
s
107 A ruminal bolus is a – usually glass – encapsulated RFID tag that is inserted in the stomach of an animal and that will remain seated there.108 Identification Electronique des Animaux109 See http://idea.jrc.it/pdf%20report/3%20IDEA%20project.pdf, p. 1 (visited 29 June 2006)110 Source: IDEA project results, chapter 4 table 4.1.2.1.1
Table 10-4: Overview of electronic identification devices used in IDEA project110
Electronic ear tag Ruminal bolus Injectable transponder Total identified
Buffalo 15 715 15 715
Cattle 139 807 159 430 29 982 329 219
Sheep 92 503 414 043 506 546
Goat - 30 531 30 531
Total Identified 232 310 619 719 29 982 882 011
All devices had to pass specific tests devel-oped and maintained by JRC-IPSC to receive the‘Certificate of Laboratory Acceptance’. The proj-ect developed specific guidelines for the variouscomponents of the information system: electronicidentifiers and reading devices, tagging proce-
dures, recording and exchange of administrativedata, recovery of electronic identifiers, qualitycontrol of tagging and reading devices. Qualityand performance criteria were formulated for theelectronic devices. A total of 96 different devices(tags and readers) were certified during the trial.
The technologies used were HDX and FDX-B111, compliant with ISO standards 11784 (speci-fying the information coding structure) and 11785(specifying the reader-tag transmission proto-cols).112
The IDEA project resulted in a high numberof detailed recommendations, in which the expe-riences with the tagging procedure, the informa-tion system, the recovery of IDs in theslaughterhouse, the possible losses of tags (which– in case of ear tags – increases over time and issignificant), etc. are dealt with. We will focus on anumber of interesting observations:
• IDEA considers training to be essential, es-pecially for the application of ruminal bo-luses (death percentage of less than 0.02%at one hand shows ruminal boluses can beapplied to animals at a very young age -younger than 20 days – but shows at theother hand that training is needed to lowerthe death rate which is still high comparedto other tags – ear tagging and injectabletransponders).
• Reading failures for electronic ear tags arehighest with initially 0,63% but increasingto 2,3% after 14 months for cattle; in case ofsheep and goats reading failures are closeto 0,2% with a slight increase 1 month aftertagging; injectable transponders and rumi-nal boluses show reading failures of – in theend – 0,3%, both for cattle and sheep andgoats.
• Slaughterhouse Recovery of tags is high:93% of electronic ear tags and 100% of ru-minal boluses were read or recovered incase of cattle; in case of sheep and goats re-covery was 100%; for injectable transpon-ders only 80% was recovered while only52% was successfully read after recoveryfor cattle.
• The IDEA project recommends a codingstructure compatible with ISO standard11784, which defines four digits for thecountry code, followed by a serial Individ-
ual Animal Code of 12 digits. This last partof the code may pose problems:
- no differentiation is made betweenspecies; if different Authorities are respon-sible for distributing unique identificationcodes, this might cause problems;
- the suggestion to include the local author-ity, responsible for the assignment anddistribution of identifiers, into the codemay pose problems; this requires the in-volvement of the ISO working group;
• Other issues to be dealt with is whether incase of re-tagging the same or anotherunique code has to be used; using the samemeans that the procedure is not ISO com-pliant; using different codes poses severeconstraints to the database used.
The following overall conclusions weredrawn from the IDEA project:
“The IDEA project has demonstrated that asubstantial improvement can be reached for live-stock identification by using electronic identifiers.It is the proper time to introduce electronic identifi-cation for cattle, buffalo, sheep and goats in viewof establishing an improved livestock identification,registration and management system in the EU.”113
A number of conditions to realise this conclu-sion have to be fulfilled:
• A clear and unambiguous legislation needsto be available taking into account the ca-pabilities and constraints of the new tech-nology.
• Guidelines and specifications need to beavailable at the EU level for implementationand use of electronic identification devices.
• A data dictionary and communication stan-dards need to be available.
• Member States and the European Unionneed to develop proper technical standardsfor the exchange of data and the prepara-tion, review and improvement (if needed)of the accompanying measures.
RFI
D te
chno
logi
es
165
Tech
nica
l Rep
ort S
erie
s
111 HDX: half duplex, i.e. one-way; FDX-B: full duplex, i.e. two way112 These ISO standards are contested, also in the domain of animal tagging. See for instance the discussion on
http://www.rfidnews.com/iso_11784short.html (visited 29 June 2006). The paper describes three flaws of ISO 11784/11785: 1) Inabilityto ensure unique ID codes; (2) Lack of manufacturers’ accountability; (3) The problem of transponder performance.
113 http://idea.jrc.it/pdf%20report/8%20conclusive.pdf, p. 1 (visited 29 June 2006)
10.3.2. DEFRA sheep identification
The UK Government of Environment Foodand Rural Affairs (DEFRA) decided in 2004 to starta pilot with the electronic identification of sheepby means of using RFID. The contract for the threeyears pilot was awarded to the UK based ADAS, aconsultancy organisation active in environmentaland rural issues. ADAS has engaged two EID sys-tems integrators, Allflex Europe Ltd and EarlsmereID Ltd, as sub-contractors. The UK has launched aprogram to have the entire process of labelling andidentification of sheep in compliance with EU reg-ulations. According to these regulations, a strict in-formation system has to be used in which sheepare tracked from birth to death by means of varioustags. Movement of sheep over a distance morethan five miles has to be registered. The EU regu-lation determines that114:
• double identification before six months ofage has to be used; double identificationmay comprise of two ear tags or one ear tagand a tattoo, a mark on the pastern (forgoats only) or electronic identifiers; as of2008, one of the identifiers has to be RFID(if decided so by the EC in 2006)
• each holding needs to maintain an up-to-date register;
• each movement of groups of animals (herdsor flocks) has to be accompanied by a mov-ing document;
• a central register of all holdings or a com-puter database at national level is required.
The regulation is in force since 1 July 2005.From 2008 onwards, electronic identifiers are re-quired (Commission decision was taken in De-cember 2006115).
By starting a pilot DEFRA wants to assess whatit means to start widespread tagging of sheep withRFID, in terms of user-friendliness of the equipmentto be used, the kind of tags to be used, how to at-tach the tags to the animals (part of the ear tag, im-planted or embedded in the stomach - ‘boluses’),
the information architecture to be used, and whattraining and support requirements for electronicidentification and electronic tracking systems is re-quired. The pilot thus was much broader stagedthan many other trials which usually only focus ontechnology requirements. A total of 69 participantswere chosen out of a list of 278 potential applicants(DEFRA/ADAS, 2005). The 69 participants were di-vided over a number of categories, depending onthe kind of information to be collected and the net-work facilities provided to the participants: most ofthem (51) simply collected the minimum informa-tion to be compliant with EU directive; eight col-lected on top of the minimum informationadditional management information; three werefully paper-based and two provided a referencescheme for ADAS. The last five simulated a datacollection bureau that might be active for a bundleof farms (third party provider of e-services).
More than 122 000 devices were used for tag-ging purposes over the range of possible technolo-gies (FDX-B, HDX, boluses and tags). The pilotshowed a rather low percentage of boluses to beapplied. The European IDEA project had shownthat boluses are to be preferred in terms of read-ability and recovery above ear tags.116 These find-ings of the IDEA project did not lead to a preferredposition for boluses in the UK trial. The reasonprobably was due to the fact that in case a boluswas used, an ear tag was required as well, to indi-cate that a bolus was used (DEFRA/ADAS, 2005,p7)! During the trial, the percentage of non-read-ing devices in case of boluses and in case of elec-tronic ear tags was rather similar and ranged from0.15 to 0.78% (and thus showed improvementover the IDEA figures). Reading equipment func-tioned pretty well during the trial and met marketrequirements (accuracy, speed of read, ability tosegregate non-read or non-EID animals). As the re-port states “the results of the market trials were en-couraging … and indicated the potentialapplication of EID in market environments”(DEFRA/ADAS, 2005, p.8). Commercially avail-able, ISO compliant equipment is available but therobustness of equipment needs to be improved.
10. R
FID
in a
nim
al ta
ggin
g
166
Tech
nica
l Rep
ort S
erie
s
114 http://ec.europa.eu/food/animal/identification/ovine/index_en.htm (visited 22 June 2006)115 Implementing Council Regulation 21/2004, Council Regulation 968/2006 of 15 December 2006.116 Results of the IDEA project were that reading failures of boluses are 0,35% and constant over time, while reading failures of electronic
ear tags are 0,63% and tend to increase over time to 2,3% after 14 months. Recovery and reading of boluses was 100% in the slaughter-house and 93% for electronic ear tags.See previous section. http://idea.jrc.it/pages%20idea/index%20of%20final%20report.htm (visited29 June 2006)
The internet-based applications, needed forthe data transfer of the farmer’s PC to a centraldatabase showed to be sensitive to failure, leadingto a possible compromise of the farm’s database.The comparison with the paper-based approachshowed the paper-based approach to work prettywell as long as only overall figures had to be reg-istered (the four digit management number andnot the full twelve digit individual number) whileexperienced workers were just as fast with apaper-based read out as with an electronicallymoderated read-out. In more complicated situa-tions (high number of cattle to be registered in ashort period of time) the project team expectselectronic reading to be superior. The vulnerabil-ity of a paper-based system was demonstratedduring heavy rain fall!
Contrary to the IDEA project, recovery ratesof boluses in the slaughterhouse were only 81%overall (with differences between big and mediumboluses). Abattoirs are very much aware of thecosts that will have to be made to meet EU regu-lations (the costs of adding safety measures thathave to be taken in order to prevent boluses toenter the food chain, for instance). They are a bithesitant in adopting the EU regulations to the fulland want to comply at the lowest costs possible.These concerns are shared by the Livestock Auc-tion Association. This association points at thecosts that have to be made to taking care for bothEID and non-EID animals in one and the samemarket. This will evidently lead to higher overallcosts for the auctioneers. Accuracy of reading andspeed of reading showed to be fine in a proof ofprinciple test of reading 1.200 sheep within anhour.
The user friendliness of the systems werescored as being unsatisfactory: too complicated,too slow, too unreliable. Most of the commentsconcerned the back end database system; the eval-uation of the RFID equipment (tags and readers)was more satisfactory. Notwithstanding this judge-ment, it was generally accepted that a paper basedsystem was not a real alternative. A big percentageof the farmers felt however that one should not at-tempt to create a system in which sheep are taggedindividually but instead should focus on herd iden-tification and movement. After all, sheep are oftentreated as a flock, not seldom from cradle to thegrave.
The assessment of the cost-benefit ratio is verymuch dependent on the position in the valuechain. Many actors in the value chain expect to beconfronted with higher costs (farmers, auctioneers,slaughterhouses) which will be very difficult topass on to the consumer. Farmers have to invest inequipment, in training, in transferring data to con-trol institutes. Auctioneers and slaughterhouseswill have to invest as well, while it remains uncer-tain whether the additional individual informationwill lead to any additional advantages. Advantagesmay be the opportunity for streamlining digital re-ports to public authorities. Information on individ-ual sheep (or lambs) may be interesting in specificniche markets and of course when the informationis needed in case of disease outbreaks. But it willbe very difficult to make money with the data col-lected on individual sheep and lambs, while EUregulations will require sophisticated level of reg-istering.
On the basis of the two year pilot, ADAS for-mulates a number of recommendations concern-ing the introduction of RFID in tracking sheepwithin the UK:
• Main conclusion is that the full roll-out of acomplete, integrated EID system for everysheep producer in the UK in 2008 is not arealistic target. Still, important progress canbe made if timely actions are taken.
• All engaged in the value chain ‘From Farmto Fork’ are served with clear guidance onhow the European regulations will be ap-plied, to be provided at the earliest oppor-tunity.
• A level playing field needs to be realised inwhich none of the main actors has a dispro-portional disadvantage due to the introduc-tion of EID.
• Government and industry need to cooper-ate closely to put structures in place to meetthe Regulation under conditions of suffi-cient flexibility in order suit a range of cir-cumstances.
• EU officials should be aware that no at-tempt should be made to introduce a ‘goldplate’ approach to the Regulation; this maylead to declined cooperation of sheep in-dustry, and to sheep farmers given up sheepfarming.
RFI
D te
chno
logi
es
167
Tech
nica
l Rep
ort S
erie
s
• The legislative framework set should be asbasic as possible to comply with the regula-tion.
• Industry considers 2008 to be too early fora fully operational and effective NationalRegister Database. A more extended ap-proach covering periods of five years withrealistic ambitions and milestones is recom-mended.
• Though in the end a paper-based systemwill have to abolished, in the intermediateperiod one should look for fruitful combi-nations between electronic and paper-based record keeping. This might givenon-literate sheep farmer some time to getacquainted with the requested IT-skills.Given the age profile of sheep farmers, thisis considered to be a particular concern.
• Industry needs to be informed about the im-plications of the Regulation at greater cost
and with greater intensity than today. A sur-vey showed knowledge with the new Reg-ulation to be only modestly available: halfof the sheep industry did not know whatwas going to change. Given the prevailingscepticism regarding the full traceability ofall individual sheep special attention needsto be given to the rationale behind the reg-ulation.
10.4. European legislation
Within Europe, several regulations are inplace to promote animal health (and subsequentlyhealth of European citizens) by means of a strictsystem of identification and registration of bovineanimals (cattle and buffaloes), ovine and caprineanimals (sheep and goats), equine animals (horses,donkeys, zebras and their crossings), porcine ani-mals (pigs) and pets. Table 10-5 summarizes themain findings concerning these regulations.
10. R
FID
in a
nim
al ta
ggin
g
168
Tech
nica
l Rep
ort S
erie
s
117 http://ec.europa.eu/food/animal/identificaiton/bovine/index_en.htm
Table 10-5: European regulations and directives on (electronic) identification
Animals Regulation/Directive RFID
Bovine animals Regulations EC 911/2004; EC No electronic identification prescribed1082/2003; EC 1760/2000
Ovine and caprine Regulation EC 21/2004 Electronic identificationanimals obligatory as of 1 January 2008
Equine animals Commission Decision 2000/68/EEC No electronic identification prescribed
Porcine animals Council Directive 92/102/EEC Reference to electronic identification is made
Pets Regulation EC 998/2003 RFID is linked to Pet passport
10.4.1. Bovine animals
For bovine animals the Commission Regula-tion no. 911/2004 deals with ear tags, passportsand holding registers for bovine animals. Objec-tive for the identification and registration of bovineanimals is117:
• “Localisation and tracing of animals for vet-erinary purposes, which is of crucial impor-tance for the control of infectious diseases;
• The traceability of beef for public health rea-sons;
• The management and supervision of livestockpremiums as part of the common organisationof the market in beef and veal.”
With respect to ear tags, the regulation statesthere should be two ear tags. The first ear tag isfully described, both in information content and inmaterials to be used for the ear tag, the second eartag is relatively free, given specific requirements.No mention is made to electronic identificationtechniques. Each bovine animal needs to have apassport that enables the tracking of the cattle incase of diseases (BSE, for instance). Specific arti-cles deal with very young bovine animals (calves)and with the position of the New Member States.No mention is made of the specific forms in whichthe passport should be available. Each holding hasto keep a register that contain a specific list of in-formation (minimum requirements). The register isan electronic register that registers information on
the animals (date of birth, name of holding, move-ment of cattle transport date, information concern-ing the competitive authority checking theregister).
A previous directive (1760/2000) mentions inarticle 4.7 that the European Parliament and theEuropean Council shall decide on the possibilityof introducing electronic identification arrange-ments, on the basis of a Report from the Commis-sion. Notwithstanding the positive results of IDEA,the Parliament and the Council have apparentlydecided not to make electronic identificationobligatory in cases of bovines. Regulation644/2005 on Bovines kept for cultural and histor-ical purposes on approved premises opens thedoor for an electronic identifier, either in the formof a ruminal bolus (article 3.1.d), or in the form ofan injectable transponder “provided the animalsidentified in this manner do not enter the foodchain.” (article 3.2).
10.4.2. Ovine and caprine animals
The Commission Regulation no 21/2004 ex-plicitly mentions the use of RFID for identificationof sheep and goats. Similar to the identificationprocedure with bovine animals, each holding hasto use two distinct methods of registration for goatsand sheep. One means of identification is a tradi-tional ear tag, containing an identification numberof the member state where the animal was firstidentified (ISO 3166 compliant) and an individualcode of no more than 13 digits. This individualcode may bear reference to the holding of the an-imal and the animal itself. The second means ofidentification is an ear tag, a tattoo, a mark on thepastern (solely in the case of goats) or an electronictransponder, compliant with ISO11784 and 11785.Article 9.3 from the Regulation reads that “as from1 January 2008, electronic identification (…) shallbe obligatory for all animals”.118 A few exceptionsto the electronic identification are made, for Mem-ber States in which the total number of ovine andcaprine animals is 600.000 or less, or in which thetotal number of caprine animals is 160.000 or less,electronic identification may be optional for(caprine) animals not involved in Intra-Communitytrade.
Next to the introduction of electronic identi-fication, the Regulation describes the characteris-tics of the holding register, the movementdocument and the computer database for eachholding.
10.4.3. Equine animals
According to Commission Decision2000/68/EEC horses, donkeys, zebras and theircrossings do not require an electronic form ofidentification. The decision deals with the use of alifetime number for equine animals, for veterinarypurposes and in case these animals are used forfood production.
10.4.4. Porcine animals
The Regulations for porcine animals (pigs) areroughly equivalent to the regulations for bovineanimals. Ear tags and tattoos are the acceptedmodes of identification, each holding (farm, mar-ket, slaughterhouse) is obliged to maintain a regis-ter, and each of the Member Sates needs acomputerised database at national level. Excep-tions are made for holdings with no more than onepig.
10.4.5. Pets
The basic regulation for pets is EC 998/2003.Reference is made to public and animal health asobjective for introducing this Regulation. It is espe-cially the concern for rabies that has given rise tothis Regulation. Article 4 regulates the use of elec-tronic identifiers. It states that after a transition pe-riod of eight years, electronic identification will bethe sole means of identifying pets. Important ele-ments of the Regulation are the articles dealingwith the movement of pets from third countriesoutside the European Union into the EuropeanUnion. The struggle against rabies has profitedmuch from the oral vaccination of foxes in the pastdecades, reason why countries such as Englandand Sweden have lessened their protective meas-ures of keeping pet animals for 6 months in quar-antine.
RFI
D te
chno
logi
es
169
Tech
nica
l Rep
ort S
erie
s
118 Council regulation (EC) 21/2004. Establishing a system for the identification and registration of ovine and caprine animals and amend-ing Regulation (EC) No 1782/2003 and Directives 92/102/EEC and 64/432/EEC.
10.5. Discussion of EU approach
Following the IDEA project there has beenmodest progress in Europe regarding the electronicidentification of animals. Only in the case of sheepand goats and in the case of pets has the EuropeanUnion decided to accept electronic identificationas a means of identifying animals and keepingtrack of their movements, within European Mem-ber States and to regions outside Europe. The elec-tronic identification and registration of sheep hasadded value above ear tags with bar codes or tat-toos, due to the high agility of sheep and goats andlarge size of the herd (contrary to bovine animalswhich are very docile and are (in the EU) held insmaller herds). The electronic registration ofbovine animals is yet in place and serves healthand identification purposes.119 Sheep and goatsthus are classes of animals to which use of RFIDmay offer substantial advantages. The ear tags ofpigs and bovine animals, which contain informa-tion on the Member State of birth, the farm towhich it has been moved and identification infor-mation about the specific animal ‘at stake’, areconsidered to be sufficient identifiers for followingthe pigs and the cows ‘from farm to fork’. The Eu-ropean-wide ‘pilot’ with the electronic identifica-tion of sheep and goats to have a very strongall-European spread (totalling to over 100 millionindividual sheep and goats) and to disseminate dis-eases more rapidly and more vehemently than pigsand cows may provide additional legitimacy forthe transition towards a full electronic system.Philips expected in 2003 a transition period ofthree years to the obligatory introduction of RFID.With hindsight, this vision has shown to be too op-timistic.
10.6. US approach to electronicidentification
Within the United States the US Departmentof Agriculture wants to introduce a National Ani-mal Identification System. The NAIS should con-tain references to the holdings that keep animalsand to the animals themselves. The rationale forthe NAIS is the economic damage that was in-
curred by recent outbreaks of animal diseases suchas the Foot and Mouth Disease and BSE. This lastdisease, which recently manifested itself first inCanada in May 2003, let to a demand of Japan tohave proof that beef shipped from the UnitedStates was not of Canadian origin (Becker, 2006; p.8-9). Japan had been an important importer of USbeef, purchasing over 35% of all US beef exportsin years preceding 2003. This requirement ofJapan complicated the deliberations of the US withCanada to open their own borders for Canadianmeat. The attempt to introduce a separate docu-ment, upon request of the exporters, to guaranteethe origin of the meat and cattle, showed to be invein when the USDA120 found the first case of aUS BSE cow. Japan immediately suspended im-ports of US cattle, beef and related products. Onlyafter two years of “often difficult” negotiations, theJapanese market briefly reopened in late 2005 forUS beef from certified US farms. An internationalteam examining the Canadian BSE response em-phasized the need for mandatory ID. The absenceof such a system contributes to extended destruc-tion of animals. The U.S. cow with BSE was, bymeans of its ear tag, traced back to a herd in Al-berta, Canada. Notwithstanding this successfultracing back, the U.S. did not succeed in findingthe origins of 52 out of the 80 cows that, togetherwith the BSE cow, had entered the United States.The risks that one of these 52 cows was also abearer of BSE was considered to be extremelysmall. This was acknowledged by an internationalpanel (Becker, 2006, p9).
A year before the BSE-case in the UnitedStates, the National Food Animal IdentificationTask Force was formed in 2002 to prepare a workplan for the development of a detailed animalidentification system. In December 2003 the “U.S.Animal Identification Plan” (USAIP) was pub-lished. Key goal of the plan is “the ability to iden-tify all animals and premises potentially exposedto a foreign animal disease within 48 hours of itsdiscovery.”(Becker, 2006, p. 5; Smith, 2005). Ac-cording to the planning, in July 2006 all animals(cattle, sheep and goats, swine, small ruminants)should have been provided with a unique ID num-ber. Shortly after the publication of the USAIP, the
10. R
FID
in a
nim
al ta
ggin
g
170
Tech
nica
l Rep
ort S
erie
s
119 Personal communication Peter Laloli, project manager System Pilot Electronic I&R sheep and goats, Department of Food Quality and An-imal Health, The Netherlands.
120 United States Department of Agriculture
first case of U.S. BSE was discovered. This gave anextra impetus to the plan. The initial budget of theplan was approximately $30 million for each ofthe successive FY 2004-2006.
Notwithstanding this financial support, imple-mentation of the National Animal IdentificationSystem (NAIS) has been “difficult and controver-sial”. According to USDA, as of early 2006, 50states, two territories and five tribal organizationswere able to register premises, nearly 205.000 (ap-proximately 10%) premises had been registered.In May 2005 USDA published a strategic plan forimplementation of NAIS. This plan aimed at hav-ing NAIS standards accepted by stakeholders byJanuary 2008 and required recording of animalmovements by January 2009. Since then, the Gov-ernment attitude towards the plan has changedconsiderably. The ultimate goal of the plan – re-covery within 48 hours of all animals that mightbe involved in an outbreak of animal disease – re-mained as it was. The system should however bea privately owned system, with minimal interfer-ence by the U.S. government. Government shouldbe able to access the database with informationonly on a ‘need to know’ basis.
The most recent developments are that U.S.government is opting for a federated system, inwhich U.S. government only has access to two so-called ‘meta-databases’. One database contains alist of animals with their ID and the private datacompany or organization with information about theanimal. The other database contains a list of prem-ises with their ID and the private data company ororganization with information about the premises(Pape et al, 2006). The architecture of the NAISwould enable a rapid response, by knowing whichprivate organizations have to be contacted in case ofan emergency. According to Pape and Smith, a rapidresponse is possible within the timeframe of less than30 minutes and, in case of fully independent data-bases, no more than two hours, clearly within thelimit of 48 hours, posed as one of the design criteria.To meet these rapid response requirements, an in-frastructure has to be in place in which fully auto-mated requests and responses can be sent around.This is not yet the situation in the U.S.
The approach of the U.S. Department of Agri-culture has been a very cautious one, trying toavoid the suggestion the government wants to geta hold on private data. However, in May 2006 the
House of Representatives still voted down a bill of$33 million which was requested for the imple-mentation of the NAIS for financial year 2007(Clap, 2006). Before agreeing on the expenses, theHouse wanted “a complete and detailed plan, in-cluding but not limited to proposed legislativechanges, cost estimates and means of programevaluation.” Since the main part of the NAIS willbe hosted by private organisations, USDA is veryreluctant in estimating the costs associated withhaving the databases developed and implemented.The National Cattlemen’s Beef Association, whichhas declared being willing to host the private data-bases, supports the actions of the House of Repre-sentatives, referring to having the highest possibletransparency in the construction of the NAIS aspossible.
According to Pape and Smith, much of the re-cent turmoil is due to the confusion about theplans of the USDA. They view that – contrary towhat is commonly believed – the NAIS is basedon guarding the privacy of farmers and other pri-vate organisations. The U.S. government is onlyable to gather information in case of emergenciesby setting out requests for more detailed informa-tion at the companies or organisations which keeptrack of the data on birth, movements and de-ceases of the individual animals.
Regarding the use of RFID as means of elec-tronic identifier, the NAIS does not require havingthe information available through RFID. ThoughUSDA considers RFID to be a technology thatmight speed up the process of registering and get-ting all data in the database, it is not prerequisite.
Many issues still are open for debate. Evenvery basic ones, such as which cattle should beregistered. Should it be all kinds of species (cattle,sheep and goat, poultry), should it be only themore higher risk animals (dairy cows, breeding an-imals, older livestock)?
According to the original objective the scopeof he NAIS is primarily the ability to trace back theorigins of animal diseases such as BSE and FMD.In case a connection will be made to food safety,the NAIS should be mandatory and should bemore extensive in its registration.
Costs are an important asset, in combinationwith the question who should bear them. A fullydeployed NAIS is expected to cost $120 million
RFI
D te
chno
logi
es
171
Tech
nica
l Rep
ort S
erie
s
yearly, of which tags account for almost $100 mil-lion! Opinions differ as to who should bear thecosts. The Canadian cattle ID programme showsthat RFID-based tags are approximately C$2,-each, while bar coded tags range for C$0,80 toC$1,60 (Becker, 2006, p. 6). With an extension oftraceability, the costs will also likely rise. Couplingthe yet separate systems of animal ID beforeslaughter and product tracking after slaughtermight be beneficial from a consumer perspectivebut is costly.
10.7. Discussion
10.7.1. Pitfalls and barriers, drivers andopportunities
The overarching incentive for the introductionof animal ID is the ability to respond quickly oncrises of animal diseases, such as an outbreak ofFoot and Mouth Disease, the occurrence of BSE orthe outbreak of Avian influenza. Destruction costsare high, and animal welfare is challenged in theseinstances. In combination with food safety, thereis a need for a system that couples animal ID track-ing with product tracking after slaughter. Such asystem is not in place yet, neither in Europe nor inthe USA. Incentives for such a system come fromconsumers and consumer organisations who arewilling to pay for animal welfare and safe food.Within Europe, an extensive system of legislationby means of European directives and regulationsis in place, regulating identification of the variousspecies of animals. National computerised data-base systems are mandatory, adding up to a feder-ated animal ID system in which each nation bearsresponsibility for its own national database system,including the inference of costs. Each holding isrequired to have its own database system, register-ing data such as birth and movement of animals.This database system enables back-tracking the lo-cation of animals and the possible routes of infec-tious and contagious diseases. A more extensiveregistration is required to enable back-tracking thefood that is produced for animals (which might beimportant in case of BSE cases). This system is notin place yet.
RFID only plays a minor role in these registra-tion systems. Within Europe, RFID is only obliga-tory in the registration of sheep and goats as from1 January 2008 onwards, with a few notable ex-ceptions meant among others to relieve the bur-den of a too fast transition for the new memberstates. Pets that will be moved from one countryto another are also required to have RFID as meansof identification.121 The positive experiences withRFID, stemming from the IDEA project, have notled to a broad implementation and deploymentplan for RFID in European livestock. For most live-stock species (cattle, pigs, horses) identification isobligatory (usually in a redundant mode) but elec-tronic identification is not mentioned as one of themeans of identification. For sheep and goats theuse of RFID offers added value due to the highagility and size of flocks and herds of sheep andgoats, rendering traditional techniques such as barcodes much more difficult to exploit. RFID enablesfarmers to set up an identification and registrationsystem comparable to those already in place withbovine and equine animals.
So, while opportunities are indicated – interms of added value to the existing informationsystems, and in terms of market size of over 1 bil-lion tags yearly for Europe – these opportunitiesare only seized in the case of sheep and goats.Larger farmers perceive opportunities to use elec-tronic registration as means to improve their busi-ness processes and to increase efficiency andsoftware vendors see opportunities to explain mar-ket share in this market segment and are thus eagerto participate as well. Law enforcement supportsand enhances this opportunity. We have found noincentives to introduce RFID within the next fewyears in other livestock species.
Barriers for the introduction of RFID in live-stock are the relatively high costs of tags (a fewEuro against a price of sheep and goats of a fewEuro per kilogram meat produced), the absence ofmature reading products leading to resistance at auser group who is relatively unknown to high techICT, and the absence of uniform and standardisedinformation coding practices by software vendorsand integrators, leading to lock in and to problemsof standardization. Other problems relate to thefact that national Identification and Registration
10. R
FID
in a
nim
al ta
ggin
g
172
Tech
nica
l Rep
ort S
erie
s
121 Of course, other motives may play a role as well to inject an electronic transponder, such as identification in case of pets getting lost.
systems are not compatible to each other, thus hin-dering transborder cooperation and communica-tion.
A final pitfall that can be mentioned is thefragmented market of hardware vendors which ob-scures the possibilities for end-users and which,due to low volumes, puts up serious price barriersin reading equipment for the majority of smallerfarmers.122
10.7.2. Actors
The IDTechEx database shows that Europe-based Philips is one of the producers of the animalRFID tags. In general, European companies act assystem integrators. Producers of reader equipmentcan be found in Europe and the U.S. (Digital Angelbeing a major one). On the basis of available datait is hard to tell what the position of European ven-dors on this market is. Given the probable size ofthe market (many hundreds of millions of cattle,sheep and goats and pigs within Europe) speciali-sation in animal tracking may offer an interestingbusiness proposition, given mandatory electronicidentification techniques. In the Netherlands, forinstance, management software vendors are thesystem integrators and act on behalf of the farmerswith respect to ICT-related issues.
10.7.3. Costs
Due to the relatively high costs of the RFIDsystem compared to the more traditional methods(especially bar-codes in ear tags) prescribing elec-tronic tags requires clear added value to the tradi-tional methods. Added value may be a better andwater tight system which enables a better focusedreaction to outbreak of animal diseases. Using ru-minal boluses might be a way to diminish losses oftags or damaging tags that thus can not be read outanymore. Costs are spread all over the value chain:the farm, the market auctioneers and the slaughter-house. Costs are expected to be high and mayhave consequences for the market position offarmers, auctioneers and slaughterhouses. The UScase identifies costs for the tags to be over 80% oftotal system costs (including readers, systems and
services). Identification issues may arise if Elec-tronic Identification means are not taken care of,once the animal deceases. Due to the high cost ofeID-tags/boluses with respect to the profit per an-imal, businesses will tend to resell these tags to beused in other animals, thus obscuring the identifi-cation purpose of the tag/bolus. Lifecycle policiesfor EID means have to be adopted to prevent thisfrom happening.
10.7.4. Training requirements
The DEFRA study pays explicit attention to theneed to train farmers and personnel of slaughter-houses and auctioneers in dealing with RFID.Training encompasses the ability to insert or injecttransponders and skills needed to handle the elec-tronic register. DEFRA has searched for a numberof different solutions, for instance combining anumber of small farms and having them served bya service provider. The study noticed that 90% offarmers required IT training. IT-skills varied widelyover the farmers’ population. The average agewithin the population is rather high, which is anadditional reason for concern. It showed to be pos-sible to train the farmers to handle the ID data andhandle the farm-based PC. Transferring the data tothe central database through Internet showed to bea major obstacle. The intensity of the training washigh; in a complete roll-out of the RFID-systemover the entire farmer population costs for this in-tense form of training would be prohibitively high.
10.7.5. Security and privacy issues
Animal tracking shows privacy issues to havedecisive cultural dimensions. Within the EuropeanUnion the introduction of RFID for animal trackingis mostly phrased in business economic and farmeconomic terms. Though smaller farmers, activeon the grey market as well, oppose state interfer-ence and extended inspection capabilities of pub-lic authorities, overall the issue of having anational identification system is not questioned.Within the United States, state interference is sus-pect. The suspicion against too much governmentinterference has led to a delay in initiating and in-stalling a nation wide animal identification system.
RFI
D te
chno
logi
es
173
Tech
nica
l Rep
ort S
erie
s
122 Personal communication Peter Laloli and Micheael van Beckum, two TNO-researchers involved in a recent RFID-tagging trial in theNetherlands.
Private companies (including farmers) do not wantthe government to get an insight in their privatebelongings. The reserve, shown by the U.S. depart-ment of agriculture by opting for a federated sys-tem in which the national government only createsa ‘meta-database’ and is dependent on the co-op-eration of the private data companies and organi-zations to collect the required information in caseof emergency, has not led to a more beneficial at-titude of farmers and meat organisations. Thesekinds of disputes have not been found to deter-mine the deployment of identification systemswithin Europe. A much more cooperative attitudeis found. We have not found any reference to pri-vacy concerns for the European situation.
Security is not considered to be a major issue.Fraud with identification systems has to be ruledout. RFID may offer advantages over barcode sys-tems that over time tend to become unreadable.Especially ruminal boluses may offer advantages:they are long lasting and are difficult to loose.
10.7.6. Future technologies
RFID by means of chips is not the only
means of advanced technological identification.
Alternatives are chipless RFID systems as have
been demonstrated at the end of 2006. By
means of conducive tattoos on the skin of cattle
it is possible to identify them on the basis of
radio frequency.123 Other emerging alternatives
are biometric identification techniques (iris
scans) and DNA-markers. They may offer added
value, for instance in identifying kinship rela-
tions and in providing information on quality
characteristics of the meat of production cattle
(DNA-markers). Though DNA markers are not as
widespread as RFID, several companies develop
DNA technologies to be used for identification
of cattle and for providing additional informa-
tion. DNA markers could create the bridge be-
tween animal identification and tracking and
food safety.
10. R
FID
in a
nim
al ta
ggin
g
174
Tech
nica
l Rep
ort S
erie
s
123 See http://www.theregister.co.uk/2007/01/16/rfid_tattoo/ (visited 24 January 2007)
11. RFID in healthcare
RFI
D te
chno
logi
es
175
Tech
nica
l Rep
ort S
erie
s
124 Source: IDTechEx, 2005c
The widespread adoption of RFID technologycovers almost every possible sphere of human en-deavour. The analysis of the distribution of the var-ious applications that are at the moment at anadvanced stage (executive, pilot, technical trial)shows that most of the applications are in the Ser-vice sectors (60%), which also include healthcare(Politecnica Milano, 2006). One of the reasonswhich justify the adoption of such technology isthe simplicity of use.
According to Gartner forecasts, healthcareand pharmaceutical industries will adopt RFIDfaster than other application domains: pharmaceu-tical industries are also encouraged by the Food
and Drug Administration (USA) to adopt this tech-nology in order to combat medicine counterfeit-ing. It is expected that this will result into a fastwidespread tagging by 2007 (IDTechEx, 2005a).
According to the IDTechEx study “RFID inHealthcare 2006-2016” the global market for RFIDtags is now around $90 million and due to the factthat object and people tagging will be more andmore diffused in order to improve efficiency andsafety, this market is expected to grow up to $2.1billion by 2016. In the following Table 11-1 themain uses of RFID technology in healthcare area inthe next years are presented.
Table 11-1: Evolution of RFID use in healthcare124
Years
Main uses
Up to 2004
Error prevention ofproducts (drug do se,corrects blood and treatment, mother/babymismatch etc.).
Patient tagging for errorprevention.
Locating staff/staff alarms.
Locating assets
2005-2010
Error prevention of products nowincluding autorejection of wrongluer connections and parts.
Patient tagging for error prevention.
Locating staff/staff alarms/tags thatrecord incidents.
Locating assets/speedy, acouratestock taking.
Theft prevention.
Cost control.
Recording procedures (eg fordefence of lawsuits).
Drug trials compliancemonitoring/prompting.
Behavioural studies to optimiseoperation.
Phamaceutica anticounterfeiting.
2011 Onwards
Error prevention of products.
Patient tagging for error prevention
Locating staff/staff alarms
Locating visitors/visitor alarms
virtual queuing
Locating assets/speedy, accuratestocktaking
Theft prevention
Cost control
Recording procedures
(eg for defence of lawsuits)
Drug trials compliance
monitoring/prompting (takingdrugs)
Behavioural studies to optimiseoperations
Pharmaceutical anti-counterfeiting
Track and trace of most medicines,consumables and assets.
11.1. Description of cases
In this document a few cases will be re-ported to understand the issues that are ad-dressed in the area of healthcare applications.
One source of information is the IDTechEx Database which collects a number of cases on thismatter. In Table 11-2 the distribution of the casesin Healthcare over Europe, the USA and a num-ber of other regions is shown.
11. R
FID
in h
ealth
care
176
Tech
nica
l Rep
ort S
erie
s
125 Source : IDTechEx 2005c126 http:// www.osservatori.net/127 http://www.rfidnews.org/weblog/2004/02/13/rfid-asset-tags-tested-in-22-us-hospitals/
Table 11-2: Distribution of cases of RFID in healthcare125
Region Number of cases
Europe 40
USA 86
Australia 1
South East Asia 18
Canada 2
Africa 2
South America 1
According to this table most of the pilots arecarried out in USA, followed by Europe (UK isamong the countries in Europe with more casestudies).
Other cases are taken from a study carried outby the Milan Polytechic, Department of ManagingEngineering, published in June 2006 (Polytecnicdi Milano, 2006).126
RFID technologies have been used in a widevariety of cases; one distinction that can be madeis that of considering the use of RFID applied topeople and to things or animals. This distinctionallows a better understanding of the characteris-tics of RFID technology to be used and the prosand cons of the adoption.
Among the several forms of RFID applicationsthere is an emergent one which combines objectsidentification with people identification functional-ities. This allows an optimization of project costs aswell as new types of functionalities. As an example:tags are applied on trees in parks for monitoring theevolution, maintenance and status of the trees but atthe same time they provide information services tousers. In case of hospitals, RFID technologies allowthe identification of patients and the identification ofmedical instruments or medications associated tothe patient.
The description of case studies in healthcarein the document is done by grouping applicationsaccording to the following structure:
RFID applied to objects
1. Medication and equipment traceability
2. Service operation support
RFID applied to persons
3. Person identification in hospital environ-ment; patients/elders localization/moni-toring
11.2. RFID applied to objects: medica-tion and equipment traceability
One of the most important issues that are cur-rently studied everywhere and for which RFIDtechnology seems to be a good solution is thetracking of hospital assets, instruments and medi-cines. It has been estimated that the costs of theftof equipment and supplies in US hospitals areabout $4000 per bed each year.127 This implies atotal potential loss of $3.9 billions considering thatthere are more than 975 000 staffed beds. Thetraceability of medication is a big issue as well, re-lating to on one side the risk that patients get thewrong drug or the wrong dose and on the otherside the problem of drug theft.
Another issue is that of leaving objects in thebody after a surgical operation. Every 10.000 sur-geries one object is left in the body, totalling to1500 objects every year: This causes an increase ofhospitals stays (four days added), with relatedcosts, and risks of deaths (57 US deaths in the year2000 were associated to this kind of problems).
11.2.1. Locating and tracking hospitalequipment, US hospitals
Several US hospitals joined an asset tag trialwith eXI Wireless, now part of the VeriChip Corpo-
ration, starting from February 2004, with the aimof finding a way of protecting, locating and track-ing hospital equipment.
The project’s objective was testing the Asse-trac system128, in order to reduce high costs due toboth loss of hospital equipments and to loss oftime spent by hospital personnel in looking formedical equipment.
RFID tags are supposed to be fixed to medicalequipment in order to trigger an alarm wheneverthey are brought outside the designated perimeteror when the tag has been removed from the equip-ment itself. The Assetrac system has a graphical in-terface that includes the facility’s floor plan. Thesystem can direct staff to the vicinity of the assetthey are looking for.
The Assetrac system is composed of twopackages:
• ProtecPoint, which protects high value as-sets from loss by providing an individual,secure zone around doors where only au-thorized personnel can transport tagged as-sets without triggering an alarm.
• Assetrac Control 4.0, which can be used tomanage assets as well as tracking them, cre-ating custom reports for scheduled mainte-nance, asset utilization or inventory control.
In the following Figure 11-1, an example ofthe functionality of the Assetrac system, is pre-sented:
1. Each medical equipment that needs to betracked is tagged
2. A centralized server contains all the infor-mation about the actual status of the med-ical equipment and provides immediateinventory look-up
3. Information about tagged items is accessi-ble through a web browser by any com-puter in the hospital
4. Small receivers are placed within the prem-ises to locate the tagged equipments, tomonitor the system and to update the cen-tralised database.
5. Depending on transceiver coverage, infor-mation communicated about asset locationis portal (that is the communication is donewhen the tagged element crosses a door-way), last-known (the object has been lo-cated after it crosses a doorway and entersa specific area in the department) or realtime (transceiver coverage together withthe triangulation provide exact location ofthe object).
RFI
D te
chno
logi
es
177
Tech
nica
l Rep
ort S
erie
s
128 http://www.verichipcorp.com/content/solutions/asset_tracking129 Source www.verichipcorp.com/content/solutions/assetrac
Figure 11-1: Functionality of the Assetrac system129
Technology
The Assetrac uses active RFID tags that areable to generate alarms themselves.
11.2.2. Avoid leaving objects in the patient body, Stanford UniversityMedical Center130 (USA)
Funded by the National Institutes of Healthand by a grant from the Small Business InnovationResearch Program, a study has been carried out inStanford using RFID technology to tag surgical ob-jects such as tools or sponges in the operated pa-tient’s body. Although procedures are in place totrack objects during surgery, such as counting ob-jects before and at the end of a surgery procedure, occasionally supplemented with X-ray, errors dostill occur and sponges or instruments are some-times left in the patient’s body (two-thirds of all ob-jects left in the body are sponges). The risksignificantly increases in emergencies, with un-planned changes in procedure and with patientsthat have a higher body-mass index, according tospecialists.
In the Stanford study some patients alloweddoctors to insert objects (tagged sponges) in theirbody. These were similar to those used in stores toprevent thefts. One surgeon was appointed to usea prototype interrogator to detect the sponges. Itnever failed to find them and the time needed wasless then three seconds. So, in the trial the resultsseem interesting. The only problem was the sizeof the chips used: 20 millimetres. This size is toolarge and would need to be reduced to be practi-cal on sponges and surgical instruments.
11.2.3. Tracking medication from pharmacy to patient, Jena University Hospital131
(Germany, June 2006)
Jena University Hospital has started to test asystem together with SAP and Intel to track med-ication from the hospital’s pharmacy to patients inintensive care. In the first phase 24 people are in-volved in the trial; another 65 people may join in
the next phase. The RFID technology enhances analready existing system; when electronic controlof drug dispensing was deployed the medicationerrors were reduced; the use of RFID is meant toeliminate the remaining errors. Statistics show thatone in 20 patients suffers from adverse drug effectsand many of these cases could actually beavoided: by using patient data stored and recov-ered through RFID system it would be possible todiscover drugs incompatibilities.
Technology
The RFID passive tag is placed on the individ-ual dose of medication when still in the pharmacy;an RFID tag is also placed on boxes containingbottles of medications. All these data are read andstored in the computer system before the medica-tions leave the pharmacy, together with patient in-formation. Upon arrival at the destined hospitalunit, the medicines are scanned again and infor-mation is updated in the computer servers beforethey are delivered to the patient. When the med-ication is given to a patient, information about thenurse administering it and type of medicationgiven is stored in the patient wristband. This waymedications and patient ID can be cross-checkedevery time instead of using paper lists like in cur-rently used procedures.
11.3. RFID applied to objects: serv-ices operation support
The services operation support includes allthe activities related to the use of RFID for improv-ing operating processes in various applicationfields such as Public Transportation, Libraries andHospitals. In case of healthcare the more interest-ing projects are related to cross-checked identifica-tion of patients and material/medications; trackingthe patient at every stage of their treatment couldhelp to avoid the risk of contributing to indirectly72 000 deaths and to directly 40 000 deathsyearly (data relating to the UK, Dr Foster health-care research group). In general the more frequenterrors problems relate to:
• Giving wrong medication,
11. R
FID
in h
ealth
care
178
Tech
nica
l Rep
ort S
erie
s
130 http://mednews.stanford.edu/releases/2006/july/sponge.html131 http://www.uniklinikum-jena.de/Willkommen.html
• Administering wrong blood type,
• Mix up pathology sample,
• Operating/removing wrong parts of thebody during surgery.
11.3.1. Blood transfusion monitoring atSan Raffaele Hospital, Milan132
(Italy)
The San Raffaele Hospital, situated nearMilan, has about 1100 beds available. Its ‘Transfu-sion medicine operation unit’, which delivers over15 000 blood transfusions per annum, has alreadydeveloped three RFID projects. One project ad-dresses errors in the blood transfusion and han-dling process. The risk of problems caused by anerroneous transfusion is estimated to be around 1in 12 000 transfusions but experts estimate thatthe error rate may be much higher since many“near-miss” incidents are not even reported. Fur-thermore, nearly 80% of blood transfusion errorsare due to bedside errors or labelling errors andmany of those errors are human errors caused bystaff people often busy carrying out multiple taskssimultaneously.
The project focus was on autologous transfu-sion, which is blood that is taken and then re-turned to the same donor; this choice was drivenby the fact that in this case the blood bags remainwithin the same hospital thus allowing a bettercontrol of the entire process before applying it toa more extensive case.
The main objectives of the project were:
• eliminate labelling and bedside errors,
• eliminate paper forms as much as possible
• procedure (and introducing other potentialsources of errors),
• provide a way to trace blood bags through-out the entire process.
Technology
HF technology (13.56 MHz) has been used:RFID tags were applied both on patients’ wristbandand on the blood bag. The patient was supposed to
be equipped with a wristband (16 KB of memory)upon arrival at the Transfusion Unit.
The wristband tag contained informationabout the patient including a picture of the patient;the same information is recorded in the computersystem. Before the patient’s blood is put into theblood bag, the hospital staff member reads thewristband and copies the same information on atag to be put on the bag. A cross check betweenthe wristband and the blood bag is also done.Staff’s badges information are then scanned toallow a third verification of the procedure. Read-ing and storing procedures are made through PDA(wireless enabled RFID reader) and through laptopPCs.
The transfusion is made possible only after alltags associated to patient and blood bags are readand all cross checks are made.
The use of bar codes in this case has provedto offer less performance quality for the followingreasons:
• difficulty to read bar-coded wristband whendirty or wet;
• difficulty in reading bar codes hidden undersleeping patient, or a patient laying on anoperating table.
Stakeholders
The actors involved in this project were: thetechnology providers, Intel, Autentica and CiscoSystems providing the computer systems, RFIDtags and Wireless LAN and the users, which arethe hospital personnel and the patients.
11.4. RFID for people identificationand localization in healthcare
RFID technology is applied to people to man-age the following situations:
1. identification of people within hospitals orcare centres: in this case different situationsusing either passive or active tags are con-sidered;
RFI
D te
chno
logi
es
179
Tech
nica
l Rep
ort S
erie
s
132 http://www.cisco.com/global/IT/local_offices/case_history/rfid_in_blood_transfusions_final.pdf
2. identification and localization of sick peo-ple or elderly people at home: in this caseusually active tags are used.
In the first situation passive tags are normallyused to associate patients with specific medica-tions, blood bags, surgical operations and so on;nurses or authorised personnel read the passive tagassociated to the patient and cross check data withthose stored into the computer system before per-forming any specific action. Active tags are usedto monitor patients in limited areas (such as emer-gency department): normally patients wear a neck-lace with an RFID tag on it able to send real timeinformation to doctors on the patient situation.
In the second situation, RFID tags can be usedto localize and reach people who need help. Ex-periments have also been carried out during theTorino 2006 Olympic Games by CEFRIEL133 to lo-calize people with health problems in a crowd.134
The platform designed, called Mentor Me,provides a way to identify the position of a personin a given space. For example, a woman with aheart disease, wearing an UWB RFID tag can belocalised while she is watching a hockey game ina crowded stadium. The tag continuously providesthe coordinates of the person who can easily belocalised on a map created for this purpose. If theperson needs help, she presses a button on thesensor she has with her and immediately the posi-tion (chair number and row) is provided to theemergency staff together with the health files re-lated to the person.
The application of tags or any other types ofmonitoring equipment to people encounters scep-ticism with the users who feel controlled and donot accept it easily. Besides, privacy issues have tobe managed as well as the risk that monitored datacould be captured by non-authorised people.
Research shows that willingness of people tobe monitored increases since people realise thatremote monitoring of specific vital parameters canactually save lives. A study from Venture Develop-ment Corporation (see Figure 11-2) shows the will-
ingness of people to have some vital functionsmonitored.
Figure 11-2: Attitude of patients towardsmonitoring vital functions135
11.4.1. Monitoring chronically ill patients,Hackensack University MedicalCenter (USA)
A two-year collaboration between the Hack-ensack University Medical Center and the HorizonBlue Cross Blue Shield of New Jersey, the state’s old-est and largest health insurer, starting in July 2006will allow doctors to monitor chronically ill patientsenabling emergency room physicians to accessthose patients’ medical record electronically. FDA-approved microchips (provided by VeriChip Corpo-ration) will be implanted under the patient’s skinand provide immediate access to family contact in-formation and information about the patients’ med-ical histories.
The participants agree to having an im-plantable RFID-chip, the size of a grain of rice,placed under their skin. VeriChip calls the RFID-chip a personal health record module. The infor-mation on the module will include medicalinformation from insurance company HorizonBCBSNJ’s claim records, such as lab test data andpharmacy prescription information. This moduleemits a 16-digit number that links the patient totheir electronic medical record when a specialhand-held scanner is waved over it.
11. R
FID
in h
ealth
care
180
Tech
nica
l Rep
ort S
erie
s
133 http://www.cefriel.it/index.html?lang=en134 Innovation Gazette, February 2006
http://www.cefriel.it/contents/pages/attach/434/innovationGazette_n01_feb06_eng.pdf#search=%22torino%202006%20cefriel%20rfid%22
135 Source: Venture Development Corporation
The pilot program will give Hackensack Med-ical Center physicians access to the member’s elec-tronic medical records and other vital informationwhen response by the chronically ill patient, for in-stance in case of an emergency, is lacking. The con-tent of the electronic medical records will beapproved by each participant and include informa-tion about their condition, family contact informa-tion as well as lab test data and pharmacyinformation maintained by Horizon BCBSNJ.
Stakeholders
Technology provider: VeriChip Corporation136
develops, markets and sells RFID systems used toidentify, locate and protect people and assets.VeriChip recently began to market its VeriMed(TM)Patient Identification System, which is used to rap-idly and accurately identify people who arrive in anemergency room and are unable to communicate.This system uses the first human-implantable pas-sive RFID microchip, the implantable VeriChip(TM),cleared for medical use in October 2004 by theUnited States Food and Drug Administration:
- Service provider: Insurance company Hori-zon Blue Cross Blue Shield of New Jersey,
- The users: Hackensack University MedicalCenter.
Technology
The technology used is a microchip about thesize of a grain of rice, containing a 16-digit iden-tifier. The passive RFID can be implanted underthe skin and personal medical information aboutthe patient are then accessible through the tag IDin a password protected database.
11.5. Lessons to learn
In the following we present a few reflectionsdrawn from the above described case studies.
11.5.1. Technological issues and problems
One of the issues which has been dealt within healthcare case studies is that of comparing the
use of bar codes with that of RFID. In general, itshows the use of RFID to be preferred over barcodes; data stored in RFID tags can be read muchquicker and using RFID at system level is morecost effective even though barcodes are muchcheaper than RFID. Concerns about using RFID re-late to possible interference of radio waves withhospital equipment.
Considering the use of RFID in operatingrooms as shown in the “Operating room of the fu-ture” (Massachusetts General Hospital137) oneproblem that has been highlighted by doctors andmedical staff is related to what happens if the com-puter system goes down. In this kind of operatingrooms information about the patient (name,weight, age, and procedure he/she is undergoing,body temperature, allergies, special needs, etc.) isdisplayed on digital screens; together with presentmedical staff, instruments and so on. But if the sys-tem goes down, an information technology expertis needed which complicates surgery.
RFID technology is considered to offer a goodsolution for tagging objects in the operating roomto avoid leaving gauze sponges or other instru-ments in the patient body; the solution looks inter-esting but many small objects that are used forsurgical operation still cannot be tagged due to thedimensions of tags.
11.5.2. Market issues
RFID is becoming a strategic weapon in re-ducing costs in the healthcare industry. The tech-nology is easily integrated into a hospital’s wirelessinfrastructure. With an RFID system in place,healthcare facilities can easily track mobile assetsas well as staff and patients.
Healthcare facilities lose thousands of dollarsworth of equipment each year and staff membersspend countless hours searching for mobile assetssuch as infusion pumps, X-Ray machines, wheel-chairs and patient monitoring devices. Further-more also the high cost of renting expensivemedical equipment is to be mentioned; it oftenhappens that hospitals own more infusion pumpsthan licensed beds and normally rent more thanneeded to be sure that a nurse can immediately
RFI
D te
chno
logi
es
181
Tech
nica
l Rep
ort S
erie
s
136 http://www.verichipcorp.com/137 http://news.com.com/Tomorrows+operating+room+to+harness+Net,+RFID/2100-1008_3-5900990.html
find one when it is needed, even if much of theequipment is left idle.
As a result, many hospitals are turning to RFIDtechnology to keep track of pumps, as well asother expensive mobile equipment, includingwheelchairs and patient monitors. According to areport by Spyglass Consulting, the number of hos-pitals using RFID tags to track assets will skyrocketfrom 10 percent in mid-2005 to 45 percent by theend of 2007138. Such programs promise to cut notonly costs, but also the time that clinicians and en-gineers spend searching for equipment, and thetime patients spend waiting for it139.
11.5.3. Privacy issue
Privacy in case of healthcare is certainly animportant issue to be considered. In case of use ofRFID, privacy is mainly related to frequency trans-mission and to unauthorised access to people datastored in databases. UHF tags which can be readat a distance of ten meters are more subjects tounauthorised reading then HF tags readable froma distance of less than one meter. Tags normallyused in this environment are passive and containonly an ID.
RFID technology can be used in hospitals toprovide fast access to patients’ records and a moresecure delivery of medications avoiding provisionof wrong medicines to people.
Even if privacy issues are well known and ad-dressed some people are worried about the acces-sibility of their private data for instance becausethe tags associated to their person (wristband, im-planted or other) can be read from a distance in amanner that does not allow them to know whenthis is actually happening or by whom.
11.6. Recommendations for Euro-pean policy
In case of healthcare, RFID technology hasbeen adopted for a variety of reasons includingthat of improving the care itself. It is in fact a com-
munis opinio in the Healthcare environment thatgood improvements to healthcare can be providedby technology rather than by medicine.
RFID has been considered as the suitabletechnology for tracing products along the entiresupply chain. The Ministry of Health in Italy hasissued a decree-law which imposes every singlemedicine unit to be traceable starting from the pro-duction lines up to the pharmacy desk (through allthe intermediate distributors). Other technologieshave been considered to be more expensive thanRFID.
A useful way to exploit RFID potentiality inhealthcare could be that of providing European cit-izens with an RFID card containing medical infor-mation (blood group, allergies, etc). The timeneeded to acquire this information when a patiententers the emergency room or has to be immedi-ately treated after a car accident could be limited.If ambulances and hospitals use a small wand toread the card, time to help patient will be substan-tially reduced.
Work has to be done to make RFID technol-ogy better known to people. The privacy issue iscertainly a concern but when the advantages ofthe technology are clear and patients understandthat RFID can save lives there is a chance thatRFID will be more accepted. Of course this is nota problem to be solved by the technology provideror by the healthcare facilities. This knowledge isto be delivered by the government, and peoplemust know that a tag might be associated to themas a standard procedure of the healthcare service.
Not all privacy issues are deemed to be as se-rious as others. For instance, in many situations ac-cess to a secure database is required (protected bytokens and other technical means) to be able toaccess personal data of patients registered in thedatabase. The reader reads the ID registered on thetag and then accesses a database only if an autho-rised access is provided (IEEE, 2006). This ap-proach prevents unauthorised people to accessingpersonal data (except for the person’s ID numberwhich is associated to the tag).
11. R
FID
in h
ealth
care
182
Tech
nica
l Rep
ort S
erie
s
138 http://www.extremenano.com/print_article/Hospitals+Save+Costs+Time+with+Wireless+Tags/162772.aspx139 http://www.extremenano.com/article/Survey+RFID+Use+in+Hospitals+to+Rise+Despite+Obstacles/158591_1.aspx
12. RFID in the ICT sector
RFI
D te
chno
logi
es
183
Tech
nica
l Rep
ort S
erie
s
ICT is a pervasive technology with informa-tion at its core and enabling communicationprocesses anywhere, at any time with anyone(who has access). RFID is a technology, a product,and a service as well, that will become a pivotalcomponent of ICT bridging the gap between atomsand information.
By providing a unique identifier to any phys-ical object (it is foreseen that within the nextdecade any object resulting from a manufacturingprocess will be equipped with a tag as part of itsproduction process, most likely based on RFIDtechnology), and by allowing its readability at adistance, an information universe parallel to thephysical one can be defined so allowing the cre-ation of the so called “Internet of Things” (ITU,2005).
The exploitation of the RFID in its various ap-plication fields, as already shown in other deliver-ables and in the literature, will create a significantexplosion of IT platforms and basic applications(from main companies such as SAP, IBM, HP,Google, Amazon, WalMart, BT, Telecom Italia…).
The features provided by these platforms andapplications – although leveraging on the RFIDcharacteristics – are quite open to support any kindof identification technology. This will result in abooming of other identification systems, in theirconnection to these platforms and through themto the virtual world of the Internet of things.
BioIdentification (by proximity, by markers, ata distance through image recognition) will bringhuman beings into this universe (with related pri-vacy concerns as well as the possibility to use ad-vanced services). Soft tagging, associated toinformation (tags on software and on bits) willbring content into this universe. This content willbe produced by the service providers but also, andeven more importantly, by every individual.
Short Range bi-directional wireless transmis-sion, the new NFC, will revolutionize our every-day life and will lead to using cellular phones notonly for making phone calls but also for booking
tickets for the theatre, for paying buses and park-ing, for sharing information and so on.
Having this in mind this document aims at de-scribing some case studies related to RFID applica-tions in the ICT world, although this will be by nomeans exhaustive. Basically any application ofRFID (and functionally similar techniques) is inter-twined with ICT. Therefore only a few examplesare hereafter reported.
Some of the results presented in this docu-ment are taken from a study carried out by the Po-litecnico di Milano, Department of ManagingEngineering, published in June 2006 (Politecnicodi Milano, 2006). Case study examples are alsotaken from the IDTechEx Knowledgebase to whichwe had access during the course of the project.
12.1. Description of cases
Among the various application cases thatcould be mentioned related to RFID in the ICT area,we have selected the following examples: RFIDused to monitor ICT assets such as data servers (sec-tion 12.1.1), cellular phones equipped with RFIDcapabilities (section 12.1.2) and DRM/PRM (section12.1.3). In the following these are described andanalysed aiming at highlighting issues consideredto be important in the European perspective.
In particular, actions needed to accelerate theexploitation of the resulting information infrastruc-ture built by the RFID will be indicated as well asways to shepherd evolution in such a way that theadoption of RFID by individual players does notcreate disjointed subsets that would not allow ex-ploitation.
12.1.1. RFID for asset management
Many companies are starting to explore waysto manage and track assets in the ICT departmentin order to optimize professional work. Among thework-related problems is that of having updatedphysical configuration information always avail-
able as well as the possibility to access updated in-formation remotely so avoiding professionals’ tripsto the IT department just for the sake of checkingthat everything is on place.
RFID technology allows to automatically storeand access all the information needed related toIT assets. It has been used by HP for the monitor-ing of its own data centres and now, once engi-neered, it is being sold to external companies.Some departments of Telecom Italia are also plan-ning to implement a similar solution to keep trackof the switching office modules.
Data center asset tracking (Palo Alto, USA)140
Hewlett-Packard announced that it has com-pleted a successful test using radio-frequency iden-tification to track servers in the data centre ofMeijer, a supermarket chain with almost 200 retailand grocery stores. The HP solution was able tomaintain an up-to-date configuration of all thehundreds of company’s servers knowing whencomputers were moved from one location to an-other even within the same rack. The technologythat HP used was then able to create a high-reso-lution view of devices in the data centre and pro-vide historical information related to additions orchanges of servers or other assets.
Modern data centres are built with hundredsof computing modules that can be easily substi-tuted in case of failure as if they were drawers in acabinet. The personnel that perform these opera-tions should take care of recording each operationbut, under pressure, the control is not optimal andthe inventory and tracking of these modules be-comes a nightmare. If the data centre is capable ofautomatically knowing which modules are slottedin which rack, then every movement can berecorded in configuration management systems.
This allows for a greater control over the ICTassets. In addition to automatic inventory, mainte-nance operations can be logged for each specificmodule identifiable with the tag. When a fault oc-curs in the rack, , it is possible to check for previ-ous maintenance operations by knowing exactly
which modules are in the rack and to easily spotthe problem.
12.1.2. RFID in mobile phones
Mobile phone companies have started toequip cellular phones with the necessary technol-ogy to allow several types of payments141. Industryanalysts predict that there will be almost 40 mil-lion contactless payment devices in use in the USby the end of 2006.
According to the information collected byIDTechEx, presented in Table 12-1, the number ofcases only related to service payments (up to Sep-tember 2006), divided by region, are:
Table 12-1: Distribution of RFID casesover worldwide region142
Region Number of cases
Europe 13
USA and Canada 29
Australia 1
South East Asia, Japan 28
Applications that have started to become pop-ular in Europe are those used within closed circuit;for example to pay drinks or services within re-sorts, or fitness centres, or for paying services (pho-tocopies) in the library. Also payments onhighways are considered within this area. Here-after a few examples will be described.
When speaking of RFID applied and usedthrough mobile phones, it is necessary to speak ofNear Field Communication technology (see chap-ter 5.1 and 5.2). Jointly developed by Philips andSony, NFC is a combination of contactless identi-fication and interconnection technologies that en-ables wireless short-range communicationbetween mobile devices, consumer electronics,PCs and smart objects.143
An NFC device can work under both activeand passive mode. For active mode it acts as areader and generates its own radio frequencyfield to identify and read smart card and tag
12. R
FID
in th
e IC
T se
ctor
184
Tech
nica
l Rep
ort S
erie
s
140 http://www.eweek.com/article2/0,1895,2035266,00.asp141 http://www.tml.tkk.fi/Opinnot/T-109.551/2005/reports/RFID.doc142 Source IDTechEx knowledge database143 A brief description of NFC technology can be found in section 4.2.2.
while for passive mode it emulates a card or tagto be read.
To drive development and adoption of NFC,Philips, Sony and Nokia established the NFC Forum,a non-profit industry association which promotesimplementation and standardization of NFC tech-nology to ensure interoperability between devicesand services. The NFC Forum has currently morethan 50 members around the globe including Mas-terCard International, Matsushita Electronic Indus-trial Co, Ltd, (Panasonic), Microsoft, Motorola, NECCorporation, Renesas Technology Corp., Samsung,Texas Instruments and Visa International.
A number of trials around the world havebeen carried out to test NFC technology, also fromthe perspective of the user. It looks like the usersare very positive: the idea of using the telephonealso for many other functions seems well acceptedby those who have tried it.144 According to ana-lysts AC-Nielson, for example, mobile payment isone of the most welcomed emerging mobile ap-plications in China where over 80% of consumersare interested in the functional integration of citytransportation cards and bank payment cards intoa mobile phone.
CocaCola contactless payment (USA, Japan)
On the 27th of June 2006 the Philadelphia Co-caCola Bottling Co, Master Card and USA tech-nologies have decided to team together in order toequip 1000 CocaCola vending machines with pay-less terminals able to read RFID-enabled paymentdevices145. The payment terminals are the Gener-ation Six (G6) e-Port terminals produced by USATechnologies. G6 terminal and access to the USATechnologies payment network will cost toPhiladelphia Coca-Cola Bottling a monthly serv-ice fee of $140 each, plus a processing fee for eachpurchase made at each machine regardless ofwhether a mag-stripe or RFID card is used to makethe payment. Consumers only need to put theirMaster Card PayPass-enabled card on the paymentterminal to purchase the drink (see Figure 12-1).
Coca Cola Japan has planned to deploy 1000CMOD2 vending machine by the end of the yearand equipe 20% of their one million vending ma-
chines in Japan by 2008. The CMOD2 vendingmachines accept RFID-chipped wallet-phonespayments and also collect data to be used by thecompany for CRM services. Machine can also bedynamically programmed to charge less in case ofspecial offers.
Figure 12-1: CocaCola RIFD equipped au-tomate, ready for NFC use
Nokia and Philips in NFC mobile phone trial(Xiamen City, China)146
Philips has launched China’s first near fieldcommunication (NFC) trial together with Nokia,China Mobile’s Xiamen Office and Xiamen e-Tong Card. The same type of commercial trialshave already been completed successfully in theU.S.A., Germany, and Malaysia. Objective of thetrial is to provide customers with secure elec-tronic payments in restaurants, transportationbuses, ferryboats, movie theatre or conveniencestore that accepts the Xiamen e-Tong card (con-tactless transportation card already used by800,000 people).
Trial participants can conduct transactionswith the swipe of their NFC equipped mobilephones (Nokia 3220) and, in addition to the stan-dard E-Tong Card function, consumers can checktheir card balance and the last nine transactionrecords on their mobile phone display, access abuilt-in, WAP-based website to find out stores andvenues that accept E-Tong Card. For all these rea-sons and for being perceived as a fashionable pay-ment instrument, the NFC mobile phone has beenwell accepted by the trial participants who gave apositive impression.
RFI
D te
chno
logi
es
185
Tech
nica
l Rep
ort S
erie
s
144 http://corporate.visa.com/md/nr/press291.jsp145 http://www.usatech.com/company_info/news/usa_2006_06_27.php146 http://www.nokia.com/A4136002?newsid=1060346
NFC technology is compatible with currentcontactless smart card infrastructure, so there is noneed for significant upfront investment on NFCtechnology.
NTT DoCoMo Mobile Wallet (Japan)
As of the 1st of April 2005 about 20,000 storesin Japan offer mobile wallet services: NTT Do-CoMo already launched in 2004 new cellularmodels equipped with RFID Felica (by Sony) toprovide this type of service. In May 2005 they an-nounced the development of the 3G FOMA®901iS series, five handsets equipped for mobile-wallet e-money, ticketing and other handy mobilesmart-card functions.
The 901iS phones are equipped with securityfeatures that allow the phone to be blocked re-motely by the owner. This series of handsets is ex-pected to further boost the popularity of handsetsequipped with FeliCa® IC card technology, whichhave sold more than 3.34 million units to date.
JTON MobiWallet(worldwide)147
The solution proposed by JTON, see Figure12-2, consists of a combination of the SIM cardcontained in any cellular phone with a refillableRFID debit card. Normally in other solutions (seeprevious section on the NTT DoCoMo MobileWallet) the debit is done through the telephone billtied to a specific telephone number; in this casethe mechanism works differently. The RFID card isused to pay and a minimum amount of money isalways to be maintained in the card. The cellularis in charge to keep this amount always available.Once the money is spent, the cellular phone is incharge of recharging automatically the card (withthe pre-configured amount of refill) without anyintervention from the owner of the phone.
Figure 12-2: Functionalities of JTON Mo-bile Wallet
Services accessible through NFC mobilephone (city of Caen, France)148
In the city of Caen a pilot has been carried outin order to test Philips semiconductor NFC chipsapplied to the Samsung D500 mobile phone. 200people were supposed to use services accessiblethrough the Samsung mobile phone and try RFID-enabled services. The services, developed byFrance Telecom’s R&D include safe payments atshops (at the Galeries Lafayette, and other mainstores in the centre of Caen) as well as parking. Tomake a purchase the customer simply waves thetelephone in front of the shop terminal once thecashier has activated the reader.
Using the mobile terminal in its reader modeit was also possible to access tourist informationin the historical part of the town as well as to getpractical information such as the bus time tableand film trailers.
Wine bottles tagging (Arnaldo Caprai Smart-Corq, Italy)149
A totally different application using RFIDtechnology is the one carried out by the wine-maker Arnaldo Caprai. The pilot consists in usingspecial polymer corks for wine bottles (Sangiovesedi Montafalco) equipped with 13.56 MHz Philipstransponders containing information (in the 1024bit memory capacity) about the wine. Clients mayvisualize the information about the wine by usingRFID readers such as those contained in mobilephones. There are still some problems at the mo-ment, related to the bottling of the wine whichmay damage the transponder in the cork.
12. R
FID
in th
e IC
T se
ctor
186
Tech
nica
l Rep
ort S
erie
s
147 http://www.jtonsys.com/148 http://www.rfidjournal.com/article/articleview/1943/1/1/149 Only references in Italian: http://www.contemporare.it/home.htm
12.1.3. RFID for DRM (Digital RightsManagement) and PRM (PropertyRights Management)
The problems related to digital rights protec-tion over produced content, software, services andproducts are starting to be addressed by usingRFID technology. Motion Picture Association ofAmerica estimates the money loss of US movie in-dustry due to piracy at $3 billion annually (world-wide revenue).
Many companies consider the placement oftags on material to prevent unauthorized access asone possibility to protect their revenues. The issueis however not easily solved: the more compli-cated it becomes to make content legitimately ac-cessible, due to protection procedures, the moremotivated are people to crack the systems.
Another associated problem is considereddangerous by some field experts. RFID technologycan be used for protecting products (PropertyRights Management) so to be sure that products ofa specific brand only function if equipped withoriginal suppliers. An example is EM Microelec-tronic which plans to introduce RFID-enabled car-tridges able to communicate identities andparameters to the printer in order to re-configurethe printer accordingly.150
This mechanisms may be useful but – if notwell regulated – run the risk that consumers buyinga specific product suffer lock-in by a specific com-pany forcing them to buy the whole set of acces-sories produced by the same company.151 This couldin principle lead to the situation in which we haveto use a specific detergent in our washing machines;otherwise the machine will not wash our clothes.
DVD piracy protection (UCLA, USA)152
UCLA’s Wireless Internet for the Mobile En-terprise Consortium (WINMEC), a research groupbased at UCLA, is working on a project, RF-DVD,aiming at developing software and hardware com-
ponents for the digital right management ofDVDs.153
The system, which is at the moment in a pro-totyping status, would embed DVDs with an RFIDtag and DVD players with an RFID reader so thatthe tagged DVDs would play only in RFID-en-abled players and only if the reader could authen-ticate the DVD’s tag. In order to authenticate, theplayer would also need to link to some type of on-line network, similar to the EPCglobal Network,that would associate the DVD with a legal sale.
12.2. Drivers and barriers: lessons tolearn for Europe
According to ABI research, there has been animportant growth in the diffusion of RFID inte-grated circuits mainly due to contactless paymentservices, personal identification documents and soon: more than 565 million RFID integrated circuitswere shipped in 2005154 and the trend is not goingto stop.155
We have not met strong barriers in the use ofRFID tags in cellulars, either. RFID tagged cel-lullars are in general perceived by customers as anextension of the functionalities available in themobile phone; customers do not react negativelyto this asset in contrast to their reaction when dis-cussing tagging people and therefore accessing totheir personal private data. Contactless paymentsmade possible by associating RFID to cards or mo-bile phones are nevertheless perceived by somecustomers risky since it may look like paymentscould be activated from a distance without the di-rect intervention of the owner of the card or mo-bile phone.156 Even if this may seem a possiblebarrier for the diffusion of such a service, the tech-nical approach might offer a starting point into ex-plaining how the charging mechanism will allowan even more secure transaction.
On the other side the added value of havinga device that enables people to make payments,
RFI
D te
chno
logi
es
187
Tech
nica
l Rep
ort S
erie
s
150 http://www.emmicroelectronic.com/DetailNews.asp?IdNews=106 151 http://www.freedom-to-tinker.com/?p=1052 152 http://www.wireless.ucla.edu/rfid/research/153 http://www.rfidjournal.com/article/articleview/1589154 http://www.vnunet.com/vnunet/news/2163160/565-million-rfid-tags-shipped155 http://www.mtbeurope.info/content/ft608001.htm156 http://www.morerfid.com/details.php?subdetail=Report&action=details&report_id=1578&display=RFID
access theatres and cinema tickets or store an elec-tronic flight boarding pass, may help in promotingthe widespread diffusion of these applications.
European level action may be instrumental inthis area, by promoting a secure environment forsharing information, and drafting regulation to dis-close certain types of information that eventuallywould make the disclosure of production datamore cost effective. In this area there is a mixtureof ICT-related technology issues and the regulatoryenvironment.
Proactive initiatives to explain to the publicthe benefits, and substantiating them, are most im-portant to win the hearts of the consumers so thatthey can become a driving force towards the man-ufacturers to deliver information rich products. Asfar as DRM issues are concerned the problem isdelicate: rights have to be protected but produc-ers should be aware that complicated proceduresmight have the adverse effect consumers may beare encouraged not to follow the legal way andprefer the way of “buying” an unauthorised copyinstead. Offering services at modest prices mightbe a better inroad to convincing consumers to be-have legally than pricing the content. People areconcerned about DRM and about PRM aboveall157 since the freedom of buying our preferredproducts starts being threaten.
Europe is, and rightly so, very concerned onprivacy and ownership issues, but should not losesight from exclusion issues either. The former arethe ones that can slow the evolution of servicesand adoption, the latter is the one that may swingbiz one side of the Ocean or the other.
Google founders have declared in a meetingwith investors in 2006 that they see their companyas leading to dominate in Internet of Things interms of searching capabilities. However thismight be an understatement: whoever is going tocontrol, or have pervasive visibility on this virtualuniverse will also have a platform that can be of-fered (at a price) to all businesses.
This scenario has to be seen under two oppo-site but colliding views.
The Google objective, if fulfilled, will lead toa situation where who has visibility, control and
capability to offer services based on that virtualworld will have a tremendous leverage on themarket. In this situation it will be very probablethat dominant parties (not just Google but also an-other few who will have managed to establish aset of indexing services) can lead to a lock-in ofthe market (the value proposition is so strong thatthe market will naturally tend to stay with theseleaders).
At the same time we can expect that thoseenterprises, specially the smaller ones, that do nothave the process capabilities and IT support to cre-ate products with an effective embedding of RFID(or functionally similar identification device) willnot be able to become part of the virtual universeand since more and more business will be playedat that level (to turn to the physical one only at theend of the value chain) these players will be emar-ginated from the global market.
A parallel issue is the one of fostering individ-ual business and enterprises to adopt the specifictechnology that best suits their needs but, at thesame time, to stimulate development of cross plat-form interoperability and the availability of termi-nals able to access the different technology sinceat the European level significant gains can only bemade through a common reference environmentwhere all goods and services can be indexed.
The availability of services leveraging on in-formation provided by or pointed to RFID and thepossibility of embedding them into proprietary of-fering ensuring the sharing of ownership rights(and related revenue) can prove a strong motiva-tion for companies to adhere to open interfaces,and to enable other companies to access propri-etary information made available through theseopen interfaces.
Examples supporting the soundness of this ap-proach abound. Many products today, be it fromMicrosoft or Adobe, SAP (to a limited extent) orApple/Nokia, open up their information interfacesto let other parties develop value added services.This in turns creates a higher value perception byend users who will flock onto adopting that prod-uct as much for the product itself as for the constel-lation of goodies that can be associated to it byaccessing the supporting platforms.
12. R
FID
in th
e IC
T se
ctor
188
Tech
nica
l Rep
ort S
erie
s
157 http://www.freedom-to-tinker.com/?p=1052
13. RFID in identity cards
RFI
D te
chno
logi
es
189
Tech
nica
l Rep
ort S
erie
s
The application of RFID in identity cards hasto be analysed in relation to overall discussionsaround identity management. There has alwaysbeen a demand for identity management. In thepast, various techniques have been used to verifythe identity of an individual in relation to specificactions, transactions, events or other purposes.Also the use of a biometric identification is notnew. It has been used in history already for a verylong time.
So, what is new in the discussion on RFID inidentity cards then? New is the increasingly per-vasive nature of identity management in our mod-ern society and the motivations behind theapplication of these new forms of identity manage-ment. Also the fact that the technology is new andis not fully worked out in all its aspects raises prob-lems.
On the one hand we have the discussion onthe user benefits of identity management. Becausethis discussion is partly fed by those who have avested interest in developing, implementing andmaintaining applications, it is necessary to criti-cally analyse the arguments which are used in thisdiscussion.
On the other hand there are claims about de-feating terrorism and organised crime. The terror-ist events on 11th of September have of coursebrought this aspect to the foreground, but at thesame time we should perhaps be realistic and seewhether or not the claims are too ambitious.
Looking at the main actors in the debate, apush in the direction of the widespread introduc-tion of identity management and identity manage-ment applications can be noted both from thepolitical and the commercial sector. But also con-sumer privacy protection organisations play an im-portant role here; some of the large consumerprivacy protection organisations in Europe and theUSA put large question marks on the necessity ofthe large scale introduction of identity manage-ment or at least on the conditions of implementingthese identity management applications. Theyconsider the wide scale introduction of identity
management as a threat for vested democratic val-ues in our society like person identity, personalfreedom, privacy and protection against the mis-use of information.
The application of RFID in identity cardsshould be placed in the context of the aforemen-tioned discussion in order to understand the wholepicture.
In this report we will describe initiativesaround the introduction of RFID in identity cards.The main issue here is the introduction of RFIDand biometrics in the electronic passport. We willdescribe the actual developments in Europe andthe USA. But we will also look at the applicationof RFID in other kinds of identity cards, like con-sumer fidelity cards.
We will start with presenting an overview ofRFID in identity cards (section 13.1), followed bya detailed description of the application of RFIDin e-passports (section 13.2). Next we will describethe state-of-the-art of the development of RFID ap-plications in the e-passport and other ID-cards inthe USA (section 13.2.4), followed by a descrip-tion of the situation in Europe (section 13.3). Wehave chosen this sequence of description becauseof two reasons:
Development of an e-passport has becometop priority in the USA in late 2001, and hence inthe past five years a lot of experience has beenbuilt in the USA around the development of an e-passport;
The Visa Waver Program of the USA has a di-rect influence on the development of the e-pass-port in Europe.
13.1. Overview of RFID in identitycards
13.1.1. Analysis of cases
Table 13-1 presents an overview of caseswithin the IDTechEX database in relation to the ap-
plication of RFID in identity cards managementand divided per continent. The main applicationof RFID in identity management is in the e-pass-port.
But also all kind of other identity documentsmay include RFID-applications, i.e. national ID-cards or ID-cards which are used by large organi-sations i.e. NASA, governmental departments,
multinationals, universities etc. In general these
ID-cards also permit access to buildings or facili-
ties of these organisations. A few cases are dealing
with RFID in drivers licenses. There are a lot of
small access control applications with RFID (i.e.
for access to company buildings, sport clubs etc.)
but no such cases are described in the IDTechEX
database.
13. R
FID
in id
entit
y ca
rds
190
Tech
nica
l Rep
ort S
erie
s
158 Source: IDTechEx, 2006
Table 13-1: Applications domains for RFID in identity cards.158
Domain America Europe Asia Africa Australia TOTAL
E-Passport 2 12 6 1 1 22
National ID-cards 0 1 2 1 0 4
ID-cards 6 0 1 0 0 7
Drivers license 1 0 1 0 0 2
Access control 3 3 0 0 0 6
TOTAL 12 16 10 2 1 41
In every continent, cases were identified, butmost cases came from the USA and Europe. A lotof the cases in Europe are related to the introduc-tion of national e-passports. The cases in the USAand Canada are related to the introduction ofcountry-wide e-passports, but a number of casesalso have to do with the introduction of RFID inother ID-cards.
The cases in the IDTechEx database do not in-clude all the activities on RFID applications whichare going on in the various continents, but thenumber of cases gives a fair representation of ac-tivities in this area.
Some of the cases describe planned RFID-ap-plications (2), others describe pilots or trials (5),some of the RFID-applications are ordered (10)and most of them are already rolled-out (18). Wecould not identify the actual status of the RFID-ap-plication in six cases.
In as far as it is known from the case descrip-tions all the RFID-tags used in the cases belong tothe group of High Frequency tags (13.56 MHz). Allthe applied tags are also passive tags. Another ob-servation is that most of the tags are able to bothread and write. The distance range for sending andreceiving information is mostly a few centimetres,according to ISO 14443 or ISO proximity.
13.1.2. Contact versus contactless cards
In the overall discussion on identity manage-ment a main issue is the discussion on the use ofcontact versus contactless cards. Card identity sys-tems can be considered as a simple facility to in-crease security and efficiency. Card identitysystems can be used for physical and logical ac-cess control, but also other functions could be in-cluded in such systems such as:
• employee and visitor identification
• time and attendance registration
• micro-payments
Various smart card systems exist for identitymanagement. Smart cards are small and tamper-resistant. They hold, transmit and encrypt massiveamounts of data. And they fit neatly within the sur-face of a digital ID card.
In an age with increasing security threats anddata-transmission privacy requirements, smartcard hardware, software, systems and solutions arefast emerging as the preferred technologies and ap-plications around the world. The InternationalCard Marketing Association states that the smartcard market is growing at an annual rate of 28%.
A primary distinction between types of smartcards is whether they are “contact” or “contact-
less”. When using a contact card, the cardholderswipes or inserts the card into a card reader. Wheninserted properly, a metallic pad or contact plateon the smart card aligns with the electronic con-tacts inside the reader, where data is transferred.In contrast, contactless card systems updatethrough antennas located in the smart card and thereader without physical contact.
Maintenance costs of contactless cards arelower since the components can be shielded in aprotective casing, and the reader and cards aretherefore not subject to wear and tear caused byfriction when inserting the card into the reader.This allows operations in harsh environments andlonger lifespan. Additionally, the cards can varywidely in sizes and shapes such as key chains,tags, stickers and wristwatches.
13.1.3. Various types of ID-cards
Powerful technologies are used nowadays toconverge and transform the efficiency, functional-ity and security of ID-cards. This generates a num-ber of new types of ID-cards:
• RFID cards This technology brings keyless convenienceto physical access control security systems.RFID cards use an internal antenna thatcardholders wave within a few inches of areader to be granted or denied access.
• “Combi” proximity cardsThese cards integrate photo ID, proximity,magnetic stripe and even smart card tech-nology into a single card, eliminating theneed to carry multiple cards for differentpurposes.
• Hybrid smart cardsA hybrid smart card has two chips embed-ded into a card’s surface — one contact andone contactless — each with its own inter-face. This effectively doubles the function-ality and security of every card issued.
• “Combi” smart cardsCombi smart cards allow a single smartchip to securely interface with both contactand contactless readers. The Smart Card Al-liance forecasts that the transportation andbanking industries will adopt this technol-ogy first.
• Optical laser cardsThese cutting-edge cards transform CD-ROM technology into a credit card form,capable of securely storing megabytes ofpersonal information. For example, a pa-tient ID could hold an image, healthcarehistory, vaccination record, X-rays andmore.
13.2. RFID in e-passports
Major initiatives by European and Americangovernments aim to fuse RFID and biometric tech-nologies in a new generation of identity cards, andthe main application is in next generation pass-ports, sometimes called e-passports.
The next generation of passports are supposedto contain personal information and some biomet-ric data in digital form. This information can rangefrom names over passport photographs to iris at-tributes and fingerprints. All this information is tobe accommodated in a chip, which is then embed-ded in a RFID tag into the passport. This informa-tion stored on the RFID tag can later be read out bya reader, for example in airports to gain accesscontrol to security relevant areas.
In combination the RFID and biometric tech-nologies promise to reduce fraud, easy identitychecks, and enhance security. At the same time thecombination of these technologies raises newrisks, because they might have far reaching privacyand security implications.
13.2.1 Goals of e-passports
The goal of the e-passport is to provide strongauthentication through documents that unmistak-ably identify their bearers. Therefore it is not onlyimportant to take care that the document is resist-ant to tampering, but also to take care of data in-tegrity. So both data integrity and physical integrityare vital to the security of passports as authentica-tors and strong authenticated document.
Protecting e-Passport data against unautho-rized access is a crucial part of the security of theentire identification system. Data confidentiality,i.e. secrecy of data stored on e-passports, is alsocritical. Protecting biometric and biographical datais essential to the value and integrity of an authen-
RFI
D te
chno
logi
es
191
Tech
nica
l Rep
ort S
erie
s
tication system. In particular, data secrecy needsan important form of protection against forgeryand hacking. So the question emerges how we canpermanently protect these highly privacy-sensitivedata against unauthorized access and data tamper-ing, because, if no protection of this personal infor-mation exists, it will be very easy to scan thosesensitive data with a (portable) reader. Any kind ofdata, which is stored on a RFID tag, is to be con-sidered either as publicly accessible or must beprovided with access control, no matter in whichconcrete form.
Therefore, RFID tags in e-passports have to beprotected against any obtrusive attack or any at-tempt to track the bearer of the e-passport.
13.2.2. Security and privacy threats to e-passports
What are the threats of the RFID applicationin e-passports in view of the security and privacyaspects?
Molnar (2005) gives a detailed overview ofthe main security and privacy threats to e-pass-ports:
1. Clandestine scanning
It is well known that RFID tags are subject toclandestine scanning. Baseline ICAO guide-lines159 do not require authenticated or en-crypted communications between passportsand readers. Consequently, an unprotected e-passport chip is subject to clandestine scan-ning, with attendant leakage of sensitivepersonal information, including date of birthand place of birth.
2. Clandestine tracking
The standard for e-passport RFID chips (ISO14443) stipulates the emission (without authen-
tication) of a chip ID on protocol initiation. Ifthis ID is different for every passport, it couldenable tracking the movements of the passportholder by unauthorized parties.
Tracking is possible even if the data on the chipcannot be read. The ICAO Active Authentica-tion feature enables also tracking even whenused with public key cryptosystems, like RSA160
or Rabin-Williams signatures.161
3. Skimming and cloning
Baseline ICAO regulations require digital sig-natures on e-passport data. In principle, suchsignatures allow the reader to verify that thedata came from the correct passport-issuing au-thority. The digital signatures used in the base-line ICAO standard do not, however, bind thedata to a particular passport or chip, so theyoffer no defence against passport cloning.
4. Eavesdropping
“Faraday cages” are an often discussed coun-termeasure to clandestine RFID scanning. In ane-passport, a Faraday cage would take the formof metallic material in the cover or holder thatprevents the penetration of RFID signals. Pass-ports equipped with Faraday cages would besubject to scanning only when expresslyopened by their holders, and would seem infirst instance to allay most privacy concerns.Faraday cages, however, do not prevent eaves-dropping on legitimate passport-to-reader com-munications, like those taking place in airports.Eavesdropping is particularly problematic forthree reasons.
- Function creep: As envisioned in the ICAOguidelines, e-passports will likely see use notjust in airports, but in new areas like e-com-merce; thus eavesdropping will be possible ina variety of circumstances.
13. R
FID
in id
entit
y ca
rds
192
Tech
nica
l Rep
ort S
erie
s
159 See http:// www.icao.int/fsix/regulations.cfm160 RSA is a public-key encryption technology developed by RSA Data Security, Inc. The acronym stands for Rivest, Shamir, and Adelman,
the inventors of the technique. The RSA algorithm is based on the fact that there is no efficient way to factor very large numbers. Deduc-ing an RSA key, therefore, requires an extraordinary amount of computer processing power and time. The RSA algorithm has become thede facto standard for industrial-strength encryption, especially for data sent over the Internet. It is built into many software products, in-cluding Microsoft Internet Explorer. The technology is so powerful that the US government has restricted exporting it to foreign countries.
161 The Rabin-Williams signature is an example of a Rabin cryptosystem, which is an asymmetric cryptographic technique, whose security,like that of RSA, is related to the difficulty of factorization. However the Rabin cryptosystem has the advantage that the problem on whichit relies has been proved to be as hard as integer factorization, which is not currently known to be true of the RSA problem. As with allasymmetric cryptosystems, the Rabin system uses both a public and a private key. The public key is necessary for later decoding and canbe published, while the private key must be possessed only by the sender of the message. The process was published in January 1979 byMichael O. Rabin.
- Feasibility: Unlike clandestine scanning,eavesdropping may be feasible at a longerdistance, given that eavesdropping is a pas-sive operation.
- Detection difficulty: As it is purely passive anddoes not involve signal emission by the owner,eavesdropping is difficult to detect (unlikeclandestine scanning).
5. Biometric data-leakage
Among other data, e-passports will includedigital photos. In accordance with the ICAOstandard, these will initially be digitized full-face picture, although some countries also usefingerprints. These images would not need tobe secret to support authentication if the phys-ical environment were strictly controlled. Ex-isting and proposed deployments ofe-passports, however, will facilitate automa-tion, and therefore a weakening of humanoversight. This makes secrecy of biometricdata important.
6. Cryptographic weaknesses
ICAO guidelines include an optional mecha-nism called “Basic Access Control” (BAC) forauthenticating and encrypting passport-to-reader communications. The idea is that areader initially makes optical contact with apassport, and scans the date of issue of thepassport, date of birth of the owner of the pass-port, and the passport number to derive a cryp-tographic key K with two functions:
- The key K allows the passport to establish thatit is talking to a legitimate reader before re-leasing RFID tag information.
- The key K is used to encrypt all data transmit-ted between the passport and the reader.Once a reader knows the key K, however,there is no mechanism for revoking access. Apassport holder travelling to a foreign countrygives that country’s Customs agents the abil-ity to scan his or her passport in perpetuity.
A general cryptographic weakness is the use oftoo short keys or keys which are issues in struc-tured series or which are interrelated in oneway or another. For this reason it was possiblei.e. to crack Dutch passports in about 2 hours.
13.2.3. Safeguard solutions for threats ofprivacy misuse
Apparent solutions for the threat of privacyseem to be found in the encryption of the contentwhich is stored on the tags. Strong encryption pro-cedures can provide reliable protection againsteavesdropping.
The effectiveness of cryptography is basedupon its key bits length. However, further researchon hacking has revealed that the cryptographicprotection afforded by a RFID device is not com-pletely satisfactory. Therefore three instances of theencryption approach have been proposed whichare more suited for protection. These approachesare: the hash-lock method, the re-encryptionmethod (in several forms) and silent tree-walking.However, there are severe cost complaints in rela-tion to the application of these methods.
Hash-Lock
In this approach a tag may be ‘locked’ so thatit refuses to reveal its ID until it is ‘unlocked’. Insuch a situation it is necessary for a reader to querya tag to find its meta-ID, so that the reader knowshow to unlock the tag.
Of course it is still possible in such a situationto track the tags via their meta-IDs.
The Faraday Cage approach
A solution to prevent skimming is to put a sortof shielding material on the passport front cover.This front cover contains an anti-skimming mate-rial that blocks the radio waves that could pick upthe data. This shielding material is based on theFaraday cage principle and makes the e-passportRFID tag unreadable as long as its cover is closedor nearly closed.
In combination with other prevention meth-ods, i.e. access control lists, this approach couldbe a good solution for preventing the tracking of aperson and eavesdropping for the communicationbetween the reader and the tag of the e-passport.It is not a complete prevention, because a hackercould even in the short time of communication be-tween the reader and the tag access the datastream. Sometimes a solution is sought in a proce-dure, where the open e-passport should be placedon a flat reading device.
RFI
D te
chno
logi
es
193
Tech
nica
l Rep
ort S
erie
s
Shifting data to the backend
The most effective measure against an attackinvolving eavesdropping at the air interface is,however, not to store any contents on the tag it-self, but instead of this to read only the ID of thetag. The data associated with the tag are retrievedfrom a backend database. This approach offers theadditional advantages that less expensive tags canbe used and memory for the associated data in thebackend is practically unlimited and the used pro-cedures for data management and IT security canbe employed.
However, there are also some disadvantagesof this solution i.e. the existence of user’s objec-tion against a central database (because this mightbring all data under control of one body) and ofcourse also the existence of general threats of data-base hacking.
13.2.4. RFID and identity cards in theUSA
By the end of 2006 all new passports issued inthe USA are supposed to have biometric informa-tion incorporated into RFID tags. The biometricpassport is usually referred to as the ‘electronicpassport’ or ‘e-passport’
Background E-passport developments in theUSA
A high level of security became a top priorityin late 2001 for the United States. This tightenedsecurity required border control to take steps incracking down on counterfeit paper passports.
In October 2004, the production stages of thishigh-tech passport commenced as the U.S. Gov-ernment Printing Office (GPO) issued awards tothe top bidders of the programme. The awards to-talled to roughly $1 000 000 for start up, devel-opment, and testing. The driving force of theinitiative is the US Enhanced Border Security andVisa Entry Reform Act of 2002 (also known as the“Border Security Act”), which states that suchsmartcard IDs will be able to replace visas. As forforeigners travelling to the US, if they wish to enterUS visa-free under the Visa Waiver Program(VWP), they are now required to possess machine-readable passports that comply with internationalstandards. Additionally, for travellers holding a
valid passport issued on or after 26 October 2006,such a passport must be a biometric passport ifused to enter the US visa-free under the VWP.
More specifically, as part of its US-VISIT pro-gram, the US government has mandated adoptionby October 2006 of biometrically-enabled pass-ports by the twenty-seven nations in its Visa-Waiver Program, among them Japan, most of thecountries of Western Europe, and a handful oth-ers. The deadline for adoption was originally Oc-tober 2005, but this date was not feasible, mainlybecause of the concern of US citizens over privacyprotection.
The US version of the e-passport will onlyhave full-face digital image placed onto the con-tactless chip. This provides a valuable increasedlevel of security, but not as complex as the Euro-pean version (see section 13.3). However, the chipused in the US passport will be large enough (64Kbytes) to allow it to contain additional biometricidentifiers should the need arise in the future.
On January 2006 e-passport trials have startedin several US airports, including San Francisco In-ternational Airport. The US Department of Statebegan issuing biometric passports to governmentofficials and diplomats in early 2006. It began is-suing regular biometric passports at its ColoradoPassport Agency on August 14, 2006; though theystill expect that nearly all new or renewed pass-ports issued by the department to American citi-zens will be biometric by the end of 2006, othersources say this will not happen until mid-2007.
Characteristics US e-passport
The U.S. e-passports are based on guidelinesissued by the International Civil Aviation Organi-sation (ICAO), a body run by the United Nationswith a mandate for setting international passportstandards. The ICAO guidelines, detailed in ICAODocument 9303, call for incorporation of RFIDchips into passports.
Reasons for choosing RFID for this applica-tion are that it can provide better document secu-rity (passports become harder to counterfeit), it canfacilitate the inclusion of biometric data, and manyof the ICAO member countries are adopting it.One also should not forget that there was intenselobbying by the RFID smartcard industry.
13. R
FID
in id
entit
y ca
rds
194
Tech
nica
l Rep
ort S
erie
s
Initially, the only biometric data included inpassport RFID tags will be a scan of a passportphoto, but it is expected that fingerprints andother biometric data are to be added in the fu-ture. The US-VISIT program in fact requires visi-tors to provide two fingerprints images inaddition to a headshot. The ICAO standard alsoenvisions that e-passports will someday includea write capability for storage of information likedigital visas. All the e-passports which are in usenow, contain passive RFID tags, which do notallow writing to the RFID tag after the produc-tion phase.
The original specifications for the projectwere that the RFID chip contains all the data of theID page of a passport, and to be digitally signed,but not encrypted. This is one point of controversy,as many privacy advocates would prefer to see thisdata securely encrypted. The tags in passports areto conform to the ISO 14443 RFID specification,which specifies the radio frequency power and sig-nal interface (13.56 MHz) and the initialization,anti-collision, and transmission protocols to beused.
Security threats and chosen solutions
The security vulnerabilities that have raisedthe most concerns are the possibility of eavesdrop-ping and “skimming” RFID-enabled passports, thesurreptitiously reading of data off a passport in apublic place. Many people have expressed con-cern that this ability to possibly identify U.S. citi-zens in hostile countries could be a scary securityissue for Americans. This issue received muchmedia attention and caused a huge public outcry.Combined with the State Department’s realizationthat these tags could be read from greater distancesthan originally thought, the decision was made toredesign the proposed system mid-project in orderto make it less susceptible to eavesdropping andskimming.
The changes the State Department made to e-passports was to include anti-skimming materialin the new passport covers and adding some basicaccess control to the data, so that a PIN numberthat is generated from the machine-readable por-tion of the passport is required to communicatewith the RFID chip. This is considered a significantimprovement to the security of e-passports.
Opposition against the US e-passport
Privacy activists in the USA and many othercountries question and protest the lack of informa-tion about exactly what the passports’ chip willcontain, and whether it will have an impact oncivil liberties. The main problem they point out isthat data on the passports are transferred with RFIDtechnology.
On one hand this will allow ID-check comput-ers to obtain a person’s information without a phys-ical connection; on the other hand it may also allowanyone with the necessary equipment to performthe same task. If the personal information and pass-port numbers on the chip are not encrypted or if noother security measures are made, the informationmight wind up in the wrong hands.
To protect against such unauthorized reading,or “skimming”, in addition to employing encryp-tion, the U.S. has undertaken the additional stepof integrating a very thin metal mesh into the pass-port’s cover to act as a shield to make it even moredifficult (the State Department claims “nearly im-possible”) to read the passport’s chip when thepassport is closed.
However, research students from Vrije Uni-versity in the Netherlands, speaking at the August2006 Black Hat conference in Las Vegas, showedthat RFID passports can be cloned relatively easily,and can be remotely spied upon despite the radio-blocking shields included in US designs. Theyfound they could read the passports from 60 cen-timetres away if they are opened by just 1 cm,using a device which can be used to hijack radiosignals that manufacturers have touted as unread-able by anything other than proprietary scanners(Rieback, 2005).
At the same conference the German securityexpert Lukas Grunwald demonstrated that it is pos-sible to clone the information on a biometric pass-port to create a false passport using equipmentcosting less than 200 Euro.
A group of German privacy hackers havecome up with a portable device that can wipe apassive RFID-tag permanently, called the RFID-Zapper.
Additional concerns have been raised aboutthe technical feasibility of biometrics in large-scale, real-world applications.
RFI
D te
chno
logi
es
195
Tech
nica
l Rep
ort S
erie
s
13.2.5. Other Identity cards develop-ments
Another U.S. government implementation ofRFID even gets more critics from several direc-tions. The US-VISIT RFID programme is attachingRFID chips to i-94 documents, in an effort to bet-ter track when people leave the country via somemeans other than air travel. The i-94 documentdetermines how long a person is allowed to stayin the U.S.A. A person receives the i-94 docu-ment when he has entered the USA with a VISAor when the Immigration and Naturalization Ser-vice (INS) has approved his extension. However,a common way for many people to enter or toleave the country is by car and since cars arelarge metal boxes, they act as Faraday cages, andmake the reading of RFID signals very problem-atic. Unless a user in a car holds the documentup to the window, it likely won’t be read by anRFID reader. This is a pretty flawed implementa-tion of RFID, as any system that depends heavilyon users “doing the right thing” is unlikely towork well.
Another next-generation ID card slated for de-ployment in the near future in the USA is the Per-sonal Identity Verification (PIV) card. This card willserve as ID badge and access card for employeesand contractors of the federal government in theUnited States. The National Institute of Standardsand Technology (NIST) is developing a standardfor government ID cards, which is called FIPS2001. It is to be expected that the government IDcard also will include a combination of RFID andbiometrics. The biometrics of choice for PIV cardswill probably be fingerprint recognition.
The USA House of Representatives passed in2006 a bill called the Real ID Act: this seems alikely impetus for States in the USA to issue drivers’licenses containing biometrics, and probably RFIDtags as well.
The Real ID Act mandates that every stateoverhauls its driver’s license ID card system by2008. It requires real-time authentication for doc-uments such as birth certificates and Social Secu-rity cards—which would require a massiveelectronic, interoperable network—and the cre-ation of a national database to store the electronicdata gathered at the state level.
13.2.6. Serious questions in the USA con-cerning the use of RFID in e-pass-ports and National Identity Cards
In an article in eWEEK.com’s Government Cen-ter of December 15th 2006, Renee Boucher Fergu-son states that the separate initiatives put forth by theU.S. State Department and the US Department ofHomeland Security to utilize RFID in passports,identification cards and driver’s licenses are comingunder fire from various directions. Perhaps, basedon this, on December 12th 2006, two senators—aDemocrat and a Republican—said they would pro-pose legislation to repeal the Real ID Act of 2005 ifthe Department of Homeland Security does notchange the act to include more personal privacyprovisions and less of a financial burden on states.
The Emerging Applications and TechnologySubcommittee, part of the Data Privacy and In-tegrity Committee that advises DHS, toned downits harsh criticisms of RFID technology used toidentify individuals (in e-passports and PASScardID cards) in a report released Dec. 13 2006. Thereport states that “RFID, standing alone, may notbe best suited for purposes of identifying individ-uals.”, while in an earlier version it said that RFIDshould not be used at all.
On December 4th 2006, the Smart Card Al-liance, an industry group that works to foster theadoption of sensor-based technology used in alltypes of industry and consumer applications, suchas credit cards and cell phones, issued a statementurging the federal government to reconsider its useof vicinity-read RFID technology in the proposedPASScard ID card that would be used by U.S. cit-izens crossing into nearby countries. Long-rangeRFID tag technology, according to the Alliance andother industry watchers, should be used for track-ing products, not people.
In its report the Alliance listed a number ofconcerns, including a lack of security safeguards,the potential for tracking to inspire citizen distrust,the duplication of required border infrastructure toaccept this ID technology in addition to e-pass-ports, a reliance on central databases and real-timeaccess to networks to read the data stored oncards, and potential operational issues with multi-ple vicinity-read RFID tags in vehicles.
In the meantime the U.S. government hasplanned to take various measures to improve the
13. R
FID
in id
entit
y ca
rds
196
Tech
nica
l Rep
ort S
erie
s
security of various identity cards (see also section13.2.5). To prevent skimming and eavesdroppingof data from the e-passports—and likely the PASS-card and electronic driver’s license as well—thegovernment has added BAC (Basic Access Control)and a shielding material to the passport. Further-more, the RFID chip will not store any personal in-formation—it will simply store a code or numberused by a reader to call up information in a data-base. That is done in an effort to prevent skim-ming.
13.3. RFID and identity cards in EU
In summary the aims and objectives of theeID approach in Europe are:
• To provide support of eServices for the mo-bile citizen (building block for trust, secu-rity, easy access, convenience, serviceproviding only to entitled persons);
• To build a more global (including a EU) in-formation society (enhancing sense of com-munity, offering trust, making personsaware to be a –relevant- part of society byoffering a seamless e-services experience);
• To support combating of ID fraud and IDtheft;
• To support preventing illegal work and ille-gal immigration;
• To support measures of anti-terrorism andcombating organised crime.
Another issue is the extent to which Europehas to comply with US requirements, consideringthe fact that US requirements are a driver for e-passport deployment in Europe.
A declaration of European ministers was ap-proved unanimously on 24 November 2005 inManchester, UK. This declaration formulates twostatements:
• By 2010 European citizens and businessesshall be able to benefit from secure meansof electronic identification that maximiseuser convenience while respecting dataprotection regulations. Such means shall bemade available under the responsibility ofthe Member States but recognised acrossthe EU.
• By 2010 Member States will have agreed aframework for reference to and where ap-propriate the use of authenticated electronicdocuments across the EU, as appropriate interms of necessity and applicable law.
In the Communication from the Commissionon the i2010 eGovernment Action Plan, whichwas approved on 25 April 2006, the followinglegal aspects are presented:
• eGovernment has reached a critical junc-ture. Further significant progress requirescertain key enablers to be in place, particu-larly for high impact services to be effective.Among those, interoperable electronicidentity management (eIDM) for access topublic services, electronic document au-thentication and electronic archiving areconsidered critical key enablers.
• Harmonised national ID cards might be onespecific means to implement public serviceeIDM, but this is a national choice. Biomet-ric national ID cards and eIDM for publicservices are markedly different: national IDcards serve public security, for example byfacilitating integrated border managementand supporting fight against terrorism,whereas electronic identification for publicservices is intended to ease access and offerpersonalised and smarter services.
• Member States recognise the importance ofeIDM for ensuring that by 2010 European cit-izens and businesses will be able to benefitfrom secure and convenient electronic means,issued at local, regional or national levels andcomplying with data protection regulations,to identify themselves to public services intheir own or in any other Member State.
The Commission will also consider if regula-tory measures are needed for the development ofelectronic identification and authentication forpublic services.
13.3.1. European regulation
Council Regulation 2252/2004/EC (that en-tered into force on 18/01/2005) has laid downstandards for security features and biometrics inpassports and travel documents issued by theMember States.
RFI
D te
chno
logi
es
197
Tech
nica
l Rep
ort S
erie
s
The definition of minimum security standardsfor passports was introduced by a Resolution of therepresentatives of the Governments of the Mem-ber States, meeting within the Council, on 17 Oc-tober 2000. The Council Regulation upgraded thisResolution by a Community Measure in order toachieve enhanced harmonised security standardsfor passports and travel documents to protectagainst falsification. At the same time biometricidentifiers will be integrated in the passport ortravel document in order to establish a reliable linkbetween the genuine holder and the document.
The Council Regulation is limited to the har-monisation of the security features including bio-metric identifiers for the passports and traveldocuments of the Member States. The designationof the authorities and bodies authorised to haveaccess to the data contained in the storagemedium of documents is still a matter of nationallegislation, subject to any relevant provisions ofCommunity law, European Union law or interna-tional agreements.
Regulation 2252/2004 only lays down suchspecifications that are not secret. These specifica-tions need to be supplemented by specificationswhich may remain secret in order to prevent therisk of counterfeiting and falsifications. Such addi-tional technical specifications will be adopted inaccordance with Council Decision 1999/468/ECof 28 June 1999 laying down the procedures forthe exercise of implementing powers conferred onthe Commission.
In order to ensure that the information re-ferred to is not made available to more personsthan necessary, each Member State has to desig-nate no more than one body having responsibilityfor producing passports and travel documents,with Member States remaining free to change thebody, if need be. Member States communicate thename of the competent body to the Commissionand the other Member States.
Passports and travel documents must includea storage medium which shall contain a facialimage. Member States shall also include finger-prints in interoperable formats. The data shall besecured and the storage medium shall have suffi-cient capacity and capability to guarantee the in-tegrity, the authenticity and the confidentiality ofthe data.
This Regulation applies to passports and traveldocuments issued by Member States. It does notapply to identity cards issued by Member States totheir nationals or to temporary passports and traveldocuments having a validity of 12 months or less.Additional technical specifications for passportsand travel documents are established in accor-dance with the procedure referred to in Article 5(2)of the Council Regulation:
• additional security features and require-ments including enhanced anti forgery,counterfeiting and falsification standards;
• technical specifications for the storagemedium of the biometric features and theirsecurity, including prevention of unautho-rised access;
• requirements for quality and common stan-dards for the facial image and the finger-prints.
13.3.2. European biometric passports
The European version of the e-passport isplanned to have digital imaging and fingerprintscan biometrics placed on the contactless chip.This combination of the biometrics aims to createan unrivalled level of security and protectionagainst counterfeit and fraudulent identificationpapers.
In most European countries initiatives havestarted to develop so as to implement an e-pass-port. In annexes 4-6 we will give an overview ofinitiatives in a number of European countries con-cerning e-passports and ID-cards. Here we de-scribe in more detail developments in someEuropean countries.
United Kingdom
Over the last two years, the Identity and Pass-port Service (IPS) has implemented a range of newprocedures and systems to prevent identity andpassport fraud. In March 2006, it launched theBiometric Passport, and in July 2006 IPS issued themillionth biometric passport to a member of theUK public.
Currently, the British biometric passport onlyuses a digital image and not fingerprinting, how-ever this is being considered by the United King-dom Passport Service.
13. R
FID
in id
entit
y ca
rds
198
Tech
nica
l Rep
ort S
erie
s
The UK Identity and Passport Service intro-duced biometric passports to normal British appli-cants “over a period of six to nine months in 2006”for the same price as normal British passports.
Netherlands
The encryption scheme initially used to pro-tect the flow of information between the Dutchbiometric passport and a passport reader wascracked on 28 July 2005. Though it has not beenattempted in practice yet, in theory and underideal conditions some of the data exchanged wire-lessly between the passport’s built-in contactlesschip and a reader (more precisely, the one-wayflow of data from the reader to the passport) maybe picked up from up to 10 meters away. Oncecaptured and stored, the data can then be crackedin 2 hours on a PC. This is due to the Dutch pass-port numbering scheme which does not providesufficient randomness to generate a strong enoughkey to secure the exchange of information be-tween the passport and the reader.
Other passports such as the U.S. passport donot contain this flaw as they use a stronger key toencrypt the data exchange. Also, some readers pro-vide shielding for the passports while it is beingread, thus preventing signal leakage that might beintercepted by another device. Moreover, the fairlysecure and monitored environment of the passportcontrol area would make it difficult for someone toillicitly set up the sensitive equipment necessary toeavesdrop on the communication between pass-ports and readers from any significant distance.
At another occasion the E-passport was alsohacked. Specialists of the Dutch security firmRiscure have demonstrated to the public live onTV in the course of the Dutch science programNieuwslicht that it is possible to tap into the radioconnection between an official documentequipped with an RFID chip and its reader and de-crypt the data gathered within a matter of hours.
The approach by the specialists of Riscure,which they had earlier presented at the hacker con-ference “What the Hack”, is based on the fact thatthe passports issued by the Dutch authorities arenumbered serially. Moreover, as the number ofpassports issued each month is fairly constant, asimple linear relationship can be obtained betweenthe date of issue of each document and the pass-port number. This has the effect of bringing down
the effective encryption strength of the transmissionstapped into to a mere 35 bit. Taking these relation-ships into account, even an average PC in thecourse of a so-called brute-force attack will onlytake a few hours to try out all 235 possible keys.
To protect against unauthorized reading of thedata stored, the Dutch passports are equipped withso-called Basic Access Control (BAC). In case ofBAC the secret key for accessing the chip and theencrypted data transmission are numerically basedon the passport number, date of birth of its ownerand the document’s date of expiry, which have tobe read beforehand by optically scanning the doc-ument. In theory these numbers taken togethershould provide encryption strength of about 56 bit,provided they cannot be estimated fairly preciselyor even obtained from other sources.
France
Axalto, a world’s leader in microprocessorcards, announced it has supplied the electronicpart for the new e-Passports being issued inFrance. Axalto, in coordination with a group ofFrench industrial players, has worked alongsideImprimerie Nationale to meet the deploymentschedule set by the French Ministry of the Interiorfor the electronic passports designed for Frenchcitizens. Axalto will provide Imprimerie Nationalewith about two Million units in 2006.
The first electronic passports will enable pas-sengers to travel to the United States without theneed for a visa. These were first available in theHauts de Seine region and deployment was ex-tended to the rest of mainland France by the end ofMay 2006. These new travel documents feature Ax-alto’s e-passport technology: a highly secure oper-ating system with encryption algorithms that workon a contactless chip incorporated into the pass-port’s cover. In addition to the identity informationalready contained on the first page, this chip alsofeatures the passport holder’s digitized photo.
13.4. Financial institutions cards
13.4.1. Use of smartcards for contactlesspayments
The launch of contactless payments acrossNorth America has begun in earnest. American Ex-
RFI
D te
chno
logi
es
199
Tech
nica
l Rep
ort S
erie
s
press, MasterCard, and Visa have all launchedcontactless payment initiatives, with leading banksissuing millions of contactless credit and debitcards to consumers. Major retailers across the U.S.are installing contactless readers that can acceptcontactless payment and are integrated with point-of-sale (POS) systems. Research shows that con-sumers, issuers and merchants benefit from the useof contactless payments. Consumers enjoy addedconvenience, speed and ease of use, while issuersand merchants enjoy faster transaction times, in-creased spending per transaction, lower opera-tional costs and penetration into the cash paymentmarket.
The resources below were compiled by theSmart Card Alliance Contactless Payments Coun-cil to provide information on the status of the con-tactless payments in the U.S.A.
The Smart Card Alliance commissioned an in-dependent survey of consumer attitudes towardcontactless payment devices in August, 2006. Thesurvey, conducted by Javelin Strategy & Research,concluded that there is a large, untapped marketfor the use of these devices. A significant majorityof U.S. consumers are ready to adopt contactlessdevices for financial payments. Those who havealready adopted contactless payment find the con-tactless experience to be uniformly positive andexpress a high degree of confidence in the tech-nology.
According to the Smart Card Alliance adopt-ing contactless payments can be a win-win situa-tion for consumers and merchants alike. The majorfactor driving adoption and use–convenience rep-resents a benefit for both parties to the transaction.Consumers are also willing to use contactless de-vices for both low- and high-value transactionsand are open to trying contactless devices that areembedded in a wide variety of form factors.
The survey indicates that the major challengeto widespread use of contactless devices is reas-suring consumers that contactless payment is safe.However, contactless payment appears to be aneasy sell once information about it reaches theconsumer. Both education and actual use alleviateconsumer concerns about security.
Smart cards are also used for electronic pursepayment applications. In this application, thesmart card carries a stored monetary value. Card-
holders generally use these cards to replace cashin making frequent, low-value transactions. Elec-tronic purses are used for both retail payment andtransit fare payment.
13.4.2. Advantages and disadvantages ofcontactless credit cards
Contactless credit card advantages
Credit card companies are claiming the fol-lowing advantages for contactless credit cards:
• The card is faster to use. To make a pur-chase, the card owner just waves his cardover the RFID reader, waits for the accept-ance indicator - and goes on his way. Amer-ican Express, Visa and Mastercard have allagreed to waive the signature requirementfor contactless credit card transactionsunder $25.
• This technology is satisfying people in theirneed for speed (see average transactionspeeds):
- Contactless credit card transaction: 15seconds,
- Magnetic strip card transaction: 25 sec-onds,
- Cash transaction: 34 seconds.
The contactless cards use highly secure datatransmission standards.
Contactless cards make use of the most secureencryption standards practical with current tech-nology, which make it nearly impossible forthieves to steal data of the consumer.
The contactless card never transmits the cardnumber. Instead, the RFID chip within the cardcreates a unique number for the transaction; if acriminal intercepted the number, it would be use-less even if successfully decrypted.
One additional fact that is known about con-tactless cards is definitely an advantage for mer-chants – consumers may feel otherwise. In a 2004study, the average number of transactions at a re-tail location rose by about one percent, and the av-erage “spend” rose fifteen percent for allcontactless credit card users. So, it appears thatthere is a correlation between ease of use and totalspending.
13. R
FID
in id
entit
y ca
rds
200
Tech
nica
l Rep
ort S
erie
s
Contactless credit card disadvantages
The following disadvantages have been notedwith contactless credit cards:
• Contactless cards are more exposed thanregular credit cards.If a person wants to keep his credit card se-cure, he could keep it safely in an enclosedwallet or purse; thieves would have ab-solutely no way to even know if the personhas a credit card. However, a thief armedwith a suitable reader, within a near dis-tance, would be able to interrogate all ofthe cards in a person’s wallet or purse with-out his knowledge.Also, a regular credit card transaction isfairly secure; the magnetic strip is swiped atvery close range (less than a millimetre).However, a thief with a suitable readercould monitor the contactless card transac-tion while standing at the counter, or justbehind a person who carries out the trans-action.These concerns have, of course, been care-fully noted by credit card companies. TheRFID chip in the contactless credit card re-sponds to the merchant reader with aunique number used for that transactiononly; it does not simply transmit the con-sumer’s account number. This number isalso encrypted.
• It is easier to spend.Studies have demonstrated that consumerswill be more likely to spend, and will spendmore frequently, with contactless creditcards.
Privacy advocates are particularly concernedabout this technology; it is feared that having thismuch information available “in the open air” willlead inevitably to problems.
13.4.3. Concern regarding the use ofRFID in credit cards
There is a lot of concern regarding the use ofRFID in credit cards.
Civil rights groups have expressed concernsabout application of RFID technology in financialinstitutions cards. They worry people could, in the-ory, be tracked by the tags.
Others are afraid that a credit card can be de-tected if people are not using the cards and there-fore want a kind of button that can turn it off or on.They are afraid that otherwise people could wan-der around with a RFID detector looking for peo-ple with RFID-credit cards.
In a demonstration in October 2006 for ‘TheNew York Times’ security researchers easily hackeda University of Massachusetts computer scienceprofessor’s newfangled RFID credit card. In shortorder (and with his permission), a researcher work-ing with RSA Labs was able to steal the professor’sname and credit card number that was being trans-mitted in plain text — thereby poking massive holesin Visa, MasterCard and American Express’ claimsthat these card include “the highest level of encryp-tion allowed by the U.S. government.”
In a reaction to this demonstration Visa saidthat “This is an interesting technical exercise, butas a real threat to a consumer - that threat reallydoesn’t exist.”
Prof. Ted Selker, a leading professor at theMassachusetts Institute of Technology, has sug-gested using radio tags in credit cards as a kind ofvirtual signature. He said the way someone movedtheir finger over the card would alter the radiotransmission, producing a signal unique to thatperson. A person could have some gesture and thatwould be his signature. It would be like a personalhandshake.
13.5. Discussion
13.5.1. Main issues in e-passport develop-ments
e-passports are valuable to many around theworld but also raise a lot of questions. To provideenhanced security, the traditional passport is sub-ject to a far-reaching change. A main aspect is thatthe next generation passports include biometrictechnology that will further support border secu-rity goals.
Without question, biometrics in e-passportswill strengthen border security by creating moreguarantees that the person carrying a passport isthe person to whom a nation issued that passport.The biographic data, which include the bearer’s
RFI
D te
chno
logi
es
201
Tech
nica
l Rep
ort S
erie
s
digitized photo, are on an interior page, and thedata is replicated in a contactless chip implantedin the back cover. The data in the integrated circuitis checked by an inspector with an RFID reader. Ifthe data page and the chip data are not the same,the individual bearing the passport is subjected tofurther ID checks.
In the first generation of the USA e-passportthe biometric data is limited to the bearer’s photo.It is quite likely that second-generation U.S. e-passports will add iris scans.
The specifications for the new U.S. e-passportsare governed to some extent by the Enhanced Bor-der Security and Visa Entry Reform Act of 2002,which requires border entry documents to be ma-chine-readable “containing biometric identifiers”and to be in compliance with the International CivilAviation Organization standards. ICAO determinedin 2002 that facial features, fingerprints and irisrecognition are all applicable to machine-readabletravel documents. In Europe facial recognition is thepreferred biometric, the other two are additional op-tions. ICAO also selected contactless integrated cir-cuits as the best means of implementing thebiometrics data standard.
In keeping with requirements adopted byICAO and directives from the Department ofHomeland Security, the new US passports are tobe issued domestically to all applicants by the endof 2006. All 27 nations in the Visa Waiver Program(including most European countries) must issue e-passports by Oct. 26, 2006, in order for their citi-zens to be able to continue to enter the U.S.without first obtaining a visa.
Among the general parameters specified byICAO to determine the standard for biometricpassports, were the requirements that the technol-ogy had to support 32 kilobytes of storage, andthat stored data needed to be easily accessible andtransmitted quickly. As a consequence the chips inthe new e-passports will have enough memory toaccommodate additional biometric information.
Because RFID allows data to be collected in-conspicuously and at a distance, privacy and secu-rity advocates are wary of its use in e-passports.The risk will only grow with the push towards un-supervised use of biometric authentication. In re-sponse to such concerns many governments havedecided that the new e-passports have to be
equipped with “anti-skimming” technology. Oneof the solutions for this is sandwiching a metallicmesh within the front cover and spine to preventRF reads until the e-passport is opened and readat close range by an official. Also Basic AccessControl should be used to prevent unauthorizedremote reading of e-passports.
Today’s e-passport deployments are just thefirst wave of next-generation identification de-vices. E-passports may provide valuable experi-ence in how to build more secure and moreprivate identification platforms in the years tocome. Although very challenging technologicalhurdles have already been overcome in the devel-opment of the e-passport, there are still a few otherissues. Not the least of these is that the technolo-gies incorporated in the new passports do notcome cheap.
13.5.2. Issues to be solved in relation toRFID applications
The infrastructure to support RFID technologyis not yet in place globally. Issues range from inter-operability of systems to the lack of globally recog-nized standards, testing and reliability. Fourchallenges, however, stand out in relation to RFID-applications, both in general and specific in rela-tion to the application in e-passports:
First, the real-time nature of RFID data createsconcerns for privacy and security experts. Elimi-nating paperwork and removing the human ele-ment may speed goods through the supply chain,but those advances also threaten implementationof traditional laws, regulations and procedures es-tablished to maintain the flow of goods and peopleacross borders. The biggest challenges of RFIDarise from the proliferation of data, the sharing ofthe data and databases, and from the possibility ofsnooping via tapping of radio waves.
With few standards or common patterns ofbehaviour yet established on a global basis, RFIDwatchdogs suggest that the following informationpractices must be accepted in order for the tech-nology to thrive:
• Users must be warned that the technologyis in use with the intent of collecting per-sonal data limited to the purposes for whichit is collected.
13. R
FID
in id
entit
y ca
rds
202
Tech
nica
l Rep
ort S
erie
s
• Collected data is accurate, complete andtimely.
• Personal data are protected by reasonablesecurity safeguards against risk of loss,unauthorized access, destruction, use, mod-ification or disclosure.
• Users can view all information collectedabout them.
• Compliance with these guidelines is man-dated and a system is maintained to imple-ment compliance.
Second, there are no laws yet to provide war-ranty protection on systems, readers and antennaRFID products. There is little recourse for malfunc-tioning RFID equipment.
Third, and equally important, is the fact thatthere is no certification or registry recognizing ap-proved system integrators, RFID consultants andtrainers. Some companies do train on their ownequipment, but a vendor neutral solution to certi-fying providers is not yet available.
Especially because RFID technology is re-motely readable, invisible and capturing data inreal time, trust that the data are being captured andtransmitted safely and securely is essential for itsacceptance.
Finally, there is the challenge of misinforma-tion and confusion about RFID that is more per-vasive than the technology’s advocates want tobelieve. Education is essential to defusing misin-formation. RFID is a generic technology withmany possible applications, each of which has itsown benefits and limitations. Currently, however,each industry using RFID has mounted its own in-formational campaign, and the resulting con-sumer confusion is echoed in the press, thusconfounding any inherent misunderstandingsabout the technology. Establishment of recog-nized, certified courses in its fundamentals is stilla work in progress.
Acceptance of any disruptive technology —and RFID is one — takes time. We take bar-codetechnology for granted now, but it took at least 20years for it to be incorporated as a mainstay ofcommerce. RFID technology presents a similarchallenge to the way we live and work around theworld.
Price-setting of the RFID technology applica-tions is of course a main issue in relation to ac-ceptance of this technology. At least in somecountries new passports (with RFID) are more ex-pensive than classical passports (without RFID),which causes negative reactions and negativepress comments. The acceptance of e-passports,for which the users has to pay, might be hamperedby such a high price setting.
This leads to a number of overall recommen-dations for policy-issues at a European level.
• A number of fundamental questions con-cerning the use of RFID in identity manage-ment are still under discussion. One of themain questions is whether long-range RFIDtag technology should be used only fortracking products, or also for people. Thesedoubts are mainly based on the facts thatprivacy and security issues are not solvedyet to an acceptable level. Advocates ofRFID technology wave away the objections,while opponents of RFID technology em-brace every hacker demonstration in rela-tion to RFID-applications to give voice totheir opinion that the present RFID-applica-tions are not safe yet.
• Policy leaders and researchers have to findclear answers in this debate, in order tocome to final conclusions regarding the re-liability and acceptance of RFID-technologyin identity management for people.
• In this debate one should be aware of thefact that the penetration of RFID-applica-tions for the identification of people hasmade significant progress in our society anda total rejection of this technology is hardlyconceivable anymore.
• This means that everything has to be done toimprove the conditions for acceptance andadoption for this new technology in our so-ciety. One main suggestion here is in educat-ing people on the various aspects of theRFID-applications, because a large numberof people are not aware yet of the pros andcons of RFID-applications and how to han-dle with care these applications while theycan at the same time use the benefits of thisnew technology. On the other hand still a lotcan be done to improve the security of theseapplications. One concrete point here is the
RFI
D te
chno
logi
es
203
Tech
nica
l Rep
ort S
erie
s
incorporation of anti-skimming material inthe European e-passports. Many problemsmight be solved if the design and develop-ment of RFID applications in identity man-agement involved in an open dialogue allstakeholders. In this context the involvementof potential user groups in the developmentof the systems is very important. In otherwords: a user-centred design is needed. It isvery important that decision-makers createthe conditions under which such a user-cen-tred approach can be realized.
13.5.3. Need for a user-centred design
The U.S. government has spent over a billiondollars on the US-VISIT RFID program so far, and
industry experts have dismissed the effort as a veryflawed RFID implementation. The success of RFIDapplications like this that rely on human interac-tion, according to Vollmer (Volmer 2006) requiresa user-centric design, something that has beenmissing so far in the government’s work with RFID.As far as one can tell the e-passport program in theUSA has not included any user testing or privacyimpact assessments, and this is a problem.
The Real ID Act of 2005 mandates that by2008 all state-issued ID cards must contain ma-chine-readable technology with defined data ele-ments, and it is very likely that RFID will be thetechnology used. Users matter a lot in these kindsof systems and programs, and implementers anddevelopers need to keep the users firmly in mind.
13. R
FID
in id
entit
y ca
rds
204
Tech
nica
l Rep
ort S
erie
s
14. RFID in public transport
RFI
D te
chno
logi
es
205
Tech
nica
l Rep
ort S
erie
s
162 See rfid.idtechex./knowledgebase/en/breakdown.asp; visited 12 April 2006; IDTechEx warns to be cautious in interpreting the figures onface value. Not all cases are similar in scope and coverage. The market value of the cases differs considerably, ranging from a few thou-sand Euro to over a billion Euro. But overall, the table gives an idea of the relative attention that is given to RFID in the various applica-tion domains.
163 Kamerstuk 23645, nr. 119. Tweede Kamer, vergaderjaar 2005-2006.
Radio Frequency Identification is a technol-ogy that is used in a wide variety of societal set-tings. Being a technology to identify objects (orpersons related to objects) it can also be used tolocate these objects and to pass on specific iden-tifying information about these objects. One do-main of application that finds widespread use allover the world is the use of RFID in public trans-port settings. Smart labels and smart cards with anRFID chip (in the future complemented by chip-less tags) are used to give people access to buses,trams, metro’s, trains and taxis.
RFID is a promising technology for use in thepublic transport system. It enables the realisationof a more efficient and effective public transportsystem. It does so by reducing the time needed toboard a bus or a train (including the time it takesto buy a ticket), by offering additional informationto travellers (time of arrival, time of departure, de-lays in time schedules, etc.), by offering manage-ment information about the traffic patterns inpublic transport, by fighting fraudulent uses ofpublic transport (not paying for the trip), and byextending the range of services that can be offeredby public transport operators, if needed in combi-nation with other service providers.
RFID thus may contribute to modernising thepublic transport system. Many public transport op-erators are aware of the potentialities of RFID. Thenumber of pilots of RFID in public transport is highand is still growing. On the basis of a collection ofcases around RFID cases in public transport it is
possible to get a view on the distribution of RFID-pilots worldwide.
Table 9-1 presents an overview of distributionof cases within the IDTechEx database. It showsthat passenger and public transport ranks numberthree.162
The 278 case studies in passenger transportcover introduction of RFID in public transport, inairline systems, in vehicle parking systems, in ve-hicle highways, in car manufacturing, in toll roads,etc. Public transport pilots are a part of this totalnumber. From the figures presented it is difficult todetermine the precise distribution over the variouscategories. On the basis of the overview, addedwith internet search, pilots in public transport inEurope have been identified in the following cities:Clermont-Ferrand, France; Edinburgh, UK; Paris,France; Hertfordshire, UK; Nottingham, UK;Hanau, Germany; Rotterdam, the Netherlands;Swansea, Sweden; Torino, Italy. The investmentsin introducing RFID in public transport are consid-erable. Within the Netherlands, it is expected thatthe full roll-out of RFID in public transport (fore-seen for 2008) will cost over 1.5 Billion Euro.163
RFID technology used in public transportstems from a variety of ICT vendors. The chips aremainly from either Philips (the Mifare chip; ISO14443 A compatible) or Sony (the FeliCa chip, alsoISO 14443 A compatible). Table 14-1 presents anoverview of the use of the Sony FeliCa card in anumber of Asian public transport systems.
Table 14-1: Distribution of Sony FeliCa card in public transport in Asia164
Place # of cards Start Application domains
Hong Kong 12 Million 1997 Public transport, e-Purse, e-Identification
Singapore 8 Million April 2002 Public transport (“EZ-link” card); fast food; vending machines
Shenzhen (China) n.a. 2004 Public transport (“Trans card”); student ID; discount tickets
New Delhi (India) n.a. Dec. 2002 Metro (“Travel card”);
Bangkok (Thailand) n.a. July 2004 Metro (“Metro card”)
Tokyo (Japan) 14 Million Train; East Japan Railway Company “Suica”14. R
FID
in p
ublic
tran
spor
t
206
Tech
nica
l Rep
ort S
erie
s
164 IDTechEx (2006). The RFID Knowledge Base – Sample Case Studies.165 IDTechEx (2006). The RFID Knowledge Base – Sample Case Studies.166 This migration includes moving from ordinary paper tickets fit to visual inspection or magnetic stripe technology towards a technologi-
cal infrastructure based on contactless technology that includes access to stations and the use of Internet to upload the credit of the travelpass.
Given the high number of travellers and sub-sequently the high number of cards to be issued intoday’s public transport system, the introductionof RFID in public transport is a mass market withhigh investments in cards, equipment, devices,and information systems needed to run the entireticketing system smoothly. Pay-back times are inthe order of several years, but introduction of RFIDin public transport systems in Asia has shown thebenefits to be considerable.165
From the perspective of this study, the intro-duction of RFID in public transport is an interest-ing case to look at. Public transport is embeddedin regulation (role of public authorities) and com-petition (role of private actors). Public transport or-ganisations of various kinds may cover a city, aregion or a country, and may encompass onetransport modality or several at once. EmbeddingRFID in public transport tickets is only the first stepin setting up a complex system that may have linkswith additional services, such as car parking, taxisand retail services in and nearby public transportstations.
The introduction of RFID in public transport isthus a complex issue, in which public and privateinterests have to be weighted, and in which deci-sion processes cover more than technological ele-ments alone. It may also be surrounded by publiccontroversies, for instance in relation to the use ofthe data and the privacy issues that go with it, orrelated to the public discussion on fighting fraudand aggression in public transport.
From a technological perspective, publictransport is interesting because Europe seems tohave a reasonable stake in the future developmentof RFID in public transport, especially when look-ing to RFID technology from a broader perspective(encapsulating developments such as Near FieldCommunication).
In the next sections we will present an elabo-ration of the introduction of RFID in public trans-port in the following settings: public transport inEurope (generic overview of a number of projects),The Netherlands (starting with pilot in Rotterdam),the introduction of the Oyster system in Londonand Venice (Italy). These case-descriptions aremeant to provide us with empirical details on theissues we want to discuss in the final section of thiscase-study.
14.1. RFID in public transport
The use of contactless smart cards in Europeis growing. In a number of cities and regions (andin the Netherlands in the entire country) pilots andprojects are running to introduce contactless smartcards and tickets for public transport. Numbers arehigh: many projects deal with millions of cards.The projects are complex, multi-actor undertak-ings, lasting for several years. It is not only thetechnological migration towards another system166
that complicates matters but to get sufficienteconomies of scale projects sometimes includedozens of different public transport organisationsand usually politics play a role as well.
In Annex 7 we present an illustrative but notexhaustive overview of cases in public transportthroughout Europe to illustrate the broad varietyand complexity of the various projects. As a starter,we present a number of features of these projects.
Technology
Most smart cards make use of the Philips Mi-fare S70 chip, a passive RFID chip operating at the13.56 MHz range, with a read range of roughly 10cm and a memory capacity of 4 kB. The memorycapacity is subdivided in a number of different sec-tors that may be used for different purposes. Thechip has different security mechanisms and mayuse data encryption. It has a three pass authentica-tion mechanism to ensure the proper communica-tion between the reader and the tag (ISO/IECDIS9798-2 compliant). The tags are ISO 14443compliant. They can function as an electronicpurse: a credit is stored on the card which is deb-ited when one enters a bus or train. The chip storesinformation about the location where one entersand leaves the public transport system (includingchanges during the trip), thus enabling the assign-ment of revenues to the appropriate public trans-port companies. Communication between thereader and the tag is fast (in the order of millisec-onds) enabling a high throughput of passengers.The advantage of having a contactless chip morethan a contact-based smart card are obvious: thethroughput of passengers is much higher (as statedin the Paris project in the metro: 4 times as high!);the sometimes cumbersome procedure of havingto put a card in a slot (in moving buses) is avoided;and the cards will not degrade due to repeateduses. A disadvantage is the relatively high costs ofthe smart card, including the casing. Within vari-ous pilots, figures of €6 to €7.50 are mentioned.Probably, this is slightly more than the pure coststo construct the smart card and personalize them.
Next to the smart card version, the Frenchcompany ASK has developed a paper-based ticket,based on its C.ticket system. The C.ticket has anRFID-chip (for instance the Philips Mifare chip) en-cased in a paper label. The antenna is printed onthe paper by means of a conducive silver-ink.Printing the antenna is much cheaper than the tra-ditional etching of antenna’s from a piece of cop-
per (with relatively high levels of waist). The func-tionality of the C.ticket is comparable to the func-tionality of a public transport smart card. It canhave secure communication with the reader, justas in case of the smart card.
Though the paper cards are often used for sin-gle journeys (or a block of journeys) they can berechargeable and they may have identifiable infor-mation on the chip. During a pilot in Porto (Portu-gal) it has been demonstrated that the life time ofthe paper based card, for which a fee of €0.50 wasrequested, was much higher than originally ex-pected.167
The readers are hidden in access gates orstand alone devices. One has to read out the cardwhen accessing and when leaving the station.Given the proximity reading which is necessary incombination with the appropriate authenticationprocedure the danger of eavesdropping appears tobe small.
14.1.1. Actors
RFID chips provider Philips has a consider-able share in providing chips. ASK, a French tech-nology provider and consultancy company, has arelatively high contribution to the delivery of chips(including the ASK C.ticket); other European con-tributors to RFID technology are SMicroelectron-ics, Infineon, Nokia (NFC consortium togetherwith Philips and Sony) and Applied Card Tech-nologies. System integrators are mainly Europeanconsortia (though sometimes based abroad suchas Accenture); the consortia combine technologi-cal expertise (tags, readers), knowledge about in-formation processing and database management(the backend systems) and consultancy expertise.In a number of projects the consortia responsiblefor the technological migration towards RFID-based ticketing systems explicitly opt for an openand interoperable approach, enabling vendors tostep in whenever they feel to (and are able to liveup to the conditions of access). In case of theNetherlands, the responsible consortium TransLink Systems has involved over 40 providers whohave passed the quality test TLS has provided.168
In the Swedish Skane County an open architecture
RFI
D te
chno
logi
es
207
Tech
nica
l Rep
ort S
erie
s
167 Personal communication with Jose Duarte Vieira, director of Metro do Porto, 16 May 2006.168 See next section and www.translinksystems.nl (visited 13 July 2006).
is used, enabling the other five counties in theSouth of Sweden to profit from the lessons learnedat the Skane pilot. The consortium of Nokia andPhilips is active in Germany with a test of NearField Communication (NFC)-phones (Nokia 3220phones) within the city of Hanau. This is the onlyNFC-pilot we have noticed.
The situation in which RFID-ticketing is intro-duced is usually a rather complicated one. In Flo-rence, Manchester, Paris, London and theNetherlands several public transport companiesare involved. In Paris, next to the Metro-companyRATF and the train-company SNCF, 93(!) differentprivate travel operators are engaged in the transi-tion from the traditional Carte d’Orange towardsan RFID-based ticketing system. In Manchester 40bus companies in 10 districts are involved. TheLondon Oyster card is introduced in Londonmetro, buses and trains. Within the Netherlandsthe five big public transport operators have joinedforces, while agreement with the remaining par-ties (mostly integrated at the level of the twelveDutch provinces) is sought.
Of the New Member States, one pilot is re-ported to take place in Warsaw (Poland).
Government is mentioned in a number of casesas a ‘limiting’ actor, or at least an actor that has avery specific role to play (being responsible for pub-lic transport in several – but not all – countries).
14.1.2. The benefits
Due to the complexity of the introduction ofRFID in public transport, the stake is high, with a1.3 billion Euro (over a period of 17 years includ-ing 240 million Euro capital investment) of theLondon Oyster card and a 1.5 billion Euro invest-ment in the Netherlands as top investments. Espe-cially in big cities and densely populated regionsthe number of passengers per day is high, leadingto high numbers of transactions daily (millions perday). Though it is hard to decide on Return of In-vestment issues, IDTechEx database mentions fig-ures of one to two years for RoI. RoI must be insavings, due to combating fraud (65 million USDin London yearly), increase in passenger flows,more efficient management of resources (trains,buses, etc.) and savings in personnel (check incheck out, selling points, services, etc.). The casesdo not indicate the savings on these points. Addi-
tional information indicates the opposite: extrapersonnel is needed (at least in the initial stage) tohelp travellers understand what to do.
The benefits indicated in the case-studieshave a rather broad range:
• combating fraud (mentioned quite often)
• improving user convenience (fewer andshorter queues, ease of use (!), additionalservices)
• operational benefits
• reduction of surveys to monitor travellingbehaviour
• improve boarding speed (four times fasterin Paris metro)
• better and accurate travel management in-formation
• opportunities to offer additional services
The direct benefits (benefits directly related tothe public transport system) are expected to be suf-ficiently high to support the high investments. Partof these costs will be passed on to the passengers,for instance in additional costs to the fares the haveto pay.
14.2. Case 1: the Netherlands
The Netherlands want to introduce RFID inthe entire public transport system, covering alltransport modalities (trains, buses, trams, metro).To do so, it has started a pilot in the metro of Rot-terdam in which the technique will be developedand tested; after a successful testing, the RFID-sys-tem will be gradually rolled out over other trans-port modalities and regions of the Netherlands.Since the test itself has experienced some delays,due to difficulties in transferring the complicatedDutch ticketing system into the software, it is nowhoped that roll-out will be ready at 2008. Theprocess started at the end of 2003.
14.2.1. Objective
According to the responsible agency - theTrans Link Consortium (a consortium built aroundthe five main Dutch Public Transport Operators) -an RFID-based public transport has three advan-tages:
14. R
FID
in p
ublic
tran
spor
t
208
Tech
nica
l Rep
ort S
erie
s
• it is faster (less time needed to buy a ticketand to board a vehicle);
• it is socially more safe (it combats fraudu-lent use of public transport – using it with-out paying – and it enhances safety at thestations – need of an entrée ticket to get intothe station);
• it makes using public transport easier (onlyone ticket for all modalities).169
To these objectives, a fourth may be added: it
should make public transport more cost efficient.
14.2.2. The actors
To understand the dynamics surrounding this
specific case, in Figure 14-1 a picture of the vari-
ous actors that are involved in the Dutch case is
sketched.
RFI
D te
chno
logi
es
209
Tech
nica
l Rep
ort S
erie
s
169 See News feed on public transport issues: ‘Consortium wins Netherlands transport ticketing deal’. 3 November 2003.170 www.translinksystems.nl; visited 31 March 2006.
Figure 14-1: Actors involved in RFID in Dutch public transport
On the bottom part of Figure 14-1 one findsthe main initiator of RFID in the Dutch publictransport system, Trans Link Systems. TLS consistsof the five biggest PTOs in the Netherlands, whichtogether are responsible for over 80% of publictransport passengers.170 Next to the Dutch Rail-ways (NS group) it comprises the three publictransport companies of the three major Dutchcities (GVB for Amsterdam, RET for Rotterdam andHTM for The Hague) and the regional buss com-pany Connexion. The public transport companiesof the big cities cover public transport by bus, tramand metro (metro only for Amsterdam and Rotter-dam). TLS is the main initiator of the Dutch pilot.TLS has selected the consortium that was given thetask to build the entire system by means of a ten-der procedure.
On the top part one finds the technologyproviders. Central to these is the East-West e-tick-eting consortium, which consists of Thales, Vialisand Accenture. Thales is responsible for the smartcards and the integrated fare collection system, Vi-alis for the infrastructure, the readers, the ticketingand fare machines, and Accenture for the integra-tion of the smart cards with the infrastructure, andthe operation of the systems for the back office. Tosupport their activities, Hong Kong’s MTR Corpo-ration and Octopus Cards act as subcontractors toThales, providing the central back office, togetherwith their operations expertise, which stems fromtheir participation to the Hong Kong Octopus Card(an RFID-based smart card for the public transportsystem in Hong Kong). The East-west consortiumwon the bid that was published by TLS. The bid is
valued at approximately 120 Million Euro for thepilot phase; the bid is expected to lead to addi-tional contracts to follow the next five years. TheFrench smart card supplier ASK has been selectedby TLS to provide the transit ticketing system. Itwill deliver e-tickets in a smart card version, basedon the Philips Mifare 4k chip, and in a contactlesspaper version (its CTSS12A contactless paperticket) to be used for occasional public transportusers.171
At the right hand side one finds the public au-thorities that have a say and a stake in public trans-port issues. Dutch government subsidizes theoverall 1.5 billion Euro migration path towardsRFID with 100 million Euro (of which 10 millionEuro will be reserved for pilots). It has a responsi-bility as ‘director’ of the entire introduction. WithinDutch Parliament, discussion is focused on therole of Dutch government: is it able to exert influ-ence when it contributes minimally to the totalcosts of the migration while it bears responsibilityfor the overall public transport systems? The re-gional authorities are responsible for regional pub-lic transport affairs, especially related to quality ofservices and fare prices. The issue of tariff struc-tures for the public transport is a challenging polit-ical issue, since it is part of the responsibility ofpublic authorities to decide on the tariffs, andfunctions as part of social policy. Dutch politicshas decided that prices between regions will notbe differentiated during the take off, since thatwould complicate the introduction considerably.
Finally, at the left hand side one finds the con-sumer organisations, gathered in the DutchLOCOV organisation (national organisation ofconsumers of public transport), and the Dutch Pri-vacy Commissioner. LOCOV’s priority is to get thebest out of the system, which in its view meansthat the PT-card should be used in a broad arrayof applications (shopping, facilities around the sta-
tions, etc). The Privacy Commissioner has issued areport in which he emphasizes two issues: data re-tention and the use of the collected data for pur-poses not directly related to the task of TLS. Withrespect to this latter aspect, it is interesting to notethat TLS has defined as an explicit objective to usecollected personal data to extend its services intocommercial areas not directly related to publictransport.
14.2.3. Technology
As stated above, the East-West consortium haswon the bid on providing the technological assetsfor the RFID-based migration of the public trans-port system, comprising infrastructure, devices,cards and the accompanying software. It is how-ever under the obligation to develop its equipmentand software such that it is open for other marketparties to enter; these should be able to offer theirown products on the basis of the architecture pro-vided by the East-West consortium. TLS has pro-vided a qualification document in which itaddresses the open architecture which is basic tothe electronic ticketing system. The architectureconsists of the following five levels172:
0. Identifiers
1. Front-end Devices
2. On-Site systems
3. PTO systems
4. TLS Central systems
Except for level 4, on which it is agreed thatthe East-West consortium is the only provider, theother levels are formulated such that any otherprovider can enter the market.
Figure 14-2 shows the relations between thevarious levels.
14. R
FID
in p
ublic
tran
spor
t
210
Tech
nica
l Rep
ort S
erie
s
171 News feed on public transport issues, ‘ASK smart cards chosen for Netherlands AFC system’, 12 August 2004172 See www.translink.nl/media/bijlagen/Qualification_KC3.1.pdf
Figure 14-2: Various service levels as distinguished by TLS (PoS: Point of Sale)173
RFI
D te
chno
logi
es
211
Tech
nica
l Rep
ort S
erie
s
173 Source: Translink KC3 Qualification document. See footnote 172174 These are so-called paper-based contactless tickets. The RFID-chip is embedded in a paper folding on which the antenna is printed (metal
ink prints). During a pilot in Porto (Portugal) one expected the paper-based tickets to be thrown away, though they could be re-loaded.It however showed that the lifetime of the paper-based tickets was over 3 months and they were regularly uploaded (personal commu-nication José Duarte Vieira, Metro do Porto SA Portugal)
For each of the levels specific requirementshave been formulated. We will not cover them allbut pay some attention to level 0, the cards (Iden-tifiers). TLS distinguishes:
• Low cost single journey tickets (tickets or re-usable tokens/tickets); the ASK contactlesspaper-based tickets.
• Smart cards, being :
- Disposable multi-journey/limited freetravel cards
- Anonymous stored value cards
- Personalised discount travel/auto-reloadcards
- Personalised free-travel cards and staffcards
In a similar way the other levels are subdi-vided.
The variety in cards to be provided is consid-erable, and this has led to specific problems dur-ing the Rotterdam test. One requirementformulated by the Dutch government is the one-to-one translation of the existing ticketing systemto the RFID-based e-ticketing system. This includesspecific reductions for specific groups of travellers(55+, youngsters under the age of 12 years old, butalso reduction in case one travels with a group ofmore than five passengers) and specific subscrip-tion types of tickets (a subscription that gives ac-
cess to all transport modalities for a whole year, asimilar subscription but for a period of a month, asubscription for a specific trajectory during a spe-cific period – a month, a year), etc. Introducing allthese variations into the system led to considerabledelay in the delivery of the entire system in Rotter-dam. The Dutch minister for Transport argued suc-cessfully in the Parliament that the complexity ofthis typical system is unique, and it would bewrong to assume that a simple transfer of the HongKong system would be possible.
The cards are provided by ASK, a Frenchcompany that delivers both smart cards and con-tactless tickets. The latter category is used as dis-posable category, to be supplied to tourists and forspecific events, for instance when a passenger hasforgotten his personalised card and needs to buy aticket on the bus (or tram).174 The smart cards canbe personalised or anonymous. Since TLS wantsto gather travelling information in order to opti-mise the transport system, it wanted to put a pre-mium on using a personalised card (offering themat a cheaper rate than the anonymous card). Thishowever proved to be unacceptable for the Dutchparliament which insisted that both cards wouldcome available at the same price. Passengers haveto buy a card at a price of 7.50 Euro. In case of lossor damage no refunds will be made. Passengershave to buy a new card.
14.2.4. Issues surrounding the introduc-tion of the card
Price
One of the most important assets of the intro-duction from the perspective of the passengers iswhether the new system will increase the price oftravelling with public transport. This is a highly po-litical discourse, especially in the Netherlands,which face considerable traffic congestions on thehighways and in inner cities. Public transport doesonly marginally contribute to alleviating the con-gestion; when the price of public transport wouldincrease due to the introduction of the new ticket-ing system, public resistance against the publictransport might increase and this might lead to fur-ther detrimental effects on congestion.
It is however almost impossible to compareboth fare systems. In the new system, an accessfare has to be paid before travelling starts. Thismeans that short trips (which represents a highvolume part of the total number of trips made)will cost relatively more than they do today. Thetrips will be paid by kilometre instead of perzone, which might decrease the costs for a trip.Overall, it is expected however that roughly 70%of the passengers will pay at most 10% more fortheir trip, while 30% of the passengers will paymore than 10% more. This is acceptable for theDutch minister.175 The 18 regional public trans-port agencies do have the opportunity to deter-mine their own fares. In order to improve theacceptability of the system, it has however beendecided that they all will use the same tariff struc-ture during take off. Dutch central governmenthas already signed mutual agreements with 12out of the 18 regional agencies (usuallyprovinces; situation May 2006).
Another interesting issue is the status of TLS asa financial institute. The flow of money in the sys-tem is such that it needs to be researched whetherTLS acts as a formal financial institute, which wouldmean that specific forms of supervision and of ac-countability need to be used. This might complicatethe introduction of the e-ticketing system consider-ably. Dutch government expects however, that dueto the fact that ‘TLS-money’, i.e. the monetary value
the smart cards represent, only can be used withina closed system of acknowledged institutes (includ-ing for instance shopping malls within stations thatdo accept the electronic money of the smart card)implies that TLS will not be considered to be a fi-nancial institute according to European legisla-tion.176
Performance
Performance of the system is critical for pub-lic perception. By buying a system ‘off the shelf’ itwas hoped that this would improve the quality ofservices. Due to the complexity of the system,which is allegedly higher than in the Hong Kongsituation, quality of services has become a criticalasset. The system has to be full-proof and has tohave an availability of close to 100%. To safeguardthe performance of the system, the introductionphase is subdivided in various phases of increasingcomplexity. Introduction starts with the Rotterdammetro-system. Initially, only a selected sample ofpassengers will be able to pay with the smart card(to start with employees of RTM, the Rotterdampartner of TLS). Then, the system is extended to in-clude railways and regional buses, while at thesame time GVB (Amsterdam) will start preparationfor introduction in the Amsterdam metro system.Finally, when the system is rolled out over the en-tire country it is expected that some 2 million pas-sengers daily will use RFID-based ticketing.
Societal concerns
Privacy protection is an issue that is usuallyhigh on political agendas but that is difficult to ad-dress above the level of the generic clauses thatare laid down in national Data Protection Agen-cies. In case of the RFID-based ticketing system thesituation is not different. TLS has explicitly statedthat it wants to use personal data to improve thelevel of services offered to the passengers. For one,this means that TLS wants to use travel informa-tion to improve the service level of the publictransport system (sufficient supply of wagons, fine-tuning travel schemes, may be personalized infor-mation on maintenance and delays). On the otherhand, it wants to use the information for providingextra services, in and around the stations (sometransport related, such as bike hire or taxis, others
14. R
FID
in p
ublic
tran
spor
t
212
Tech
nica
l Rep
ort S
erie
s
175 Tweede Kamer, vergaderjaar 2005-2006, 23645, no. 135, p. 5176 Tweede Kamer, vergaderjaar 2005-2006, 23645, no. 135, p. 6-7
more alien to transport such as shopping). Accord-ing to the Dutch privacy chamber, TLS is in dangerof trespassing the boundaries of the Dutch DataProtection Act, especially in using data for otherpurposes than these have been collected (purposebinding principle) and that it does not offer clearinsight in data retention approaches (quality andaccountability principle).
When passengers are offered a choice, it isusually on the basis of an ‘opt-out’ approach: con-sent is expected to be given except when one ex-plicitly requests that personal data is not collectedfor specific purposes. By collecting more sophisti-cated personal information, the commercial valueof this information will increase. It goes withoutsaying that the flow of personal data through use ofRFID-based systems (in public transport, but alsoin other societal domains) offers the possibility toenrich knowledge on personal profiles and en-ables tracking movements of individuals. This maybe at a par with Data Protection Acts.
Another societal concern is the cost structureof the public transport system. Especially the (rel-atively) poor within a country as the Netherlandsare more dependent on a proper functioning andcheap public transport system. As indicated, it isexpected that prices on the short distance will riseconsiderably (over 10% compared to present daysituation). Though it is difficult to estimate the con-sequences of this pricing strategy for use of publictransport by low income individuals and house-holds yet, pricing may have an adverse effect onthe accessibility of public transport for thosegroups.
14.2.5. Concluding observations
Introducing an RFID-based e-ticketing systemin the Dutch public transport system is a chal-lenge. Technologically, it is a demanding task thathas no equivalent yet within the world. It is inter-esting to observe that even using a system ‘off theshelf’ is not a guarantee for a smooth introduction.The system needs to be adopted.
From an organisational point of view, thesystem is a very complicated one, comprising awide variety of relevant actors. Next to technol-
ogy providers, an important actor is the centralgovernment which is able to impose specifictechnologically grounded demands (such as openspecifications, and the one-to-one translation ofexisting ticket products to the new situation). Thedevelopment of the entire system seems to behighly dependent on the outcomes of the politicaldiscourse. At the same time, the direct supervi-sion of the central government over the introduc-tion of RFID in the public transport system islimited, due to the fact that it only contributesmarginally to the investments required for the fullroll-out of the system.
From a commercial point of view, the intro-duction may prove to have commercial value. Thisis first due to the change in the fare system (thoughcentral government emphasizes a budgetary neu-tral introduction), second to the increased effi-ciency (economies of scale, reducing the numberof fraudulent passengers), third to the added valuethe system may have to non-transport activities.
14.3. Case 2: London
London is a city with a very solid and massivepublic transport infrastructure. Within Greater Lon-don, each day 30 million journeys are made withpublic transport. The tube has some 3 million tripsdaily, the buses have over 3.5 million trips withinthe city of London complemented with another 3million in Greater London.177 The overall revenueof the London public transport system is 1,5 bil-lion Euro yearly. Each year, roughly 52 millionEuro is lost due to fraudulent behaviour. In 1998 itwas decided to start introducing smart cards on thebasis of RFID within the public transport system.The entire contract was scheduled to cost 1.3 bil-lion Euro, covering a 17 years period of creation,implementation and operation. Capital invest-ments were scheduled to be 240 million Euro inthe first years.
The introduction of the smart card would begradually, so that each component of the entiresystem could be tested and validated thoroughly.Given the complexity and the scope of the system,this was deemed necessary. Roll-out should startwith 80.000 employees and would initially cover
RFI
D te
chno
logi
es
213
Tech
nica
l Rep
ort S
erie
s
177 See http://www.tfl.gov.uk/tfl/abt_tfl.asp (visited 12 April 2006) and (IDTechEx, 2006a).
annual and monthly season ticket holders. Fullroll-out was foreseen in 2002-2003 having a fewmillions of card holders able to use a great varietyof services. Services should extend to other do-mains, such as shopping malls. The smart cardshould become a multi-functional card, whichwould not only function as public transport ticketbut also as electronic purse.
In March 2005, 2.2 million Oyster cards weredisseminated. Today, this number has increased to5.3 million, leading to a total of 11 million tripsper week in the tube and 16 million trips weeklyon the buses made by Oyster card.178 The respon-sible agency Transport for London (TfL) has starteda tender to extend the services to the South Westmain line (to be followed by the North LondonRailway in Autumn 2007).
14.3.1. Objectives
The introduction of a smart ticketing systemin London public transport is directed at realisingthe following objectives179:
• fighting fraud (today estimated at over 50Million Euro yearly),
• speeding the boarding time (cash will beeliminated from London buses in 2006),
• offering customer benefits (no more queu-ing, ease of use, outlets off systems sales),
• extending services to include retail sector(in 2006 3850 shops that sell travel passeswill accept the travel pass to pay for otherservices as well),
• offering better travel information (on thebasis of actual but aggregated travel infor-mation).
14.3.2. Actors
In Figure 14-3 the actors that are part of thiscase are depicted. The initiator of the card is Lon-don transport, succeeded by Transport for London,a London based agency created in 2000, as the in-tegrated body responsible for London’s transportsystem. TfL is a functional body of the Greater Lon-don Authority, and is a public private partnership.ITSO, the Integrated Transport Smartcard Organi-sation, was founded in 1998 as a membership or-ganisation, whose objective is “to facilitate thedevelopment of an interoperable smart environ-ment by developing, and then operating and man-aging a specification for an interoperable smartmedia environment”.180 Members of ITSO are busoperators, train companies, suppliers to the indus-try and regional and local authorities, totallingsome 75 organisations (of which some 30 govern-mental organisations all over the UK and 45 pri-vate companies). London is not a member of ITSOand this raises some concern about the compatibil-ity of the Oyster card with the ITSO standards. Ac-cording to TfL, Oyster will in the end be fullycompatible with ITSO standards.
Transys, a consortium of EDS, Cubic (each for37,5%), and ICL (Fujitsi) and WS Atkins as support-ing companies, was selected by London Transportto deliver the electronic ticketing system to Lon-don. Transys developed the PRESTIGE-project todeal with the introduction of the smart card.181
Transys has chosen the Philips Mifare chip for usein the London’s Oyser smart card project.182 Thesmart cards will be manufactured by Giesecke &Devrient, Germany and SchlumbergerSema, UK,while Cubic will be responsible for the readers,and EDS will be responsible for the central infor-mation system, the distribution and quality controlof the cards.
14. R
FID
in p
ublic
tran
spor
t
214
Tech
nica
l Rep
ort S
erie
s
178 See IDTechEx (2006a); http://www.tfl.gov.uk/tfl/press-centre/press-releases/press-releases-content.asp?prID=742 (visited 12 April 2006). 179 See http://www.tfl.gov.uk/tfl/fares-tickets/2006/downloads/oyster-guides-06/TFL-Oyster_English.pdf (visited 20 April 2006) and IDTechEx
(2006a).180 See http://www.itso.org.uk/default.asp?contentid=45; visited 12 April 2006181 PRESTIGE for: Procurement of Revenue Services for Ticketing Information Gates and Electronics. The project was named the best private
finance initiative in operation at the Public Private Finance Awards 2005. See http://www.eds.com/services/casestudies/downloads/trans-portlondon.pdf (visited 12 April 2006).
182 See section 2.4 for an overview of the technical characteristics of the Mifare card.
Figure 14-3: Actors in the London Oyster transport ticketing project
RFI
D te
chno
logi
es
215
Tech
nica
l Rep
ort S
erie
s
183 See Google: Discussion group: subject Oyster.184 See IDTechEx (2006a).
14.3.3. The technology
The Oyster card system will be based on theISO 14443A standards, to make it fully compati-ble with the technology standards as proposed byITSO. The ITSO-standards range from media todata elements, including architecture. Some con-cerns are raised with respect to the full compatibil-ity of the Oyster system with the alternativescheme as proposed by ITSO. In discussion groupson the internet concerning the introduction of theOyster card in the various railway lines, concernsare raised with respect to the compatibility of theOyster card with the ‘alternative’ standardisationscheme as proposed by ITSO.183
The information provided by TfL on the useof Oyster indicates the various forms in which thesmart cards and tickets may be used. Cards can beuploaded through Internet. Passing the gates willdebit the smart card as authorized. Cards can bepersonalised and anonymous. A card has to bebought at a prize of 6.50 Euro. Single fares usingthe Oyster card are cheaper than cash single fares.Each Oyster card can contain up to three travel-cards or Bus Pass season tickets. The card is avail-able at almost 4 000 outlets in the vicinity of busesand the London underground.
14.3.4. Issues surrounding the introduc-tion of the Oyster card
Acceptance of the Oyster card is high. Peopleprefer the card above the cash ticketing system.85% of people entitled to concessions in Londonuse the Oyster card.184 No doubt the financial ad-vantage the Oyster system provides above buyinga ticket in the traditional way contributes to the ac-ceptance of the Oyster card.
Consumer issues are raised in discussiongroups, especially when it comes to double pay-ments due to specific kind of occasional flaws inthe system. Though EDS announced that it wouldtrain 100 London transport staff to run the projectand to answer questions of travellers, this has nottaken away concerns.
Privacy
Another issue is that many people are worriedabout the privacy implications of the card. Eachcard is uniquely numbered and records each traveldetails of buses, Tube or train journey made by theholder over the previous eight weeks. The travelinformation could easily be used for commercialends by third parties. Regarding this, consumersare worried about the future plans of Transport forLondon (TfL) to extend the use of the Oyster smart
card to payments in shops.185 TfL argues that it onlyuses this information to better provide customerservice and answer customer queries. Though notfor commercial ends, BBC News recently pub-lished that the Metropolitan Police regularly re-quest journey information about Oyster card usersand the use of this information is increasing. In Jan-uary 2006 it was about 61 times, compared withjust seven times in the whole of 2004. In March2006 the number of requests was 243 times. Theinformation was used as an investigative tool totrack criminal movements.186
Communication
The minutes of the Strategy and IntegrationCommittee of London TravelWatch, the customerorganization for London’s transport, mention someother issues. Some of the issues were related withthe non-availability of the pay-as-you-go facilityon most National Rail routes in Greater London.Many passengers did not understand where theycould use the Oyster Pre-pay (former name of Payas you go) and where they could not and failed tounderstand why the full benefits of Oystercardcould not be made available. Another number ofcomplaints came from passengers who had at-tempted to use their Oyster Pre-pay for a NationalRail journey and found at the end of the journeythat the card was not valid. Moreover, these pas-sengers were handed a Penalty Fare Notice for nothaving the correct ticket. Although TfL producedposters for display at National Rail stations, Lon-don TravelWatch found that passengers remainedunaware of the terms of conditions of travel andthat a number of National Rail stations did nothave posters displayed.187 Since 10 May 2006, TfLannounced that in 2008 Oyster would be madeavailable on all national rail services in London.Customers will be able to use their Oyster card inmore than three hundred rail stations compared tosixty nowadays. TfL will pay for the Oyster valida-tion equipment in all London rail stations, as wellas working with the Department for Transport (DfT)to ensure that equipment will be able to acceptother smart cards.188
Another communication issue concerned therejection of Student Oyster card applications, asthe authenticating signature on the form differedfrom the one originally supplied by the university.In some cases the rectification process took morethan six weeks and no refunds were offered to thestudents who had overpaid their travel duringthese weeks. Students felt being penalised for theincompetence of TfL and the universities in admin-istering the scheme.
Furthermore, a significant number of cus-tomers complained about the Oyster Helpline: theHelpline was not accessible or the customers wereredirected to London TravelWatch when they hadcontact with Oyster Helpline; promised call-backswere not made.
Usability
The most significant usability issue of the Oys-ter card system is that pay-as-you-go customers donot “touch out” at the end of their journeys for sev-eral reasons: card readers are not obvious to usersand users do not realize that they have to “touchout” when making through journeys to points out-side London. The consequence is that customersare not being charged correctly. They often have topay the maximum price of the journey the cus-tomer theoretically could have made.
Besides, users who have run up a pay-as-you-go debt of as little as one pound are prohibitedfrom using any kind of periodical travel-cards onthe card until the one-pound debt is repaid.
Customers complained about the lack of out-lets where Oyster cards can be “topped up”.
Software fault
On 10 March 2005 a software fault meantthat the whole Oyster system was inoperable dur-ing the morning rush hour. Ticket barriers had tobe left open and pay-as-you-go fares could not becollected, which meant a loss of 50 000 pounds.It showed that something had gone awry in pass-ing the black lists with information on travellers
14. R
FID
in p
ublic
tran
spor
t
216
Tech
nica
l Rep
ort S
erie
s
185 URL: http://www.spyblog.org.uk/spyblog/2004/02/foiling_the_oyster_card.html186 URL: http://newsvote.bbc.co.uk187 Strategy and Integration Committee of London TravelWatch (2006), Oyster card issues, 14.03.06.188 URL:http://www.londontravelwatch.org.uk/news.php?id=368;
http://www.gnn.gov.uk/environment/mediadetail.asp
who had been caught the day before. The softwarefault had been restored at lunch time, accordingto Transys officials.189
So far, the cautious approach adopted by TfLand Transys in introducing the Oyster card in theLondon Public transport system has lead to con-siderable delays in comparison to the originalplanning. Delays are both technical and of polit-ical nature. According to high ranking officials,the complexity of this project requires a very cau-tious planning and moving ahead. One simplycan not afford to be confronted with major draw-backs due to failing technology. The extension ofthe card to include functionalities as an elec-tronic purse has not been fulfilled either. Re-cently, Times Online published an article whereTfL declared that technical and financial partnershad not yet provided an acceptable blueprint thatwould make the system acceptable to retailerswithout carrying a risk to TfL. This means that theintroduction of the functionality of the e-pursewill be delayed.190
Again, it is argued that one needs a cautiousapproach in which in first instance travel function-alities are embedded and only when these func-tion properly, extension of services can beconsidered.
14.4. Case 3: Venice
The city of Venice is characterised by a verypeculiar type of public transportation. There areno streets in the city but only narrow roads run-ning by canals so that it is impossible to go alongby car. Public transportation within the city andbetween the city and the islands nearby is by boat(water taxi, water buses and so on). Buses run out-side the city centre and to the airport.
ACTV S.p.A. is responsible for public roadand water transport in the city of Venice. Thecompany uses 152 craft, including water buses,motor boats, outboard motor boats, ships andferry boats, to ensure convenient connectionsbetween Venice and the islands; plus, more than600 buses run in excess of 31 million kilometres
per year. The main points of access to the cityare well connected to the historic centre, withmany lines running along the Grand Canal.
Every year about 180 millions passengers aretransported producing about 500 000 navigation“movement hours”.
Figure 14-4: Venice public transport boat
14.4.1. Pilot
In 1999 a trial of RFID technology for theVenice public transport started. The aim of the trialwas realizing an “open telematic square” as a start-ing point towards Venice as a digital city. The firststep in the pilot was the provision of an RFID card,allowing Venice citizens to access multiple serv-ices such as: transportation, banking, school, mu-seums, public administration, parking and so on,trying to attract new companies and enterprises tothe “square”.
The target users of the system in the beginningwere city residents, students and people whosemain business site was in the city of Venice. At theend of the pilot the system would be extended totourists.
The system had to support the use of contact-less tickets and cards; plus it had to support ticketacceptance, recharging and control.
Initially, some 200 users were involved in thetrial; they were selected mainly among the em-ployees of the companies responsible for the elab-oration of the trial; this was done to enhance usefulfeedback on technical aspects concerning the sys-tem.
RFI
D te
chno
logi
es
217
Tech
nica
l Rep
ort S
erie
s
189 See IDTechEx (2006a)190 http://business.timesonline.co.uk/article/0,,9077-2160143,00.html, May 01 2006.
The pilot system was deployed along theGrand Canal. Tag readers were placed on buoysin the middle of canals where boats (equippedwith RFID tags) could be monitored. Informationon boat transit was going to be used for float man-agement aiming at optimising the passenger wait-ing time and trying to regulate the high boat trafficin the canals responsible for damaging buildingand bridges in the city.
The cards provided to users were also de-signed to support access to services provided bymunicipality.
14.4.2. Actors
The actors involved in the trial were severalpublic administration companies, companies incharge of giving value added services, banks.Among them:
Telecom Italia, telecommunication operator.Role in the trial: Communications activities
TSP, a company owned by Banks, which de-velops banking type services. Role in the trial: management of financialtransactions: the cards needed to be initialisedaccording to a specific layout. TSP also pro-vided the cards readers.
INSIEL (52% Finsiel) software and serviceprovider together with VENIS (owned by Tele-com Italia 51% and Venice municipality 49%)Role in the trial: system development and de-ployment
IBMRole in the trial: twofold. Project leader andprovider of systems (i.e. server)
ACTV: Actv is the company which providestransport service, on both land and water, inVenice. The company has fleets of water andland buses for services in the centre, suburbsand out of town.Role in the trial: providing public transportfleet.
14.4.3.Services
When the trial ended, ACTV decided to de-velop a real system to be provided to the city ofVenice. A call for tender to realize an RFID-based
public transport system has been won by theFrench branch of the ASCOM Company, an inter-national solution provider with competences onWireless Solutions. ASCOM is in charge to de-velop and deploy the RFID-based public transportsystem using contactless smart cards.
By the end of 2006 the system will be acces-sible to residents only for water transport. Thecosts of the overall system are evaluated at about€ 13 Million; for the water transport the costs areabout € 6 Million
Initially the card will be available only to res-idents. Residents buy the card charged with anumber of trips and every time they take the waterbus one trip is taken out from the entire amount.When the card is empty, it can be recharged andreused. In order to exploit the full potential of thesystem it will also be open to tourists in the future.Of course in case the cards would be given totourists it would be used just for a few trips, some-times even only one. So other services are going tobe designed and provided (such as museum tick-ets, concerts, theatre and restoration) in order toexploit the cost of the card.
14.5. Discussion
On the basis of the cases presented in the pre-ceding sections we can tackle the issues raised inthe beginning of this case-study. We will first pres-ent the findings with respect to drivers and barriersof introducing RFID in public transport, and con-tinue with a discussion of the market potential,user aspects, and security and privacy aspects.
14.5.1. Drivers
In the cases presented a number of drivershave been formulated that bear relevance for theintroduction of RFID in public transport. Thesedrivers can be combined in one overarchingtheme: modernisation of the public transport sys-tem. By means of RFID-based ticketing systems itbecomes possible to gather travel information thatmay be used to optimise various elements of theeveryday logistics within public transport. Part ofthis efficiency operation is the positive effect onreduction of boarding time (including time it takesto buy a ticket).
14. R
FID
in p
ublic
tran
spor
t
218
Tech
nica
l Rep
ort S
erie
s
Overall, critical issues for introduction ofRFID-based cards and ticketing systems relate tounderstanding the business model which is goingto be impacted by the new system (actors, serv-ices, processes already existing), the identificationof the necessary actors and services to be offered,as well as the organisation of actors commitment,considerations concerning users segmentation, in-tegration with the banking systems and integrationwith already existing systems.
The handling of passenger flows is enhanced,just as checks on the validity of tickets. This latterimplies that fraudulent uses of public transport(using without paying) will be reduced (though pre-cise figures on the level of reduction are yet absent).
Because RFID-based tickets will also be usedto guard off parts of the stations and because ag-gression related to fraudulent travelling will be re-duced in line with the reduction of fraudulenttravelling itself, one expects that safety on publictransport stations will be improved. This ‘side-ef-fect’ of introducing RFID-based ticketing is never-theless an important asset and may be used toconvince the public of the benefits of the migra-tion towards RFID-based ticketing.
Another driver for the introduction of RFID inpublic transport ticketing is the value added thatcan be found in using the tickets for other situa-tions. In this case, it is not the direct informationrelated to public transport travelling (i.e. the ticketinformation: which trajectory may the passengertravel) but information that can be stored extra onthe ticket. In the London situation there are quiteconcrete plans to extend the functionality of thePT-chip card with an electronic purse, enablingtravellers to use their purse for shopping in theshopping malls surrounding public transport sta-tions. This is an interesting extension of the func-tionality of the cards. Closer by, the card can beused for taxi’s, for hiring a bike (which may be aservice offered in the Netherlands, where hiring abicycle is part of the services offered at the mainrailway stations) and for using baggage lockers. Itmay be extended to include offering tourist serv-ices. In the Venice case, one is considering the ex-tended use of the cards for accessing museums,paying restaurants, booking concerts. This mightcontribute to separate and manage different groupsof users (citizens and tourists) and to offer bettertuned services to both groups.
14.5.2. Barriers
Barriers with respect to RFID-based ticketingcan be found in a number of issues. To start with, allpilots studied were not able to keep to original timeschedules. The pilots represent complex technolog-ical challenges, embedded in complex organisa-tional changes. Buying the basic technology ‘off theshelf’, which is the case in the Dutch and the UK sit-uation, does not alleviate the technological burdenof fine-tuning the entire system to the specifics of thepublic transport system at hand. The entire systemneeds to be built up from scratch, on the basis of re-quirements and specifications as provided by publictransport companies. The entire system (includingthe gates, other check points, the point of sales, thesystem per participating company and the overallinformation system) is a very complicated one, andtypically one in which specifications and require-ments are changed during the construction phase ofthe system. The experiences with the cases studiedthus questions the possibility to migrate a system de-veloped in one situation to another situation withdifferent characteristics (tariff structure, companiesinvolved, infrastructural aspects).
It is also subject to the results of political real-ity. Given the long lead time of these pilots (typi-cally in the order of three to five years forfull-fledged implementation and roll-out of RFID)there is an intrinsic uncertainty in the entire intro-ductory phase, because of politically motivatedchanges that have to be implemented. Thesechanges may refer to tariff structures that changeduring the project, to security mechanisms, to pri-vacy issues to be taken aboard, etc. The role andposition of governments depends very much onthe local situation. In The Netherlands the nationalgovernment wants to have the driver’s seat, but re-alises that this may be impossible given its rela-tively modest contribution to the total investmentsneeded for the full roll-out. In the UK, the Trans-port for London is part of the London Greater Au-thority. This Authority has released a master plandetailing the issues of future London transport. TfLhas outsourced the contract to Transys, a consor-tium made of ICT providers and system integrators.This is comparable to the position of the East-Weste-Ticketing consortium in the Netherlands.
The issue of standardisation may be a barrier.Though ISO standardisation seems to be the start-ing point for each pilot under study, problems are
RFI
D te
chno
logi
es
219
Tech
nica
l Rep
ort S
erie
s
raised in the London situation because of the non-compliance between Oyster-standards and thestandards as proposed by ITSO. Within the Nether-lands, the system is developed on the basis of theHong Kong Oyster system as well, but we have notfound problems with standardisation in this case.Concerns on the ISO 14443 standards are raised.The standard is considered to be incomplete thushindering open interoperability and competitionamong vendors.191
Another issue is the issue of costs versus secu-rity. In case of single journey tickets, the costs forsecurity may be low, since the tickets may not berechargeable. But, as the project in Porto showed,even paper-based tickets can be used as recharge-able cards. In that situation, security measuresneed to be improved. Michael Barjanski, head ofPublic Relations of RATP considers this to be aproblem: “Regarding security, no progress in thatdomain has been made. RFID tickets cannot be se-curely used in rechargeable mode, and raise greatrisks for titles that have to be stored, and for titleswith no or a long term limit date for use. There-fore, RFID tickets will only be qualified for thatpart of tickets sold for “immediate boarding”.
The RFID ticket has been a paradox - It ischeap and secure, but for the uses for which it issecure its costs are not reasonable, and for the usesfor which the costs is bearable it offers no security.Some experts even think that using magnetic atripecards are more secure.192
Finally, the roll-out of the entire system re-quires huge financial investments. Pay back timesare estimated at a few years, but it is not clearwhere this is based upon. Investments in the orderof 1.5 billion Euro are mentioned for both theDutch system and the London system. We havenot had time to search for the business models thatindicate how one expects to turn the investmentsinto profits. One aspect – reducing fraud – offersan interesting asset, but is not substantial given thehuge investment costs.
14.5.3. Market potential
The market potential for RFID in e-ticketingsystems seems to be high. Within the pilots stud-ied, one expects to disseminate a few million tags,with accompanying infrastructure and informationsystems. Of course, when a system will be intro-duced, demand for new cards will be high. Overtime this demand will slow down. But new inno-vations may trigger new uses and new markets (forinstance NFC as a follow up of present day chipcards, or multi-functional smart cards which haveadditional e-purse functionality). Within the pilotsstudied a distinction is made between smart cardsand smart tickets (paper based). The tickets will beprovided on a one-time use basis and may serve asa continuous source of income. Passengers willhave to pay for a card (in the order of €6,- to€7.50 to pay for the costs of providing and per-sonalising the card ). In case of loss they have tobuy a new card. After the introduction phase of thecards (substitution market) there will be a contin-uous request for new cards (replacement market).Adding new functionalities to the card will en-hance the usability of the card: new applicationdomains, new modes of usage, new markets.
14.5.4. User acceptance and trust
User acceptance may be expected to be acrucial issue in this domain. In the UK case, trav-elling with the Oyster card offers financial benefitsto the passenger over using the traditional tickets:the same journeys are less expensive with an Oys-ter card than with a traditional ticket. This has pro-moted the user acceptance of the Oyster cards.Within internet, discussion groups discuss adverseexperiences of users with tickets (those that werenot accepted by the gates, or those that werecharged twice, etc.). One system failure led to atemporary breakdown of the system. When thesekinds of events occur on a regular basis, this couldhave an adverse effect on trust. As far as reported,this only happened once in the past few years andthe failure was allegedly to the benefit of the pas-sengers.193
Cap
ítulo
220
Tech
nica
l Rep
ort S
erie
s
191 IDTechEx database http://rfid.idtechex.com/knowledgebase/en/casestudy.asp?casestudyid=1043 192 Michael Barjanski at the Smart Label Conference 2004, quoted in IDTechEx knowledge base:
http://rfid.idtechex.com/knowledgebase/en/casestudy.asp?casestudyid=233 (visited 13 July 2006)193 IDTechEx (2006). London – transport for London TfL, Oyster Card, UK
14.5.5. Privacy and security issues
In line with the issue of acceptance is the issueof privacy and security. In the cases studied, a choiceis offered to passengers to opt for a personalised cardor an anonymous card. In the latter case, the publictransport organisation is not able to profit from thedata collected on individual travels and can not offeradditional services to passengers on the basis of spe-cific profiles. Within the Dutch case, one wanted tooffer the personalised card at a reduced price com-pared to the anonymous card, in order to get asmany passengers accepting the personalised card.This has however been corrected by the Parliamentat a latter instance. Both cards are offered at thesame price. This is also the case in the UK. Withinthe Netherlands, the Privacy Commissioner has re-acted to the plans of the Dutch Railways (NS) to usethe data for commercial purposes. It objected the ab-sence of clear guidelines with respect to data reten-tion and it objected the too broad use of datagathered for the purpose of public transport issues.TLS Card Issuer (the organisation that is responsiblefor the management of the data) defines as legitimatepurposes for using data on the card the productionand release of the card, the reconstruction of the per-sonal card, the management of credits on the cards(the e-purse), the facility to block cards that havebeen reported as missing or stolen or lost, the guar-anty of restitution of the credit that is left on a card,services to the customer and internal management.The discussion between the Privacy commissionerand NS (and as part of their consortium TLS) has notbeen settled yet (situation July 2006).
Collecting data on individual travel schemesis possible with personalised cards and with cardscontaining an ID (that need not be co-related to aperson). Privacy dangers are profiling and track-ing. During a Dutch workshop organised by theDutch parliamentary technology committee theexample was brought to the fore of the LondonOyster system being used to search for criminalson the basis of suspect travel schemes. Old discus-sions about so-called ‘Rasterfahndung’ tech-niques194 may pop up, even when the rationalebehind the search may be perfectly legitimate.
14.5.6. The European situation
One can experience a trend towards RFID-based ticketing systems within public transport. Thebenefits of RFID (faster throughput of passengers, in-creased ease of use, opportunities to improve the ef-ficiency of the transport system, opportunities tooffer additional services) seem to outweigh the dis-advantages (high initial costs, high human resourceinvestments to ‘get the thing running’, long leadtimes). Regarding the European actors involved,Philips as chip producer plays an important role,while other European micro-electronic firms (ASK,Infineon, STMicroelectronics) play a substantial roleas well.195 The paper-based C.ticket of ASK is used inmany trials and pilots. Contrary to initial intuition,paper-based tickets seem to offer the same potentialand functionality – using the same RFID-chip – ascontactless smart cards, though their lifetime is – ofcourse – shorter. EU-consultancy firms play an im-portant role in the consortia that are formed to guidethe introduction of RFID-tickets in public transportand the accompanying transition for the back of-fices. The number of pilots and projects will increasein the years to come, requiring more specialisedknowledge and firms that are able to guide the ac-companying transition processes. Up till now, eachnew project represents a new situation which re-quires rethinking the approach. Even in case of using‘off-the-shelf’ systems, as in London and the Nether-lands, the technology providers needed consider-able time and resources to adapt the system to thelocal situation. There is no ‘one size fits all’ approachavailable yet. Still, one should expect the learningcurve to be steep in this initial phase, thus offeringthe opportunity for economies of scope in succes-sor projects.
Though we do not have in depth informationon all pilots/projects, a few projects explicitly urgefor transparent and interoperable systems, therebyorganising a levelling playing field and increasingthe competitive edge on these systems within Eu-rope. Having major players (Netherlands, London)opting for transparency no doubt will have a ben-eficial effect on the sector as a whole.
RFI
D te
chno
logi
es
221
Tech
nica
l Rep
ort S
erie
s
194 Rasterfahndung is a German term used in criminology, which means “pinpointing of suspects by means of computer analysis of data onmany people” (Oxford Superlex, Oxford University Press, 1994-96)
195 Meanwhile, the situation has changed. Philips has outsourced its chip division into to newly founded firm NXP (for Next Experience). NXPconsists of 6700 employees, housed in one of its 24 centres all over the world, with an annual turnover of 4.8 billion Euro (2005 figures)and an R&D investment of 950 million Euro (2005).
Policy analysis and recommendations
Part
four
15. Policy analysis and recommendations
RFI
D te
chno
logi
es
225
Tech
nica
l Rep
ort S
erie
s
196 www.idtechex.com. During the time of the project we have had access to the database.197 IDTechEx database. Accessed 16 October 2006.
The foregoing chapters have detailed variousaspects to the emergence of RFID technologies. Inthis final chapter we will use the policy relevantinsights that have been acquired to construct a pol-icy analysis. The guideposts used for this analysisare the following:
1. Are there differences in the approach of thestakeholders due to variation in MemberState markets? Does this have an impact onEU market integration? (section 15.1)
2. What are the perceived (if any) EU-widebenefits? What role may the public sectorplay in achieving this benefit? (section 15.2)
3. What are areas for public policy interven-tion? What are appropriate policy actions?(section 15.3)
4. What are policy options to further researchneeds? (section 15.4)
5. What policy recommendations can begiven to the European Commission on thebasis of the overall results of this project?(section 15.5)
15.1. European RFID stakeholdersand markets
RFID stakeholders can be differentiated in thefollowing categories:
• vendors (including firms producing tags, in-terrogators, middleware, system integrators,and services providers)
• end users (including automotive, health-care, government services, manufacturing,retail, consumer goods, etc;)
• research institutes and academia
• governments
A recent study in RFID workforce distributionshows the end-user market by far is the biggestmarket (almost 90% of RFID workforce), followed
by the vendor market (almost 10%) (RFID Tribe,2006). Academia and government contribute (interms of workforce) only marginally. The strategiesof the various (European) stakeholders differ de-pending on their position in the value chain. Atpresent, system integrators and service providersare invited by end users to support the RFID im-plementation process. End users will follow the dy-namics of their (home) market, while systemintegrators and service providers will follow thelogic of the end users.
Hardware development (tags, readers) is aworldwide game. Europe is clearly visible on themarket with important players as Dutch basedPhilips, France based ASK and Swiss based EMMicro-Electronics. ASK has developed the innova-tive paper-based C-ticket, which is in use in anumber of public transport trials and projects.Philips has a broad range of RFID chips available,for different frequency ranges and different appli-cation areas. The Mifare and HiTag chip are buttwo of the well-known examples of RFID-chips.The recently outsourced semi-conductor part ofPhilips (called NXP for Next Experience) producesa high portion of the Philips RFID chips. In rela-tion to hardware equipment like readers, Europehouses a number of suppliers. Reader develop-ment is dependent on the application domain inwhich they are used. The case studies we haveperformed show a fragmented picture on this partof the market: readers are provided by both Euro-pean and US-based suppliers.
Figures about the European market, at coun-try level, are not known in detail for RFID. To geta hold on the position of Europe we have to makeuse of ‘circumstantial evidence’, in this situationthe information provided by the IDTechEx data-base.196 This database collects publicly knowndata about RFID initiatives. In Annex 8 anoverview of European case studies in a broadrange of RFID application domains is presented.This overview shows:197
• For Europe a total of 715 cases are docu-mented on RFID; this is roughly equal to theUS (with 812 cases documented).
• The new member states are only marginallyrepresented in the database, with a total of26 cases (of which eight are military).
• The UK (255), Germany (120), France (86),Netherlands (62) and Italy (40) are the mostactive European countries; they are activein all application domains the database dis-cerns.
• Leisure and sports is the application do-mains with most cases, followed by logis-tics, financials (including security andsafety) and passenger transport/automotive(all over 90 cases). Retail, healthcare, man-ufacturing and military follow (30 – 90cases). Airports, animal tagging and librariesare closing ranks (20-30 cases) while laun-dry so far has only 3 cases. Laundry relatesto item level tagging (surgical garments,wardrobes).
15. P
olic
y an
alys
is a
nd r
ecom
men
datio
ns
226
Tech
nica
l Rep
ort S
erie
s
198 Left axis: number of application domains; right axis: number of cases (see Annex 9 for additional data)199 Measured in terms of cases. All the ‘slow starters’ are countries with a moderate population. If corrected for the size of the population a
distinct perspective would arise. But even then, it shows that the slow starters are only very moderately visible in one or a few applica-tion domains.
Figure 15-1: Position of EU countries in adopting RFID198
Figure 15-1 shows the relation between thenumber of application domains and the number ofcases per country: the more cases a country hasthe more application domains are encompassed.The figure shows a gap between the leading coun-tries (UK, Germany, France, the Netherlands andItaly, followed by Denmark, Belgium and Sweden)and the tail of European countries in adoptingRFID.
Member State markets clearly vary. We candifferentiate between three distinct groups: thecountries which have only recently started with anumber of RFID projects (Latvia, Lithuania, Lux-
embourg, Slovenia, Estonia and Hungary), a groupwhich has a moderate track record in RFID proj-ects (Slovakia, Poland, Greece, Czech Republic,Portugal, Finland, Poland Austria and Spain) and agroup which already has an established trackrecord with a number of RFID projects (Belgium,Denmark, Sweden, Italy, The Netherlands, Ger-many, France and the United Kingdom).199 Themarket of RFID is diversified as well: from massiveimplementation of simple tags to high value addeduses of smart cards. Supply chain use of RFID isexpected to be in the lead of RFID developmentsfor the next few years. Some RFID application do-mains are driven by regulatory considerations (an-
imal tagging, identity cards). The size of the mar-ket (number of animals to be tagged, number ofpeople to equip with an identity card), market driv-ing forces (enforcing use of RFID by dominantmarket parties) and expectations concerning valueadded services (use of ID-cards, combination ofanimal tagging with food tracking) will drive stake-holders’ participation. Other RFID application do-mains are dependent on initiatives taken with apublic-private background (healthcare, libraries,public transport).
Stakeholders may be aware of differences inthe innovative landscape within a specific country,the awareness for RFID opportunities, the supportfrom public authorities and governments for pilotsand trials, and the opportunities for value addedservices. They will try to step in trials and pilots thatmay provide them a privileged position (being firstto the market, opportunity to trial specific RFIDuses). Markets that are identified in the cases wehave done are markets with a huge potential. RFIDin public transport, for instance, relates to projectsworth a total of over a billion Euro (UK introductionof Oyster, Dutch introduction of RFID nationwide).All special appliances markets (animal tagging,healthcare) are potentially big markets. The twomost important market players are:
• vendors: the more generic technologyproviders (tags, readers, software) operateworldwide; system integrators and serviceproviders will tune their activities to prom-ising markets;
• end users: they will act more locally andwill be dependent on opportunities offeredin public sector domains and opportunitiescreated in the private domain.
End users will rely on vendors (including con-sultancy firms) for the implementation of RFID inthe early stages of its development.
The second issue is whether the differenceshave an impact on EU market integration.
RFID markets are diversified markets; special-isation in specific application domains is likely tooccur. Diversification in hardware (tags, readers)and software (middleware, services) will not pri-
marily be driven by differences between countriesbut will primarily be driven by the promises of spe-cific applications. Diversification in implementa-tion will be driven on a case by case basis, andwill depend on future prospects, future markets,and available expertise and know-how within aspecific application domain.
Roll-out of RFID-based systems in various ap-plications has only just begun, so it is difficult toextrapolate the findings so far over what this im-plies for market integration. On the basis of thecharacteristics of RFID projects – determined bythe specific application domain – we are temptedto say that indeed the differences in attitude to-wards RFID may have an impact on EU market in-tegration.
The countries that are yet lagging behind mayprofit from their backward position once RFID hasgrown mature. They can learn from the mistakes ofthe early adopters. Not all trials and roll-outs havebeen and will be successful.200 The technologicalplaying field of RFID is not mature yet. The future,economic and societal prospects of RFID are notentirely clear. The Return of Investment dispute isfar from settled. The societal debate (privacy) is farfrom settled either. Those countries leading theway will be confronted with the initial problemsthe introduction of RFID brings with it. But theywill also profit in terms of gaining experience withthe introduction of RFID in diverse applications,and the creation of a knowledge infrastructurearound RFID implementations, and commercialisethis knowledge.
Given the stage of RFID developments at themoment (the early adoption stage) and the posi-tion of RFID in the ‘hype-cycle’ (Gartner, 2005) weexpect the impact of RFID on market integrationto be modest, though differences between coun-tries will certainly be aggravated in the short term.
15.2. EU-wide benefit of RFID
Figure 15-2 presents an overview of Europeanstrengths and weaknesses, opportunities andthreats in the field of RFID.
RFI
D te
chno
logi
es
227
Tech
nica
l Rep
ort S
erie
s
200 It is however difficult to track failed pilots; those responsible for the pilot will not happily admit that the pilot failed. Usually other rea-sons (lack of funding, withdrawal of commitment) will be brought to the fore. Still, it goes without saying that especially the failed pilotsand projects entail rich experiences which can deliver fruitful insights for other parties.
Figure 15-2: SWOT analysis of EU-wide implementation of RFID
15. P
olic
y an
alys
is a
nd r
ecom
men
datio
ns
228
Tech
nica
l Rep
ort S
erie
s
Strengths
- Europe houses part of the big RFID suppliers;
- High market potential;
- Leading EU countries with RFID focused attention (UK, France, Germany, The Netherlands, Italy);
- Focus of attention comparable to USA;
Weaknesses
- Many European countries with only marginal attention for RFID;
- No level-playing field for RFID across countries;
- No harmonised frequency policy in the EU;
- Vulnerable image of RFID - Trust issue;
Opportunities
- Increasing efficiency of production, trade and services;
- Creation of new services, new workplaces;
- Spur for economic development
- Increased convenience in citizens’ everyday life;
- Increased security, reliability and trust;
- Stimulation of research and development of related technologies (enabling, enhancing and concurrent)
Threats
- High initial and high transition costs;
- Rapid technological evolution may help displace a technology before it is widely adopted;
- High hidden costs (societal and organisational such as for training and education);
- Possible job losses due to wide deployment;
- If not implemented properly, RFID may bring a number of threats to privacy and security (Function creep, surveillance capacity);
The SWOT analysis shows strengths and op-portunities to be balanced against weaknesses andthreats. The identified strengths are part of weak-nesses and threats as well: only a few Europeancountries are active in RFID; the public climate to-wards RFID is vulnerable. Other factors add to thechallenges with which widespread diffusion ofRFID has to cope with: hidden costs of RFID (train-ing and education) may be high, the role of legis-lation is yet unclear, and negative experiences mayhave an effect far beyond the domain where theyoriginate from.
The perceived EU-wide benefits of RFID areof an economic, social and/or political nature.They can be found especially in areas where Euro-pean integration, cooperation and coordinationhave progressed most. The fight against terrorism isone such area. The fight against animal diseases isanother. The coordination of European research isa third. In these domains RFID may contribute torealising European benefits. The effort in achiev-ing this however is not trivial. Experiences withRFID until now indicate a number of problemareas: The possibility to gather personal data withRFID raises privacy issues, law enforcement to en-force the use of RFID in the tagging of animalsknows many exceptions, and the creation of a Eu-ropean research agenda on RFID requires cooper-ation between different parties in the value chain(to unravel security issues for instance).
The RFID technology market is a global mar-ket, with globally operating vendors; the RFID
end-user market is a ‘local’ market with aspectsgoing beyond the state frontier (identity cards,healthcare, animal diseases). Economic benefitsthus are either globally or country specific.
Next to the EU-wide benefits, application ofRFID in specific domains may be beneficial to theEuropean population at large. Public transport,health and retail are three of these domains. Use ofRFID is expected to increase the cost-effectivenessof public transport, to fight fraud, to increase socialsafety and to introduce additional services; withinhealthcare RFID is expected to combat counter-feiting, to increase the quality of care, to improvethe availability of health information, to preventsurgical mistakes, and to reduce theft of medicalequipment. In the retail sector RFID is expected tolead to less out-of-stock items, to more efficient lo-gistics, to better consumer profiles, to better qual-ity information. These are clear benefits whichshow up in the short return on investment periods,indicating the high economic value of the RFIDimplementations. But there is a price to pay aswell: organisations have to restructure their busi-ness processes in order to benefit from RFID adop-tion; they have to invest in the novel RFIDinfrastructure before profits will be made. For indi-viduals privacy may be at danger: individuals willbecome more transparent due to the collection ofinformation related to specific behaviours.
Given these advantages for Europe as a wholeand the implications for European countries, Euro-pean public policy should focus on:
• Reaping the benefits of RFID assupportive/enabling technology for Euro-pean-wide policy issues (terrorism, security,animal diseases, sustainability)
• Supporting European roll-out of RFID-en-abled activities with clear societal and eco-nomic benefits.
• Keep an eye on the balanced introductionof RFID (within application domains, withincountries and within specific user constella-tions).
In the next chapter we will elaborate the Eu-ropean opportunities for policy intervention.
15.3. Issues for public policy intervention
The public sector may play a role in achiev-ing these EU-wide benefits. The activities of the EUand of the separate Member States can be subdi-vided in a number of categories, which are relatedto specific components of the RFID system.
RFI
D te
chno
logi
es
229
Tech
nica
l Rep
ort S
erie
s
Figure 15-3 shows the RFID system on topand the various application domains in whichRFID may be used, while the bottom part of Figure15-3 presents the three main actors. Policy issuessuch as the ones discussed above link actors, ap-plication on areas and the components of the RFIDsystem.
EU public policy activities can be of variouskinds: creating beneficial conditions for the wide-spread adoption of RFID, raising awareness, en-
forcing specific standards and implementations,
stimulating research in technical and non-techni-
cal aspects of RFID, developing and implementing
innovation policy instruments and for governments
adopting a role as launching customer.
Table 15-1 presents an overview of public policy
initiatives related to the RFID system and the appli-
cation areas.
Figure 15-3: RFID systems approach
Table 15-1: Overview of issues for public policy intervention
Policy approach Activities
RFID tag-reader Creating beneficial Setting up frequency policyconditions Contributing to standardisation of data formats
Raising awareness Indicating presence of RFID readersRaising awareness on health issues of RFID readersRaising awareness on electronic waste related to RFID
Stimulating research Funding or stimulating research on - Advanced RFID tags- Security issues- ‘Privacy by design’- Patent research- Health issues- Electronic waste
Innovation policy Updating existing legal framework instruments (privacy directives, WEEE directive)
Application domain Creating beneficial - Stimulating use and/or development of conditions standardisation of data formats
- Stimulating use and/or development of interoperability and integration of back-end systems
- Stimulating and advancing Training and education
Stimulating research Funding or stimulating research on - Interoperability- ‘Best practices’
Raising awareness - Inventorying ‘Best’ practicesInnovation policy - Research fundinginstruments - Subsidizing pilots and trials
- Promoting specific innovation instruments for lagged countries and regions, and slow-uptake application domains
15. P
olic
y an
alys
is a
nd r
ecom
men
datio
ns
230
Tech
nica
l Rep
ort S
erie
s
201 Richard Foggie, RFID Validation workshop 3rd October 2006. The specific configuration relates to use of narrow waveband and use ofListen before Talk protocol in EN 302 208. This situation can not handle more than 70 readers at once.
15.3.1. RFID tag-reader:
The tag-reader combination differentiates theRFID system from other technological systems thatmake use of identification technologies. Publicpolicy intervention dedicated to the tag-readercombination will encompass RFID-specific ele-ments which will not be found in other identifica-tion systems.
Reader-tag systems function at specific fre-quencies. The frequency used is dependent on thespecifics of the application (required read range,data transfer rate, read-write capacity, data pro-cessing capacity). Frequency issues are coveredby a number of international organisations (ISO,ETSI, CEN). Though frequency issues seem tohave been settled with the recent adjustment ofthe UHF-band for Europe (leading to a tenfold in-crease of available frequencies in the UHF region
compared to the original situation), two issues re-main problematic. First, within Europe not allcountries have adopted the frequency regulationproposal. This is a barrier in the EU-wide dissem-ination of RFID. Second, the US still has a com-parative advantage in this frequency domain dueto a greater availability of frequencies that may beused in this band (and that may be important foritem level tagging). This might jeopardize the po-sition of Europe in two ways: the need for readersthat can function on different frequencies (the EUand the US spectrum) will continue to exist, andthere is a possibility that the available frequencyband in Europe will result in having insufficientcapacity before this happens in the USA. Thirdly,larger users of RFID have reported that specificconfigurations of RFID readers will fail when theyoperate in close proximity.201 The frequency dis-pute thus is not settled yet.
An important aspect for the widespread diffu-sion of RFID is uniformity in the data formats (theidentification data). Identification data will be do-main specific. Within animal tracking for instance,use is made of ISO standards to identify countries.Specific identifiers – such as identifying a specificfarm – are part of negotiations relating to the re-maining data fields. Up till now, the ElectronicProduct Code is the most elaborate version of adata format standard including the middleware(Savant) and the Object Name Services. Not allEPC standards are however compatible with ISOstandards for air interfaces, though the situationseems to improve for the recent EPCglobal Class 1version 2 protocol.
European policy could embark on stimulatinga specific European input and response to ISO-and EPC-committees.
A very important design aspect of the RFIDreader-tag combination is the so-called ‘privacy bydesign’ approach. RFID is often looked at as atechnology in which privacy and security go handin hand. Security measures may positively impacton the ability to protect one’s privacy. ‘Privacy bydesign’ implies that privacy is considered to be oneof the design criteria of tags, readers and backendsystems. There is a straight line to the discourse onPrivacy Enhancing Technologies in whichanonymity, pseudonimity, unobservability and un-linkability are the basic characteristics to be re-alised in an information system. Privacy by designmay be a decisive instrument in raising public trustin RFID-systems and a number of researchers inthe field of privacy and security state that “privacyby design” should be promoted.202 Within the Eu-ropean consultation workshops on RFID (held inthe spring of 2006) privacy by design was men-tioned frequently as the process with which toguard privacy and secure the communication be-tween RFID tags, readers and backend systems.The Privacy by design approach is a layered ap-proach:
• Technological: one could opt for ‘consumerin control’ solutions supported by appropri-ate encryption approaches. R&D fundinggovernments as launching customers are
options to research the technological mer-its.
• Organizational: anonymization, system de-sign, new business models. This may re-quire rethinking the privacy principles inuse today and give room to more radicalprinciples.
• Societal (rule-based protection): self-regula-tion and law are the most obvious activitieshere. Policy options are: compliance verifi-cation and harm- or abuse laws.203
• Europe could stimulate the on-going explo-ration of the privacy by design approach.
Privacy by design goes hand in hand with se-curity measures. The security concerns for RFIDare manifold, and range from preventing direct at-tacks to the reader, the tag and the reader-tag com-munication (unauthorized modification of data ontag and/or reader, de-activation, detachment or de-struction of the tag, eavesdropping, blocking, jam-ming and relay attacks) to attacks to the backendsystems. The latter ones are not typical for RFIDbut encompass a broader class of threats. Startingpoint for a security policy is to have minimum dataon the tag and to transpose all sensitive data to thebackend system. Use of encryption should bemade compulsory in high sensitive systems (iden-tity cards, health sector).
Europe could stimulate research on securityof passive RFID tags, including security architec-tures of RFID systems.
Awareness raising with respect to RFID read-ers and tags means offering people the opportu-nity, whether they are users or not, to be notified ofthe presence of RFID systems (tags, readers) and tobe notified about what data the reader collects andto what organisation the collected data will be dis-seminated. Plans as to in what technical way toenable notification of the presence and data con-tent exchanged of ambient RFID systems are underdevelopment. The Free University of Amsterdamfor instance, is preparing a so-called RFID-guardian, an instrument that enables people to lo-cate tags in goods they have bought or intend tobuy, to signal scans and to prevent unauthorized
RFI
D te
chno
logi
es
231
Tech
nica
l Rep
ort S
erie
s
202 See (Floerkemeier et al., 2005), (Juels, 2005). 203 Jeroen Terstegge, RFID Validation workshop, 3 October 2006.
readings of tags.204 Readers and tags can be madesuch that they show their presence when re-quested (‘privacy by design’). Europe could furtherstimulate the development of devices that maypromote trust in RFID uses. It could also increaseawareness for RFID-based applications by the pub-lic to ensure a better understanding of the changesat hand.
Research as to the health effects of readers sofar has shown that radiation levels are sufficientlylow that no thresholds in terms of emitted radiationdoses will be trespassed (RIVM, 2004). Neverthe-less, some concerns remain regarding long-termexposure to specific levels of electromagnetic radi-ation. This may especially be the case for workersin the logistic chain who will be called to work ona permanent basis in an environment with rela-tively high powered readers (~5 Watt) in the ultrahigh frequency spectrum. Another concern relatesto the possible detrimental effects of permanent ex-posure to radiation in specific frequency areas forpeople carrying a cardiac pacemaker.205 Finally, theconsequences of exposure to a cocktail of frequen-cies and powers are still not sufficiently researched.Europe should stimulate research in health issueswherever knowledge about the consequencesproves to be insufficient. Adoption of a Precaution-ary Principle with respect to health issues shouldbe considered.206
RFIDs themselves are composed of hazardouswaste. Two European directives can be applied:The Directive on Waste Electrical and ElectronicEquipment (/2002/95/EC) and the Directive on Re-duction of Hazardous Substances (2002/96/EC).According to the European Commission, no extraprecautions need to be taken with respect to theinterpretation of these two directives. When RFIDis only part of packaging – of electronic equipment– WEEE is not considered to be applicable. TheRoHS directive determines that specific substanceswhich are considered to be highly hazardous maynot be used in the construction of RFID chips (nei-ther in any other chip). Further awareness may beneeded against new forms of hazardous sub-
stances, relating to RFID manufacturing. In theUSA for instance, concerns are voiced regardingthe use of printed electronics.207
Finally, what is often questioned is the ap-propriateness of the existing legal framework forRFID. RFID is based on identification. Objectsidentified may be linked to persons. Applicabilityof the European privacy directives 95/46/EC and2002/58/EC is discussed on three issues:
• should all RFID data be considered as per-sonal data since all RFID data may belinked to an identifiable person at a specificpoint in the future?
• how to deal with informed consent whenpeople are not aware of data collected onthem?
• is 2002/58/EC applicable in situationswhere RFID data are collected as part oftraffic data in a subscription situation inwhich a public infrastructure has been used(for Real Time Location Services for in-stance)?
These three issues are under debate. The re-sult of negotiations on these issues is of high im-portance for the widespread diffusion of RFID. Thestakes are pretty high. For instance should the con-clusion drawn specify that IDs associated with ob-jects are personal data (due to a possible linkagesometime in the future) this will raise serious prob-lems to the widespread use of RFID in for instanceitem-level tagging. These issues also raise the moregeneric issue of the privacy approach in use today.On the other hand, one should avoid regulationswhich are technology specific - these regulationsare of no use when new technologies emerge. Onthe other hand, due to the emergence of new infor-mation system architectures, indicated as ubiqui-tous or pervasive computing and ambientintelligence, the pressure on the privacy approachthat is in use today will grow. Europe should facethe need to rethink the basic assumptions of theexisting privacy paradigm.208
15. P
olic
y an
alys
is a
nd r
ecom
men
datio
ns
232
Tech
nica
l Rep
ort S
erie
s
204 Bruno Crispo. RFID Validation workshop 3 October 2006; (Zaal, 2006).;.205 http://gtresearchnews.gatech.edu/newsrelease/eas-center.htm (‘Improving Medical Devices: Georgia Tech Research Center Expands Test-
ing Capabilities to Help Reduce Potential Interference”), posted 25 July 2006, accessed 29 November 2005.206 Gaynor Backhouse. RFID Validation workshop, 3 October 2006.207 Britta Oertel. RFID Validation workshop, 3 October 2006.208 Bart Schermer, RFID Validation workshop, 3 October 2006.
Next to these generic issues, within the re-spective application domains specific laws mayenforce or prohibit the use of RFID. An exampleof law enforcement is provided by the Europeanlaw on using RFID in animal tracking, the use ofRFID in medicine and the use of RFID in Europeanidentity cards. With respect to the European ap-proach in using law enforcement to stimulate theuse of RFID, a recent analysis shows Europe to bemuch more reserved in enforcing the use of RFIDfor opposing drug counterfeiting than the USA(IDTechEx, 2006b). Europe still considers 2D-bar-code to offer a sufficient and cheap protectionagainst counterfeiting, notwithstanding the possi-ble longer term benefits of adopting RFID.
15.3.2. Application domain
The dynamics of RFID in the various applica-tion domains differ considerably; they are depend-ent on specific requirements for RFID, expectedbenefits, expected Return on Investments, etc. Inthe cases we have studied, the overall drive to-wards the coupling of the physical world with thevirtual world is strong and offers novel economicincentives. On the other hand, experiences are stillscarce, in the sense that RFID implementation isstill in its early phases, awareness is low and bar-riers with respect to the application domain arestill prominent. Given the overview (Annex 8) onRFID-cases throughout Europe, one is tempted tosay that except for a few early adopting countries(UK, France, Germany, The Netherlands, Italy)most countries have only limited experience withthe implementation of RFID.
To improve this situation, there is a need togather experiences with the implementation ofRFID. One not only needs a technical evaluationof the implementation but an in-depth overallevaluation, taking into account the totality of tech-nical, organisational, societal and legal issueswhich apply. Next to examples of successful intro-ductions one needs examples in which the imple-mentation has not been (entirely) successful, inorder to understand better the pitfalls and barriers.
Europe could gather and disseminate informa-tion about best practices and lessons learned.
Pilots and trials are needed before one candecide about full roll-out of RFID. The yet asym-metric distribution of pilots and trials over Europeindicates that there may be a need for additionalfunds to stimulate RFID uses in countries and re-gions (and application domains) that are lagging.
Training and education is an aspect of RFIDintroduction that is often overlooked. In the caseswe have studied, training and education is not atthe forefront of activities undertaken to realise abeneficial introduction of RFID. We found a fewcases in which training was considered to be es-sential for a proper introduction of RFID (withinanimal tagging for instance). But overall, aware-ness for training and education is low. Barriers andpitfalls will differ between the cases, and probablynot all situations require in-depth training and ed-ucation facilities. The more complex and isolateduses of RFID no doubt will require sufficientlyskilled personnel to operate the equipment and todeal with unforeseen events.
We did not find many companies in Europethat are active in the field of training and educa-tion. Exemplary may be the fact that on a recentwell-known RFID congress in the UK a US-basedcompany has been invited to present its views ontraining and offer training courses on the spot.Though we did not research this issue in-depth, theevidence found point in the direction that Europefaces a backlog in providing sufficient and quali-fied RFID training and education courses.
While training and education courses will bedirected at the end-users, concerns are raised onthe size of the RFID-skilled labour force. Theseconcerns have increased over the past few years.The shortage is both quantitative (too few skilledpeople) and qualitative (sufficiently skilled peoplebut with the wrong competencies). There is a needfor technicians with radio technology skills andsoftware/business process/data architecture skills.Within Europe this shortage requires specific atten-tion, given the rather low outflow of technical ex-perts in ICT.
Table 15-2 presents an overview of actors andrelated policy issues.
RFI
D te
chno
logi
es
233
Tech
nica
l Rep
ort S
erie
s
Table 15-2: Overview of actor-related policy issues
Main actors Policy approach Activities
People Creating beneficial - Ensuring appropriate legal framework conditions (privacy, health, work, …)
- Stimulating Privacy by design- Stimulating/enforcing ‘Watchdog’ readers- Stimulating/enforcing ‘RFID Guards’- Solving health issues (workers)- Stimulating creation and rising awareness on
benefits to society
Stimulating research Social science research on RFID acceptance, trust
Raising awareness Communication campaign on RFID uses
Innovation policy instruments Supporting Pilots and trials
Firms Creating beneficial conditions Creation of limited liability pilots
Stimulating research - Research in economic feasibility of small scale RFID applications
Raising awareness - Communication campaign on RFID
Innovation policy instruments - Targeted innovation instruments:- Competition and Innovation Programme;
promoting SME involvement
Governments Launching customer Introducing RFID in public domains
15. P
olic
y an
alys
is a
nd r
ecom
men
datio
ns
234
Tech
nica
l Rep
ort S
erie
s
209 Both tools provide people with technical means to identify the presence of tags and readers and to exert influence on the exchange ofdata.
15.3.3. People
Part of what has been stated above concernsindividuals as well (training and education, skillsshortage). The lack of attention over RFID is re-flected in the surveys that have monitored aware-ness of people. Public awareness is known to below; yet, those who are aware usually considerRFID to be more beneficial than those who are un-aware. People are very much aware of the privacythreats that are related to RFID. The European Con-sultation process on RFID (having over 2200 re-sponses) showed privacy to be the top levelconcern. People consider RFID to be more threaten-ing to the privacy of people than previous ICT inno-vations which intruded the personal sphere (suchas mobile phones, and surveillance cameras).Awareness over RFID developments can be raisedby means of targeted communication campaigns inwhich a balanced view on RFID is presented.
Trust and user acceptance are important yard-sticks for the social implementation of RFID. Trustis formed by factors such as the basic attitude to-wards trust (the ability to trust), previous experi-ences, expectations regarding the performance ofthe innovation, the information provided, the val-
ues shared, the quality of the communicationabout the innovation (both effective and sufficient),and the design of the interface. Trust may be in-creased by offering people more control over theirown position within the RFID system and the col-lected and disseminated data that are related tothem. Trust may be enhanced by offering specifictools, such as the RFID-Guardian and the Watch-dog reader.209 Trust may also be enhanced by aquality mark that indicates RFID equipment to bedesigned according to specific privacy require-ments. Logo’s identifying RFID readers and overtstatements on the kind of data collected (and usesmade of the data) will be appreciated by users andwill contribute to enhancing trust.
In addition, the way users perceive the risks as-sociated with the RFID innovation is also critical.As has been demonstrated with nuclear energy andbiotechnology, risk perception is a strong determi-nant for the attitude of people vis-à-vis novel prod-ucts. Risk perception depends on factors such as thebasic risk perception attitude (which may be of var-ious kinds, such as fatalistic, hierarchical, individu-alistic or system-oriented), the level of uncertainty,the provision of personal details (the more personaldetails to be provided the higher the risk percep-
tion), the availability of alternatives, lock-in and de-pendability, and autonomy. Reduction of risk thus isnot a straight forward exercise, but an interplay be-tween people, technologies and institutions.
Health is an issue of specific concern for peo-ple who will have to work with RFID readers on apermanent basis (logistics, retail). Up till now evi-dence points to no explicit concerns, but researchprogrammes to study the consequences of longterm exposure to specific forms of electromagneticradiation are being implemented. Specific groups,such as people carrying a cardiac pacemaker, de-serve special attention. The consequences of beingexposed to mixes of frequencies require further re-search.
15.3.4. Companies
SMEs may find the business case of RFIDhardly convincing to start using RFID. More re-search is needed to come to an understanding ofbusiness cases that are profitable to firms. Theknowledge, gathered in pilots and trials by theearly adopters, should be gathered and translatedinto clear business cases that show the costs andbenefits of RFID introduction in specific situations.
European innovation policy instruments, suchas the Competitiveness and Innovation Pro-gramme, can be used to organise pilots and trialsin regions and countries where awareness on RFIDin the business community is relatively low.
New Member states and other Europeanstates fulfilling specific conditions regarding im-plementation of RFID could be supported by addi-tional funds in cases where public interest isshown to be high (for instance in the health sector).
15.3.5. Governments
National states and public organisations canact as launching customers in order to promote theuse of RFID. Whether this is a desirable role is verymuch dependent on – again – the business casethat can be presented in the respective domains.The cases we have studied identify in all situationsa number of benefits from having objects, animalsand persons tagged. Usually there is a price to pay
in terms of privacy and security concerns, controlover data flows, and reorganisation of informationprocesses within organisations. Commercial par-ties are interested in the added value (informationeconomy) that can be realised by using the aggre-gated data as a result of the additional services.Starting from the benefits, public agencies are in afavourable position to research the precise condi-tions of introducing RFID when trials and pilotsrun under their supervision (public transport, hos-pitals, identity cards).
Governments have a more extensive role aspresented in Table 15-2. Perhaps, the role of publicauthorities is essential for the beneficial uptake ofRFID. However, one could argue that market forceswill have to be leading in realising the potential ofRFID. This is a sound premise, which indicates thatgovernment initiatives should be reserved in pro-moting RFID as such, stimulating the use of RFID indomains which are still under their control (such ase-health) and when cost-benefit analysis shows thebalance to be positive. In addition, their participa-tion is justified because the parties involved in de-ployment of RFID systems will not be expected tobear the negative externalities of RFID (such asprobable loss of jobs, privacy and security con-cerns, and health issues). Governments will be ex-pected to take care of such issues. Finally, thebroader issue of awareness raising is partly govern-ment’s responsibility as well; market parties surelywill invest in raising awareness as to the beneficialaspects of RFID implementation but the public in-terest is best served with a balanced view guidedby public authorities. Again, the European consul-tation process shows citizens to be interested in re-ceiving information on emerging RFID applications.On the other hand, one needs to be cautious sincethe message of the European Commission or any ofits member states could easily be misinterpreted.210
15.4. Policy options to further research needs
In the preceding paragraphs, in addition to theproposed policy initiatives, a number of researchneeds have also been identified. Table 15-3 pres-ents the needs related to the various componentsand actors of the RFID system.
RFI
D te
chno
logi
es
235
Tech
nica
l Rep
ort S
erie
s
210 As formulated by Gaynor Backhouse during the RFID Validation workshop: “Show, not tell”.
Table 15-3: Overview of research issues
RFID-system Research issues Research orientation
reader-tag privacy by design; security aspects; health issues; Technology; health researchnew and advanced RFID technologies
application domain ‘best practices’; interoperability and standards Technology; social science
people trust and acceptance; raising awareness; health issues Social science; health research
firms business cases Organisational science; economy
15. P
olic
y an
alys
is a
nd r
ecom
men
datio
ns
236
Tech
nica
l Rep
ort S
erie
s
211 See http://www.bridge-project.eu212 See for instance the webpage http://lasecwww.epfl.ch/~gavoine/rfid/ which presents an up to date overview of recent academic papers
on privacy and security.
Such research issues cover a broad scope:from technology to management and social sci-ence. Research opportunities within Europe areprovided on a European scale and within na-tional research programmes. The most obviousimplementation of RFID research on a Europeanscale will be the IST-programme and the CIP-pro-gramme. A prime example of such a research ef-fort is the recently launched BRIDGE-project, a€7.5 Million, three year project in the SixthFramework programme for Research and Tech-nological Development.211 BRIDGE (‘BuildingRFID solutions for the Global Environment’)combines research institutes, a number of GS1offices (five from Europe and one from China),twelve solution providers and seven businessend users. The focus of BRIDGE is on providingsolutions for the supply chain in a number of ap-plication areas (anti-counterfeiting, healthcare,retail, textile, …). It will study business based re-search, provision of information services andhardware (sensor, tags) and software develop-ment.
A recent overview of RFID research in Europeshows a total of 40 collaborative research projectsbeing supported over a 5 year period by Europeanindustry and research organisations. The EuropeanCommission contributed €150 million to a totalinvestment of €306 million. The 40 projects covera broad array of issues. 41% of the project fundingis related to interoperability and standards-setting,16% to research of the radio spectrum, 20% togovernance aspects and 23% to protection of per-sonal data and privacy. We have not made an in-depth analysis of these projects (what consortia,what prime focus?) so it is difficult to judgewhether this portfolio of research covers the re-search needs in Europe.
We looked in more detail to the coverage ofRFID security aspects in the 40 selected projects.The result is that security was not a prime area ofinterest. Except for two projects – OPTAG andSWAMI – security was not mentioned as an issueto be studied in depth. In the academic world se-curity of RFID is a widely studied topic. The com-bination of privacy and security is an issue that isseriously taken on board.212 We did not find exam-ples of IST-funded research projects in which theidea of privacy by design was adopted as a startingpoint. Europe could take a vantage point by em-bedding this notion in the future FP7 programmeand develop a research program around this no-tion. This might lead to a bridging of the academicinterests in the issue of RFID security and the useof this knowledge in application oriented researchprojects. Solving the issue of security is of crucialimportance for the widespread adoption of RFID-based applications and for preventing the occur-rence of negative societal experiences.
Another research issue that is underexposedin present day research efforts is the notion of trustand user acceptance. Again, academic interest inthis issue is clearly visible. A number of Europeanresearch institutes have adopted RFID as a topic tobe studied from a social science perspective. Butsince the success of RFID applications is criticallydependent on the willingness of end-users (eitherfirms or individuals) to use the technology offered,we would argue for embedding social science re-search on RFID in the European research agenda.The field of social science research issues of im-portance for RFID is much broader than privacyand data protection. It deals with issues such asthe diffusion of innovations, the characteristics ofuser constituencies, drivers and barriers for adop-tion of RFID-based applications and the like.
The health consequences of long term en-durance to relatively high powered UHF radiation(such as in case of people working in RFID basedwarehouses) are not well understood. A number ofissues are still open (interference of cardiac pace-makers with RFID equipment, the consequencesof long-term exposure to low radiation doses andto a ‘cocktail’ of frequencies).
Research interest in future oriented RFID tech-nologies seems to be well covered by the presentgeneration of RFID projects. Industrial parties andacademic institutes co-operate in these projectsand know how to join forces.
Regarding the policy tools to be used, apartfrom the European Framework programme (espe-cially the Information Society Technologies part ofthe Seventh Framework Programme), the recentlylaunched Competitiveness and Innovation Pro-gramme is a candidate for RFID-based activities.One of the pillars of the CIP is the ICT-policy sup-port programme with a budget of €728 Million forthe duration of the programme (2007-2013) andas one of its policy goals the following is men-tioned: “provide a bridge between research invest-ment and wide adoption, by providing a testingground for pan-European electronic services inboth the public and private sectors”.213
Since many of the RFID implementation proj-ects are Member State based, it seems appropriateto stimulate nation-based research activities. Theseactivities can be dedicated to researching specificbusiness cases, such as the use of RFID in health,animal tagging and libraries, and the role of SMEsin the RFID value chain. Having such a nation-based research programme in various countriescreates an incentive for a comparative analysis inwhich country specific factors are analysed in re-lation to successful and failed RFID implementa-tion trajectories.
15.5. Policy recommendations
RFID technologies are emerging in a varietyof application domains. Notwithstanding the con-tribution RFID might offer to these application do-mains, RFID is still far away from widespread
diffusion. Many RFID implementations concern pi-lots and trials meant to improve understanding ofwhat can be done with RFID, what pitfalls to avoidand what gains to realise. The potential of RFID isenormous, and is expected to materialise withinthe next ten to fifteen years. This makes RFID aninteresting and challenging policy domain.Though the baseline scenario should be that themarket will shape the future of RFID technologies,and governments thus may take a backward posi-tion, a deeper investigation of issues that are atstake shows many issues to have policy relevancy.In the preceding paragraphs we have indicated –along the lines of the RFID-system (reader-tag andbackend systems), its application domains and themost important actors – the kind of policy chal-lenges that are at stake. This turns out to be a ratherlengthy list of activities, which we have groupedinto five main domains:
• stimulating research,
• creating beneficial conditions,
• raising awareness,
• developing innovation policy instruments,
• a role as launching customer (for govern-ments only).
The range of policy actions shows to be verybroad and entails issues such as frequency policy,communication campaigns, supporting privacy bydesign approaches, ensuring security of RFID sys-tems, stimulating training and education pro-grammes, etc. They all contribute to counteringthe famous ‘Collingride dilemma’: When a tech-nology is still in its infancy, it is very difficult toshape the technology and to tune it to potential so-cial and economic problems that may arise whenthe technology is full-fledged introduced. On theother hand, when a technology is widely dissemi-nated, it becomes highly problematic to alter thecourse of events and to re-shape the specific tech-nology. RFID is a technology in its early stages,and the technology and innovation assessment wehave made show a distinct number of pitfalls thatshould be avoided to reap the full benefits of RFID.The policy challenge is to create a policy frame-work that will stimulate beneficial uses of RFID,that will regulate a level playing field for RFID, thatwill coordinate the learning experience offered by
RFI
D te
chno
logi
es
237
Tech
nica
l Rep
ort S
erie
s
213 See http://ec.europa.eu/enterprise/enterprise_policy/cip/index_en.htm
RFID and that will prevent the detrimental conse-quences of unreflective introduction of RFID to be-come a reality.
In this final paragraph we will try to refocusthese policy issues on a slightly more abstractlevel. Together these span up the proposed policyarena and the innovation system for RFID.
15.5.1. Technology and research policy
The main instrument for stimulating researchand technology developments in the area of RFIDfor the European Commission is its FrameworkProgramme (7th FP from 2007 till 2013). Within the7FP, a total of 13 Billion Euro has been reservedfor the IST-programme. This programme – thebiggest of the nine thematic programmes, in thecoordination part of the framework – has formu-lated a working programme that centres aroundseven challenges and two cross-cutting issues. Theseven challenges mention RFID in a number of sit-uations (healthcare delivery, intelligent vehicle andmobility systems, micro and nano systems, organ-ics displays and future networks). What is lackingis attention for privacy by design and security is-sues. These could get more specific attention inone of the foreseen calls, related to the IST-pro-gramme.
Considering the focus of FP7 on the EuropeanTechnology Platforms, RFID could become a corein a European Technology Platform on sensor net-works, ambient intelligence and/or personalizedcontext aware services, in case these networksshould be created. Within the ETP eMobility RFIDis one of the technologies that is mentioned in thecontext of a number of research challenges(healthcare, robotics, deployment issues). Thoughnot central stage, these hooks may offer interest-ing (additional) opportunities to have technical re-search on RFID issues and prospects, and are inline with the general approach that RFID researchshould be application oriented.
15.5.2. Innovation policy
The Competitiveness and Innovation frame-work Programme has a total budget of 4 Billion
Euro of which some 700 Million Euro is reservedfor the ICT Policy support programme, which is oneof the three pillars of this programme. The rationalebehind CIP stresses that several indicators show theEU is lagging in terms of entrepreneurship, sustain-able innovation, use of ICT and (sustainable) energyinnovation. Several EU-programmes have been es-tablished to solve this problem. Within the contextof ICT the Commission refers to the e-Ten, the MO-DINIS and the eContent programme. These pro-grammes fail however to address the innovationproblem in a synergetic and holistic manner. CIPwill complement major initiatives such as the co-hesion activities, the framework programme forresearch and the EU programme for lifelonglearning. As of today, it is hard to see in whatmanner RFID issues will be taken on board. Ac-cording to the CIP website, no specific actionprogramme is in place today. Given the focus ofthe ICT policy support programme, it is clearlypossible to have RFID-related activities financedwithin this programme, the focus of the CIPbeing to:
• “underpin regulatory and research actionsof the Commission to stimulate emergingdigital economy based on the convergencebetween network services, media contentand new electronic devices
• provide a bridge between research invest-ment and wide adoption, by providing atesting ground for pan-European electronicservices in both the public and private sec-tors
• reinforce European cultural and linguisticidentities by support for the production anddistribution of European digital content
• assist the development of an open and in-clusive European Information Societythrough stimulating innovative approachesto inclusion, quality of life and public serv-ices.” 214
Actions within the CIP could focus on the roleof SMEs, the contribution of countries that are lag-ging in the adoption and diffusion of RFID, the es-tablishment of a database with best (or: good)practices in the introduction of RFID, and the es-tablishment of ‘communities of interests’ or ‘com-
15. P
olic
y an
alys
is a
nd r
ecom
men
datio
ns
238
Tech
nica
l Rep
ort S
erie
s
214 http://ec.europa.eu/enterprise/enterprise_policy/cip/index_en.htm
munities of practitioners’ over various memberstates and over different RFID application do-mains.
15.5.3. Regulatory activities
The reflections on the state of affairs regardingthe regulatory issues concerning RFID focus ongeneric issues such as privacy and security on theone hand and more specific issues such as law en-forcement in special domains (such as animaltracking) on the other hand. The privacy and se-curity issues are the most outspoken instances ofregulatory activities that need to be undertaken.Various European legislative bodies and organiza-tions have focused on these issues. The most im-portant European directives (the so-called privacydirective 95/46/EC and the e-Privacy directive2002/58/EC) do not settle the dispute on personaldata to be collected with RFID. A number of issuesare under discussion yet. Starting point for the Ar-ticle 29 Working Party is that all RFID-data can be-come personal data in due time. Another issue tobe solved is the issue of informed consent, whichis problematic given the automatic collection ofpersonal data by RFID-systems. A third issue iswhether 2002/58/EC applies for instance in usingNFC, given the interpretation of NFC data as traf-fic data relating to subscribers of telecommunica-tion services. These issues require more attention,especially since the European consultation hasshown that European citizens place a lot of em-phasis on the privacy consequences of RFID.
Law enforcement as a means to enforce spe-cific behaviour should be applied with utmost care.In case of animal tracking, law enforcement is ben-eficial both from the point of view of animal welfare(no need to destruct large quantities of animals incase of an infectious disease outbreak) and people’shealth. In this situation it seems appropriate to usethe instrument of law enforcement. One can imag-ine that in the case of drugs anti-counterfeiting spe-cific laws may be created that support theanti-counterfeiting strategy in order to increase thewell-being of (European) citizens. On the otherhand, the continent of Africa is much more prone todrugs counterfeiting than Europe, and law enforce-ment would probably not change that situation. USanalysts point at the backward position of Europein this respect (IDTechex, 2006b). This might be anissue to take more care of.
Another example of law enforcement is theuse of RFID based biometrics in European identitycards. Though the political battle over which datato present to the USA in case of European citizensflying to the USA is not over yet, the implicationsfor the required RFID readiness of electronic iden-tity cards are rather clear.
Other regulatory aspects relating to RFID dealwith environmental degradation (WEEE directiveand RoHS directive), and with health conse-quences. Regarding WEEE (directive 2002/95/EC),in the USA concerns are raised against the use ofprinted electronics (silver ink antenna’s for in-stance) which may cause extra environmental bur-dens. Regarding health issues, the baselineapproach is that no detrimental consequences areknown for exposure to RF radiation. This is studiedfor instance in the case of use of mobile phones(microwave radiation). Health issues which are yetnot clearly known relate to two problem areas:long term exposure in high radiation environment(logistics for instance) and the consequences ofbeing exposed to ‘cocktails’ of radiation (mixedfrequencies).
15.5.4. Stimulating adoption and dissemi-nation of RFID
This heading encapsulates a broad range ofactivities, from broadly disseminated communica-tion campaigns to the public at large, more fo-cused communication campaigns to specificaudiences (such as SMEs), activities to enforcetraining and education programmes, activities toincrease the number of skilled RFID professionals,targeted subsidies for pilots and trials, dissemina-tion of learning experiences, and stimulation pro-grammes for specific countries and regions.
Communication campaigns can contribute toraising awareness by the public at large for the‘silent revolution’ that takes place today. The out-come of the European consultation process clearlypoints in the direction of the need for more andbetter communication about the various aspects ofRFID. Other studies have shown that people whoare better informed are more inclined towards thebeneficial uses of RFID than those who are not.There is thus a premium on a good communica-tion strategy. The problem is that RFID is an en-abling technology which can be used in a variety
RFI
D te
chno
logi
es
239
Tech
nica
l Rep
ort S
erie
s
of settings, but the consequences of using RFIDwill always be situation specific. It is no use to in-form the public on the mere presence of RFID as anovel and enabling technology. What is required isan approach in which the application areas ofRFID are leading in illustrating the chances towhich RFID may give rise. These chances may befor better and for worse; both sides have to becommunicated.
Next to these broad campaigns there is a needfor more focused communication campaigns.These might be specifically directed at SMEs; over-all, SMEs face the problem that they are too smallto bear the initial costs of deploying RFID tech-nologies, while they may be confronted with re-quirements of vendors to re-organise their logisticsin such a manner that RFID can be used (as is forinstance the case in the Wal*Mart situation). SMEsmay be interested in supporting RFID technologieswhen the advantages for them are sufficientlyclear. Business cases that demonstrate the viabilityof RFID (in specific situations) and that show RoI-times to be beneficial might be one way to go for-ward. This requires a dedicated effort oftechnology transfer centres within the Europeancountries. Budgets to establish such dedicatedawareness campaigns must be made available.
New Member States are another point in re-spect. The overview shows these European Mem-ber States to be lagging in the overalldissemination of RFID. For one, the EU might wantto create a knowledge base which shows the pres-ence of RFID cases in all Member States, in orderto keep track of the dissemination of RFID over the25 European Member States. Given the empiricaldata used in this study, the backward position issurely not only related to the Member States. A fo-cused financial effort might help in getting suffi-cient RFID-pilots and trials running in thesebackward countries, in order to prevent them fromfacing an ever increasing backlog. Successful prac-tices in other Member States may be used as start-ing point to research the potentiality of startingsimilar practices in other Member States. Lessonslearned can be disseminated in order to create alevel playing field.
An issue that is largely ignored in RFID trialsand pilots is the required training and educationof (end-) users. In those situations where it is takenon board (animal tracking, for instance) it shows
to be a highly determining factor for successful orfailed introduction of RFID practices. Awarenesson the need for training and education and the es-tablishment of a European basis for a training andeducation programme including promoting com-mon terms of reference and development of base-line skills, could be an issue to support at Europeanlevel.
Awareness with respect to the employmentconsequences of RFID is another issue which de-serves more attention. Overall, information aboutthe employment consequences of RFID is scarce.The main suppliers of RFID technologies do nothave an interest in putting this issue high on theagenda. This issue could be addressed preferablyat European level by starting a research activitythat is dedicated to getting a better view on theemployment consequences of wide spread dis-semination of RFID, based on realistic prognosesregarding the diffusion of RFID in distinct applica-tion domains. The results of such a study may becompared with scenario-studies directed at abroader array of societal trends such as ageing, mi-gration, up-skilling, etc, in order to help develop aset of policy recommendations concerning the em-ployment consequences of RFID.
The other side of the emergence of RFID is thenoted shortage of RFID-skilled professionals. Astudy as to whether the stated imbalance (raisedwithin the USA) is valid for the European situationas well could be also undertaken. This is part ofthe broader societal discourse on foreseeableshortages of the technically skilled workforce inEurope and should thus be treated as part of thisdiscourse.
15.5.5. Acting as launching customer
Finally, governments could adopt a role aslaunching customer. Though much attention goesto the prospects of item level tagging and the busi-ness cases associated with the full roll-out of RFIDon the supply chain, we have demonstrated in thisstudy that a number of highly challenging appli-cation areas are related to public domain applica-tions, such as public transport, animal tracking,identity cards and healthcare. A number of thecases we have studied are clearly in the realm ofpublic-private partnerships (such as public trans-port) or regulated private spaces (such as in case ofanimal tracking). Regulatory issues are within the
15. P
olic
y an
alys
is a
nd r
ecom
men
datio
ns
240
Tech
nica
l Rep
ort S
erie
s
jurisdiction of (European, national or regional) au-thorities.
Governmental judgement to support the in-troduction of RFID in specific public domains willbe based on the profits that can be made with in-troducing RFID. These profits need not only beeconomic profits (efficiency gains for instance) butmay also be encapsulated in enhanced publicvalue (better healthcare, improved public trans-port, a more secure society, etc.). Since govern-ments operate in a political arena (in which
business incentives may be very important but
need not be dominant) the political assessment of
the feasibility of specific RFID applications will be
based on a variety of incentives. The case studies
indicate that economic parameters (efficiency
gains) are important but are positioned in the per-
spective of improved service delivery and added
value services. Given the potential of RFID to im-
prove public services, the role of governments as
launching customer should get more attention.
RFI
D te
chno
logi
es
241
Tech
nica
l Rep
ort S
erie
s
Annex 1: References
RFI
D te
chno
logi
es
243
Tech
nica
l Rep
ort S
erie
s
AIM Global. 2006. Why RFID chips can’t infect cats - or computers. March 20. 2006.http://www.usingrfid.com/news/read.asp?lc=c62028cx673zn&version=printable
Allbrecht, K. 2005. RFID: The Doomsday Scenario. In: Garfinkel, S. & Rosenberg, S. 2005. RFID, Applica-tions, Security and Privacy. Addison Wesley.
American Civil Liberties Union (ACLU). 2004. Naked data: how the U.S. ignored international concerns andpushed for radio chips in passports without security. An ACLU White paper. November 24 2004.
Article 29 Working Party on Data Protection. 2005a. ‘Working document on data protection issues relatedto RFID technology’. 10107/05/EN. 19 January 2005.
Article 29 Working Party on Data Protection. 2005b. ‘Results of the Public Consultation on Article 29 Work-ing Document 105 on Data Protection Issues Related to RFID Technology’. 1670/05/EN. 28 September2005.
Ashbourn, J. 2006. The societal implications of the wide scale introduction of biometrics and identity man-agement. Background paper for the Euroscience Open forum ESOF 2006 in Munich. July 2006.
Auto-ID center. technical report. 860MHz–930MHz Class I Radio Frequency Identification Tag Radio Fre-quency & Logical Communication Interface Specification. Candidate Recommendation. Version 1.0.1.http://www.epcglobalinc.org/standards_technology/Secure/v1.0/UHF-class1.pdf
Bagué, S. 2005. Overviews Current Biometric Implementations in European Union Member States. For:The European Biometrics Portal. September 29, 2005.
Becker. G. 2006. Animal identification and meat traceability. CRS Report for Congress.
Bickmore, T., & Cassell, J. 2001. Relational agents: a model and implementation of building user trust. Pro-ceedings of SIGCHI ’01. March 31 – April 4. Seattle, WA. USA. 396-403.
BIGresearch & Artafact LLC. 2004. RFID Consumer Buzz. October 2004. www. bigresearch.com
The Boston Consulting Group. 2003. Customer Acceptance of FSI Applications Metro AG press Release. Oc-tober 2003.
CAP (Consulting Technology Outsourcing) & National Retail Federation. 2004. RFID and Consumers: Un-derstanding their mindset. http://www.nrf.com/download/NewRFID_NRF.pdf
Capgemini. 2005. RFID and Consumers – What European consumers think about radio frequency identifi-cations and the implications for businesses.
Carr, N.G. 2003. IT doesn’t matter. The Harvard Business Review. May 2003.
EPCglobal. 2004. The EPCglobal Network. September 24, 2004.http://www.epcglobalinc.org/news/EPCglobal_Network_Overview_10072004.pdf
Cassell, J. & Bickmore, T. 2000. External Manifestations of Trustworthiness in the Interface. Communicationsof the ACM. 43(12). 50-56.
Centre for Democracy and Technology. 2006. Privacy Best Practices for Deployment of RFID Technology– Interim draft. May 2006.
Chappell, G., Durdan D., Gilbert G., Ginsberg L., Smith J. & Tobolski, J. 2003. Auto-ID in the Box: theValue of Auto-ID technology in retail stores. Accenture and Auto-ID Centre MIT. February 1, 2003
Cheskin Consulting and Strategic Market Research & Studio Archetype/Sapient. 1999. eCommerce TrustStudy. January 1999.
Clap, S. 2006. House votes to freeze FY2007 spending for animal ID. Food Traceability Report. June 2006.6 (6).
CompTIA. 2006. CompTIA adds Depth to shallow pool of RFID talent.
Convert, James. 2004. Business Solutions: Down, but far from out: RFID technology is off to a disappointingstart; but retailers are convinced its future is as bright as ever. Wall Street Journal. January 12. 2004. p. R5.
Corsten, D. & Gruen, T.. 2004. Stock-Outs mean Walkouts. Harvard Business Review. May 2004. 82 (5)
Davis, F. D. 1989. Perceived usefulness, perceived ease of use, and user acceptance. MIS Quarterly. 13 (3).319-340.
DEFRA/ADAS. 2005. English Pilot Trial of EID/EDT in sheep. DEFRA. 31 October 2005.
DHS Emerging Applications and Technology Subcommittee. 2006. The use of RFID in human identification.Draft report to the Full Data Privacy and Integrity Advisory Committee. version 1.0. 2006.
Dillon, A., & Morris, M. G. 1996. User acceptance of information technology: Theories and models. An-nual Review of Information Science and Technology. 31. 3-32.
ECP 2005. Privacyrechtelijke aspecten van RFID (‘Juridical aspects on RFID and privacy’). Den Haag: ECP.nl.
EPC global. 2005. Guidelines on EPC for Consumer Products. Revised September 2005.
E-skills forum. 2004. E-skills for Europe: Towards 2010 and beyond. Synthesis ReportThe European Con-sumer’s Organisation. Consumer concerns on potential applications around RFID. Issue:http://www.rfidconsultation.eu/docs/ficheiros/ISSUE_PAPER_RFID_Workshop__BEUC.pdf
European Biometrics Portal. Biometrics in Europe. Trend report Unisys. Brussels. June 2006.
European Commission. 2006a. Radio-Frequency Identification tags (RFID) Portfolio of European research(Factsheet).
European Commission. 2006b. Appendix III: EU-funded Research and developments projects. February 2006.
European Commission .2006c. The RFID Revolution: Your voice on the Challenges, Opportunities andThreats. Online Public Consultation. 16 October 2006.
European Commission 2006d. Next steps in the EU RFID policy initiative. Directorate General InformationSociety and Media Belgium. Final Conference on RFID. 16 October 2006.
European Commission. 2004. Smart Wireless Tags research needs: consultation report: Part of the wideconsultation for the definition of the content of the work programme 2005-2006. Information SocietyTechnologies Programme, Directorate D: Communication Networks, Security and Software-applica-tions. Unit D5: ICT for business.
Eurosmart. 2004. Recommendations for European Electronic visa and passport Recommendations to Euro-pean Union. October 2004.
Finkenzeller, K. 2003. RFID handbook, fundamentals and applications in contactless smart card and iden-tification. Willey. 2nd Edition.
Floerkemeier, C., Schneider, R.& Langheinrich, M. 2005. ‚Scanning with a purpose – Supporting the Fair In-formation Principles in RFID Protocols.
FOIS. 2004. Security Aspects and Prospective Applications of RFID Systems. BSI. October 2004. Federal Of-fice for Information Security.
Forrester. 2005. RFID: The Complete Guide. Forrester Research.
Ann
ex 1
: Ref
eren
ces
244
Tech
nica
l Rep
ort S
erie
s
Forrester. 2005. The information workplace will redefine the world of work – at last!
Friedewald, M., Lindner, R. & Wright, D. 2006. Safeguards in a World of Ambient Intelligence (SWAMI);Threats, Vulnerabilities and Safeguards in Ambient Intelligence. Deliverable D3.
Garfunkel, S.& Rosenberg, B. 2005. RFID, applications, security, and privacy. Edison-Wesley.
Garfunkel, S., Juels, A. & Pappu, R.. 2005. ‘RFID Privacy: An Overview of Problems and Proposed Solutions’.IEEE Security & Privacy. May/June 2005.
Gartner. 2005a. Hype Cycle for Radio Frequency Identification.
Gartner. 2005b. Understanding Gartner’s Hype Cycles. 2005. ID Number G00128180.
Gartner. 2005c. Market Share and Forecast: Radio Frequency Identification, Worldwide, 2004-2010 (Exec-utive Summary). November 2005.
Group Radish/CSCI E-170. 2005. National Identification Cards: Balancing Technology & Privacy www.sim-son.net/ref/2005/csci_e-170/p2/radish.pdf
The Guardian. 2004. I’ve got you under my skin. URL: http://technology.guardian.co.uk/online/story/0,3605,1234827,00.html
Heydt-Benjamin, T. S., Bailey, D. V., Fu, K, Juels, A. & O’Hare, T. 2006. Vulnerabilities in First-GenerationRFID-enables credit cards, In Press. see www.rfid-cusp.org
Hoepman, J-H., Hubbers, E., Jacobs, B., Oostdijk, M. & Wichers Schreur, R. Crossing borders: Security andPrivacy Issues of the European e- passport. www.cs.ru.nl/~jhh/publications/passport.pdf
Holvast, J. 2001. ‘Privacy en beveiliging in het perspectief van de Wet bescherming persoonsgegevens’. Con-tribution to the Dutch Yearbook Security.
Home Office. 2003. Identity Cards. the next steps. Document Cm 6020. November 2003.
IBM. 2005. RFID: A driving force for innovation.
IDC. 2004. Worldwide and U.S. RFID Services competitive Analysis and Leadership Study. 2004: Disrup-tive Technology in Waiting and why the Services Value Chain Matters.
IDTechEx. 2005a. RFID Forecasts, Players and Opportunities2006 to 2016.
IDTechEx. 2005b. Active RFID 2006 – 2016, fast growth and Zigbee, WiFI and Bluetooth leverage.
IDTechEx. 2005c. RFID in Healthcare 2006-2016.
IDTechEx. 2006. The RFID Knowledge Base – Sample Case Studies.
IDTechEx. 2006a. London – Transport for London TfL. Oyster Card UK. 26 January 2006.
IDTechEx. 2006b. Drug counterfeits in Europe – Another Wake-up Call. Smart Labels Analyst Issue 67. Au-gust 2006. 22-23.
IEEE. 2006. Security and Privacy in RFID and Applications in Telemedicine. IEEE Comm.Mag. April 2006.
ISO/IEC standard 9798-2. 1999. Information technology - Security techniques - Entity authentication - Part2: Mechanisms using symmetric encipherment algorithms.
ITU. 2005. Internet of Things – ITU Internet report.
Juels, A. 2006. RFID Security and Privacy: a Research Survey. 28 September 2005. To appear in IEEE Jour-nal on Selected Areas in Communication. 2006.
Juels, A., Rivest, R. & Szydlo, M. 2003. The blocker tag: selective blocking of RFID tags for consumer pri-vacy. CCS’03. October 2003. Washington.
RFI
D te
chno
logi
es
245
Tech
nica
l Rep
ort S
erie
s
Kfir, Z. & Wool, A.. 2005. Picking virtual pockets using relay attacks on contactless smartcard systems.Cryptology ePrint Archive. Report 2005.
Kim, Y.K.. 2002. Consumer Value: An Application to Mall and Internet Shopping. International Journal ofRetail and Distribution Management. 30 (12). 2002. 595-602.
Lee, J., Kim, J., & Moon, J.Y. 2000. What makes Internet users visit cyber stores again? Key design factorsfor customer loyalty. Proceedings of CHI ‘2000, The Hague, Amsterdam. 305-312.
Lewandowsky, S., Mundy, M. & Tan, G.P.A. 2000. The dynamics of trust: comparing humans to automa-tion. Journal of Experimental Psychology: Applied. vol. 6. 104-123.
Liard, Michael. 2004, White Paper: Radio Frequency Identification (RFID) Middelware Solutions: Globalmarket Opportunity. Venture Development Corporation.
Löer, Th., 2005. Implementing the German ePassport. Keesing Journal of Documents & Identity. issue 14. 2005
Loretto, Jonathan. 2005. Understanding the impact of RFID technologies and enhancing business perform-ance. KAZ White Paper. KZA Group Ltd.
MIC (Ministry of Internal Affairs and Communications), METI (Ministry of Economy, Trade and Industry)Government of Japan. 2004. Guidelines for Privacy Protection with regard to RFID tags. July 8. 2004.
Molnar, D.A. 2005. Security and Privacy in two RFID deployments, with new methods for private authen-tication and RFID pseudonyms. M.Sc. thesis. University of California.
Moon, J., & Kim, Y. 2001. Extending the TAM for a World-Wide-Web context. Information & Management.38 (4). 217-230.
MSNBC. 2006. Identity tags implanted under workers skin. February 13, 2006.
URL: http://www.msnbc.msn.com/id/11331144/
NVVIR. 2005. Privacy en andere juridische aspecten van RFID: unieke identificatie op afstand van pro-ducten en personen.
OECD. 2004. Information Technology Outlook. Chapter 6: ICT skills and employment.
OECD. 2005. New perspectives on ICT skills and employment.
OECD. 2006. RFID: Drivers, challenges and public policy considerations.
OECD. 2006a. Radio-frequency identification (RFID): Drivers, challenges and public policy considerations.Report DSTI/ICCP(2005)19/FINAL, published on 27 February 2006.
OECD. 2006b. Foresight Forum “Radio Frequency Identification (RFID) applications nd public policy con-siderations – Proceedings. DSTI/CCP(2006)7
Pape, W. and Smith, G. 2006. The NAIS database is on firm middleware ground. Food Traceability Report.June 2006. Vol. 6, No. 6.
Patrick, A. 2002. Privacy, trust, agents & users: a review of human-factors issues associated with buildingtrustworthy software agents. Human Factors of Trustworthy Agents. National Research Council. Canada.1-12.
Ping Zhang, Na Li. 2005. The importance of affective quality. Communications of the ACM. 48 (9). 105-108.
Politecnico di Milano. 2005. RFID tra presente e futuro. Collana Quaderni AIP. April 2005.
Politecnico di Milano. 2006. RFID alla prova dei fatti. June 2006.
Privacy Rights Clearinghouse. 2003 RFID Position Statement of Consumer privacy and Civil Liberties Or-ganisations. http://www.privacyrights.org/ar/RFIDposition.htm
Ann
ex 1
: Ref
eren
ces
246
Tech
nica
l Rep
ort S
erie
s
RAND. 2005. 9 to 5: Do you know if your boss knows where you are? Case studies of RFID usage in theworkplace.
Rander, R., & Rothchild, M.1975.On the allocation of effort. Journal of Economic Theory. 10. 358-376.
Reed, J., Erickson, J., Ford, J., & Hall, N.P.. 1996. The After Effects of a Residential Marketing Program: Im-plications for understanding market transformation. In: Building Skills and Strategies for Individuals andOrganizations: Proceedings from the 1996 AESP Annual Meeting. Boca Raton: Association of Energy Ser-vice Professionals. 250-259.
Reed, J. & Hall, N. 1998. Market Transformation and the adoption and diffusion of innovations. In: Reed,J., Hall, N. Energy Centre. Market Effects Study. TecMRKT Works. Arlington/Oregon. May 1998.
Redding, V. 2006. The RFID Revolution: challenges and options for action. Member of European Commis-sion – Commissioner for Information Society and Media. International CeBIT Summit.
Registratiekamer, TNO. 1995. Privacy enhancing technologies: the path to anonymity. The Hague.
RFID Tribe 2006. The RFID Workforce: The Fast and the Furious. April 2006.
Rieback, M. 2006. Tag-borne attacks against RFID middleware. Presentation in SAFE-NL workshop. 8 June2006. Delft. The Netherlands.
Rieback, M., Simpson, Crispo, B. & Tanenbaum, A. 2006. RFID Viruses and Worms.http://www.rfidvirus.org/. Department of Computer Science. Vrije Universiteit Amsterdam.
Riegelsberger, R. & Sasse, M.A. 2001. Trustbuilders and trustbusters: the roll of trust cues in interfaces to e-commerce applications 1st IFIP Conference on e-commerce, e-business, e-government (i3e). October 3-5 2001. Zurich. Switzerland. 17-30.
RIVM. 2004. Gezondheidseffecten van blootstelling aan radiofrequente electromagnetische velden.(‘Health consequences of exposure to radiofrequency electromagnetic fields’). RIVM-rapport861020007/2004.
Roache, A., McCullagh, D., 2006. New RFID travel cards could pose privacy threat, CNET News.com,19/4/2006
http://www.zdnetasia.com/news/software/0,39044164,39352807,00.htm
Rogers, E.M. 1962. Diffusion of Innovations. New York: The Free Press of Glencoe.
Rogers, E. 1995. Diffusion of Innovations. 4th ed. New York: The Free Press of Glencoe.
Rotter, J.B. 1980. Interpersonal trust, trustworthiness, and gullibility. American Psychologist. 35 (1). 1-7.
Roussos, Georges. 2004. Building Consumer Trust in Pervasive Retail. International workshop series: infor-mation sharing and privacy. Tokyo. Japan.
Schneier, B. 2005. Fatal flaw weakens RFID passports. Wired news. November 3, 2005.
Sharma, Aditya & Citurs, Alex. 2005. Drivers and rationales in RFID adoption and post adoption integra-tion: an integrative perspective on IOS adoption. DIGIT 2005. 1-22.
Smith, T. 2005. A Focus on Animal Electronic Identification.http://fsrio.nal.usda.gov/document_fhseet.php?product_id=61 (visited 13 June 2006).
Sopensky, E. 2005. The technology behind e-passports promises to dramatically streamline the global move-ment of goods and people. Foreign Service Journal. December 2005. 29-35.
Spiekermann, S. & Ziekow. H. 2006. ‘A systematic analysis of privacy threats and a 7-point plan to addressthem’. Journal of Information System Security. 1 (3).
RFI
D te
chno
logi
es
247
Tech
nica
l Rep
ort S
erie
s
Steven, Toby, Enterprise Privacy Group. 2005 Privacy Code of Conduct for RFID Technologies. EnterprisePrivacy Group. Hants.
Squires, P. & Neary, D.P. 2006. Optimizing RFID readiness: When business as usual intersects with disrup-tive technology.
Technische Universität Darmstadt. 2005. Department of Computer Science. RFID Seminar. Winter Term2005/2006.
Telematica Instituut. 2006. RFID: Kans of bedreiging? Een blik op RFID toepassingen en verkenning van debeleidsimplicaties. Enschede.
UK RFID Council. 2006. A UK code of practice for the use of radio frequency identification (RFID) in retailoutlets. Release 1.0, 12 April 2006.
University of Florida. 2000 2000 Retail Survey Report.
USA Strategies Inc.. 2005. RFID Adoption in the retail industry. Willowbrook. Illinois.
Venkatesh, V., Morris, M. G., Davis, G.B., & Davis, F. D. 2003. User acceptance of information technology:Toward a unified view. MIS Quarterly. 27 (3). 425-478.
Volmer, B. Chr. 2006. Biometrics, RFID technology, and the ePassport: are Americans risking personal se-curity in the face of terrorism? M.A. thesis. Georgetown University. 2006.
Von Locquenghien, K. 2006. On the potential social impact of RFID-Containing everyday objects. Science,Technology & Innovation studies. vol. 2.
Westin, A. 1967. Privacy and Freedom. London: The Bodley Head.
Wireless Healthcare. 2004. RFID as an eHealth Platform in eHealth-insider. URL: http://www.e-health-in-sider.com/news/item.cfm?ID=959
Witteman, M. 2005. Attacks on Digital Passports. Riscure. July 28.
Yankee Group. 2004. Users and Vendors are beginning to explore the Utility of RFID Technology in the Sup-ply Chain.
Zaal, R. 2006. RFID-intimiteiten zijn binnenkort te pareren (‘RFID-intimacies can soon be warded off’). Au-tomatiseringsGids 28 July 2006.
Related URLs
http://www.rfidjournal.com
http://autoid.mit.edu//
http://www.epcglobalus.org
http://www.dutchrfid.nl
http://europa.eu/information_society
http://cordis.europa.eu/search/
http://ec.europa.eu/research/aeronautics/projects/article_3718_en.html
http://www.rfidconsultation.eu/
Ann
ex 1
: Ref
eren
ces
248
Tech
nica
l Rep
ort S
erie
s
Annex 2: Acronyms
RFI
D te
chno
logi
es
249
Tech
nica
l Rep
ort S
erie
s
AIM Automatic Identification and Mobility
ANSI American National Standards Institute
CAPEX Capital Expenditures
CRM Customer Relationship Management
DRM Digital Rights Management
EAN European Article Numbering Association
EPC Electronic Product Code
ERP Effective Radiated Power; Enterprise Resource Planning
FCC Federal Communications Commission
FDX Full Duplex
GCI Global Commerce Initiative
GDS Global Data Synchronization
GPRS General Packet Radio Service
HDX Half Duplex
ICAO International Civil Aviation Organization
ICT Information and Communication Technologies
ISO International Standards Organization
IST Information Society Technologies
IT Information Technologies
LF Low Frequency Band
HF High Frequency Band
NFC Near Field Communication
OPEX Operational Expenditures
PIN Personal Identification Number
RFID Radio Frequency IDentification
SAW Surface Acoustic Wave
UCC Uniform Code Council
UHF Ultra High Frequency Band
UMTS Universal Mobile Telephone System
USDA United States Department of Agriculture
UWB Ultra Wide Band
Annex 3: Regulatory status RFID in the UHF spectrum215
RFI
D te
chno
logi
es
251
Tech
nica
l Rep
ort S
erie
s
The table attached provides an overview ofthe Ultra High Frequency (UHF) regulationsworldwide. Each entry includes the following data:
• Country name. All GS1 member countriesas well as major non-member countries areincluded, representing a total of 98,46% ofthe world Gross National Income (GNI) ac-cording to EPCglobal. (http://www.epcglob-alinc.org).
• Status. The following convention indicatesthe status of UHF regulation in the country:
OK Regulations are in place or will be inplace shortly
IP In Progress. Appropriate regulationsexpected first half of 2006
NA Information Not Available
• Frequency. Indicates the frequency band(s)authorized in the country for RFID applica-tions. The objective is to get a band avail-able in the 860 to 960 MHz spectrum.
• Power. Indicates the maximum poweravailable to RFID applications. The power
is expressed either as EIRP (EffectiveIsotropic Radiated Power) or ERP (EffectiveRadiated Power). Please note that 2 WattsERP is equivalent to 3.2 Watts EIPR.
• Technique. Indicates the reader to tag com-munication technique. FHSS stands for Fre-quency Hopping Spread Spectrum and LBTstands for Listen Before Talk.
• Comments. Provides additional informationon the regulatory status.
The following statistics can be derived fromthe data that are currently available:
• Regulations are in place or will be in placeshortly in 29 countries representing 72% orthe global GNI.
• Regulations should be settled by the firsthalf of 2006 in 27 countries representing12% of the global GNI.
• Issues need to be sorted out in 5 countriesrepresenting 11% of the global GNI.
• Information is not yet available for 55 coun-tries representing 4% of the global GNI.
215 Data up to date 6 June 2006; excerpt from:http://www.epcglobalinc.org/standards_technology/RFID%20at%20UHF%20Regulations%2020060606.pdf
Country Sta-tus Frequency Power Technique Comments
Algeria NA
Argentina OK 902-928 MHz 4 W eirp FHSS
Armenia IP 865.6-867.6 MHz
Australia OK 920-926 MHz 4 W eirp 4W eirp available through licensemanaged by GS1 Australia. Situationlikely to remain until 2007 at which time it is hoped that a permanent change to a limit of 4 W eirp will be made
Austria OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since 2 February 2006
Azerbaijan NA
Bahrain NA
Bangladesh NA
Belarus NA
Belgium IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Bolivia NA
Bosnia
Country Sta-tus Frequency Power Technique Comments Herzegovina NA
Botswana NA
Brazil OK 902-907.5 MHz 4 W eirp FHSS
Brazil OK 915-928 MHz 4 W eirp FHSS
Bulgaria IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Cambodia NA
Cameroon NA
Canada OK 902-928 MHz 4 W eirp FHSS
Chile OK 902-928 MHz 4 W eirp FHSS
China IP 917-922 MHz 2 W erp Provisional allocation. Temporary license required.
Colombia IP Dialogue with regulators initiated by GS1 Colombia
Congo,Dem. Rep. NA
Congo, Rep. NA
Costa Rica OK 902-928 MHz 4 W eirp FHSS
Côte d’Ivoire NA
Croatia IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Cyprus IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Czech Republic OK 865.6-867.6 MHz 2 W erp LBT
Denmark OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since January 2005
DominicanRepublic OK 902-928 MHz 4 W eirp FHSS
Ecuador NA
Egypt,Arab Rep. IP Work in progress
El Salvador NA
Estonia IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006. License possible.
Finland OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since 3 February 2005
France IP 865.6-867.6 MHz 2 W erp LBT New regulations should be implemented in July 2006
Georgia NA
Germany OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since 22 December 2004
Greece IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Guatemala NA
Honduras NA
Hong Kong, China OK 865-868 MHz 2 W erp
Hong Kong, ChinaOK 920-925 MHz 4 W eirp
Hungary IP 865.6-867.6 MHz 2 W erp LBT Implementation is in progress
Iceland OK 865.6-867.6 MHz 2 W erp LBT
India OK 865-867 MHz 4 W erp Approved in May 2005
Indonesia IP Band 923 to 925 MHz being considered
Iran, Islamic Rep. NA
Ireland IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Ann
ex 3
: Reg
ulat
ory
stat
us R
FID
in th
e U
HF
spec
trum
252
Tech
nica
l Rep
ort S
erie
s
Country Sta-tus Frequency Power Technique Comments
Israel IP Work in progress
Italy IP 865.6-867.6 MHz 2 W erp LBT Conflict with band allocated to tactical relays military application. Temporary licenses available.
Jamaica NA
Japan OK 952-954MHz 4 W eirp License required for using 952-954 MHz at 4 W eirp
Japan OK 952-955MHz 4 W eirp 952-955 MHz available for unlicensed use at 20m W eirp
Jordan NA
Kazakhstan NA
Kenya NA
Korea, Rep. OK 908.5-910 MHz 4 W eirp LBT Approved July 2004
Korea, Rep. OK 910-914 MHz 4 W eirp FHSS Approved July 2004
Kuwait NA
Kyrgyz Republic NA
Latvia IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Lebanon NA
Lithuania IP 865.6-867.6 MHz 2 W erp LBT Individual license required. New regulations should be in place in 2006
Luxembourg IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
Macao, China NA
Macedonia, FYR NA
Malaysia OK 866-869 MHz Allocation under consideration. 868 MHz available at 50 mWatt power.
Malaysia OK 919-923 MHz 2 W erp Unlicensed use allowed up to 2 W erp. Use up to 4 W erp allowed under license
Malta IP 865.6-867.6 MHz 2 W erp LBT Individual license required. New regulations should be in place in 2006
Mauritius NA
Mexico OK 902-928 MHz 4 W eirp FHSS
Moldova OK 865.6-867.6 MHz 2 W erp LBT
Mongolia NA
Morocco NA
Netherlands OK 865.6-867.6 MHz 2 W erp LBT New regulations will be in place since 27 February 2006
New Zealand OK 864-868 MHz 4 W eirp
Nicaragua NA
Nigeria NA
Norway IP 865.6-867.6 MHz 2 W erp LBT New regulations will be in place in 2006
Oman NA
Pakistan NA
Panama NA
Paraguay NA
Peru NA
Philippines IP 918-920 MHz 0.5 W erp In progress
Poland OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since October 24th 2005
Portugal IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
RFI
D te
chno
logi
es
253
Tech
nica
l Rep
ort S
erie
s
Country Sta-tus Frequency Power Technique Comments
Puerto Rico OK 902-928 MHz 4 W erp FHSS
Romania OK 865.6-867.6 MHz 2 W erp LBT New regulations in place since April 7, 2006
Russian IP 865.6-867.6 MHz 2 W erp LBT Licensed use only. Will decide whether Federation to adopt following completion of internal
compatibility study due mid 2005
Saudi Arabia NA
Senegal NA
Serbia and Montenegro NA
Singapore OK 866-869 MHz 0.5 W erp
Singapore OK 923-925 MHz 2 W erp License required for power above 0.5 W erp
Slovak Republic OK 865.6-867.6 MHz 2 W erp LBT New regulations in place
Slovenia IP 865.6-867.6 MHz 2 W erp LBT New regulations should be in place in 2006
South Africa OK 865.6-867.6 MHz 2 W erp LBT Should be in place by March 2006
South Africa OK 917-921 MHz 4 W eirp FHSS
Spain OK 865.6-867.6 MHz 2 W erp LBT New regulations will be in place by January 2007. Temporary licenses available.
Sri Lanka NA
Sudan NA
Sweden OK 865.6-867.6 MHz 2 W erp LBT New regulations approved 13 Dec 2005. In the law since 1 Jan 2006
Switzerland OK 865.6-867.6 MHz 2 W erp LBT
Syrian Arab Rep. NA
Taiwan OK 922-928 MHz 1 W erp FHSS Indoor
Taiwan OK 922-928 MHz 0.5 W erp FHSS Outdoor
Tanzania NA
Thailand OK 920-925 MHz 4 W eirp FHSS New regulations effective since 20 January
2006. License required for power above 0.5W.
Trinidad and Tobago NA
Tunisia IP 865.6-867.6 MHz 2 W erp LBT Plans adopting European regulations
Turkey IP 865.6-867.6 MHz 2 W erp LBT Conflict with band allocated to tactical relays military applications
Turkmenistan NA
Uganda NA
Ukraine NA
United Kingdom OK 865.6-867.6 MHz 2 W erp LBT New regulations in place as of 31 January 2006
United States OK 902-928 MHz 4 W eirp FHSS
Uruguay OK 902-928 MHz 4 W eirp FHSS
Uzbekistan NA
Venezuela, RB OK Band 922-928 MHz will be allocated shortly
Vietnam NA
Yemen, Rep. NA
Zimbabwe NA
Ann
ex 3
: Reg
ulat
ory
stat
us R
FID
in th
e U
HF
spec
trum
254
Tech
nica
l Rep
ort S
erie
s
Annex 4: Self regulation: guidelines and code of practices
RFI
D te
chno
logi
es
255
Tech
nica
l Rep
ort S
erie
s
216 EPC global. ‘Guidelines on EPC for Consumer Products’, Revised September 2005217 UK RFID Council. /A UK code of practice for the use of radio frequency identification (RFID) in retail outlets’, Release 1.0, 12 April 2006
This annex contains a description of 4 differ-ent guidelines and code of practices regarding theimplementation and use of RFID technologies.
a) Electronic Product Code™ (EPC)guidelines216
Electronic Product Code™ (EPC) is an emerg-ing system that uses RFID for the automatic iden-tification of consumer products. EPC has thepotential to be used on many everyday consumerproducts as they move through the supply chain.To allow EPC to realize its potential for consumers,retailers and suppliers, it is important to addressprivacy concerns prompted by the current state ofthe technology, while establishing principles fordealing with its evolution and implementation. Ac-cordingly the sponsors of EPC have adopted anumber of guidelines for use by all companies en-gaged in the large-scale deployment of EPC. Theseguidelines are intended to complement compli-ance with the substantive and comprehensivebody of national and international legislation andregulation that deals with consumer protection,consumer privacy and related issues
The guidelines have been followed since Jan-uary 1, 2005. The EPCglobal Guidelines on EPCfor Consumer Products are dealing with 4 main is-sues (revised version September 2005):
1. Consumer notice
Consumers will be given clear notice of thepresence of EPC on products or their pack-aging and will be informed of the use ofEPC technology. This notice will be giventhrough the use of an EPC logo or identifieron the products or packaging.
2. Consumer choice
Consumers will be informed of the choicesthat are available to discard or remove or inthe future disable EPC tags from the productsthey acquire. It is anticipated that for most
products, the EPC tags would be part of dis-posable packaging or would be otherwisediscardable. EPCglobal, among other sup-porters of the technology, is committed tofinding additional efficient, cost effectiveand reliable alternatives to further enablecustomer choice.
3. Consumer education
Consumers will have the opportunity easilyto obtain accurate information about EPCand its applications, as well as informationabout advances in the technology. Compa-nies using EPC tags at the consumer levelwill cooperate in appropriate ways to famil-iarize consumers with the EPC logo and tohelp consumers understand the technologyand its benefits. EPCglobal would also act asa forum for both companies and consumersto learn of and address any uses of EPC tech-nology in a manner inconsistent with theseGuidelines.
4. Record use, retention and security
The Electronic Product Code does not con-tain, collect or store any personally identifi-able information. As with conventionalbarcode technology, data which is associ-ated with EPC will be collected, used, main-tained, stored and protected by theEPCglobal member companies in compli-ance with applicable laws. Companies willpublish, in compliance with all applicablelaws, information on their policies regardingthe retention, use and protection of any per-sonally identifiable information associatedwith EPC use.
b) UK code of practice217
On 12 April 2006 the UK RFID Council pub-lished a proposal for a UK code of practice for theuse of RFID in retail outlets. It is hoped by the UKRFID Council that this Code of Practice will be
adopted by a company under the statement: ‘XYZCompany endorses this code of practice andagrees to abide by its objectives’
The UK Code of Practice follows in generalthe Electronic Product Code™ (EPC) guidelines, inaddition to the 4 items another one is added on:
5. Health and safety
Companies will take the greatest care oftheir suppliers, employees and customer toensure that all applicable health and safety,and recycling and other regulations are met.RFID tags for use in retail outlets do not con-tain a batter, cannot emit any power and areharmless in all general applications. Theyare passive devices and only send informa-tion when questioned by a scanning devicein the retail outlet, for example at check-outor during stock-taking, The tags are thus re-liant upon the scanners for the small amountof power required for them to operate. Thescanners must comply with regulatory con-straints on the power, delivered and adhereto guidelines, standards and constraints onhuman exposure levels to the electromag-netic fields produced by scanning devices.
c) Government of Japan: Guidelines for Pri-vacy Protection with Regard to RFID Tags218
The Ministry of Internal Affairs and Communi-cation (MIC) and the Ministry of Economy, Tradeand Industry (METI) of Japan jointly developedguidelines within the scope of consensus amongstakeholders regarding privacy protection of con-sumers.
The guidelines were developed on the basisof the vision that to address the privacy problemscaused by characteristics through the implemen-tation of RFID tags, it is essential to promote theirsocial acceptance through the implementation ofappropriate measures from the viewpoint of pro-tecting the privacy of consumers.
The Guidelines contain the following articles:
Article 1 (Purpose)
The purpose of these Guidelines shall be toclarify basic matters common to relevant industries
on privacy protection for consumers pertaining toRFID tags, in order to utilize the advantages ofRFID tags, ensure benefits to consumers and en-able society to smoothly accept RFID tags.
Article 2 (Scope of these Guidelines)
These Guidelines shall, where RFID tags areembedded in products and stays there even afterconsumers have been handed said products, stip-ulate preferable rules that companies dealing withthe said RFID tags and products tagged with saidRFID tags should abide by.
Article 3 (Indication, etc. of the Fact thatProducts Are Tagged with RFID Tags)
Where RFID tags are embedded in productsand stays there even after consumers have beenhanded said products, the companies concernedshall, prior to transactions, explain or post the factthat products are tagged with RFID tags, tagged po-sitions of RFID tags, features thereof and informa-tion contained in RFID tags (hereinafter referred to“RFID tag information”), or attach indications tosaid products or packages thereof so as to enableconsumers to recognize details of RFID tag infor-mation. The companies concerned shall be re-quested to make efforts at their stores to enableconsumers to recognize the said fact through suchexplanations or indications.
Article 4.(Reservation of the Right of FinalChoice of Consumers with Respect to Reading ofRFID Tags)
Where RFID tags are embedded in productsand stays there even after consumers have beenhanded said products, the companies concernedshall, when a consumer wants to deactivate saidRFID tags while recognizing the features of saidRFID tags, explain or post in advance the methodsto deactivate said RFID tags, or attach indicationsto said products or packages thereof so to ensurethat the consumer has a choice.
[Examples of methods to deactivate RFID tags]
1. Where it is possible to shield RFID tags byaluminium foils, communications betweenRFID readers and RFID tags can beblocked.
Ann
ex 4
: Sel
f reg
ulat
ion:
gui
delin
es a
nd c
ode
of p
ract
ices
256
Tech
nica
l Rep
ort S
erie
s
218 MIC (Ministry of Internal Affairs and Communications), METI (MInistry of Economy, Trade and Industry) Government of Japan, ‘Guide-lines for Privacy Protection with regard to RFID tags’, July 8, 2004
2. Electromagnetically erase all informationincluding unique numbers in RFID tags orpart information selected by consumers, ordeactivate reading functions relating to saidinformation.
3. Remove RFID tags.
Article 5 (Information Offerings ConcerningSocial Benefits of RFID Tags)
In cases where the reading functions of RFIDtags are deactivated pursuant to Article 4, andwhere consumer benefits or the social interests iseroded, such as where environmental problemsoccur by losing information necessary for recyclingproducts, or where driving safety is not ensured bylosing information on auto-repair histories, the com-panies concerned shall make efforts to provide con-sumers with information to the effect that consumerbenefits or the social interests would be erodedthrough methods including indications.
Article 6 (Handling of RFID Tags in CasesWhere Information Is Used by Linking PersonalInformation Databases, Etc. Stored in Computerswith RFID Tag Information)
Even in cases where a specific individual can-not be identified only by information recorded inRFID tags, when information can be easilyprocessed by linking personal information data-bases, etc. stored in computers with RFID tag infor-mation, and when the specific individual can beidentified, the information recorded in said RFIDtags shall be deemed as personal information to becovered under the “Personal Information Protec-tion Law.”
Responsibilities under the “Personal Informa-tion Protection Law” pertaining to companiesdealing with personal information (examples)
(1) In relation to purposes of the use of personalinformation
• To specify the purposes of the use of personalinformation to the greatest extent possible
• To obtain consent from the principal whenusing personal information for purposesother than the purposes of the use of per-sonal information
(2) In relation to collection of personal information
• To prohibit unlawful collection of personalinformation
• When having collected personal informa-tion, to inform the person concerned of thepurposes of the use of personal informationwithout delay, or to announce to that effect
(3) In relation to management of personal data
• To make efforts to keep personal data cor-rect and to reflect the latest status
• To take measures for safety management toprevent leakage, lose, damage, etc. of per-sonal data
• When providing a third party with personaldata, to obtain the consent of the personconcerned
Article 7 (Limitations on Information Collec-tion and Use in Cases Where Recording PersonalInformation in RFID Tags)
Companies dealing with personal informationby recording such information in said RFID tagsshall, notwithstanding the amount of personal in-formation to be dealt with by the said companies,where collecting or using personal information,make efforts to inform persons concerned of thepurposes of the use of personal information or an-nounce to that effect. Companies shall make effortsto obtain consent from the principal when using thesaid personal information for purposes other thanthe purposes of the use of personal information
Article 8 (Ensuring of Information AccuracyWhere Recording Personal Information in RFIDTags)
Companies dealing with personal informationby recording personal information in RFID tagsshall, notwithstanding the amount of personal in-formation recorded in said RFID tags to be dealtwith by the said companies, where collecting orusing personal information, make efforts to meetthe following items:
1. To keep personal information accurate andto reflect the latest status, in light of the pur-poses and details of the use of personal in-formation recorded in said RFID tags
2. In response to consumers, to disclose infor-mation recorded in RFID tags relating to thesaid consumers and personal informationof the said consumers linked from ID infor-mation recorded in RFID tags; and in re-sponse to requests from said consumers, tocorrect errors contained in said information
RFI
D te
chno
logi
es
257
Tech
nica
l Rep
ort S
erie
s
3. To prevent lose, damage, alteration andleakage of personal data recorded in RFIDtags
Article 9 (Establishment of Information Ad-ministrator)
Companies concerned shall, in order to en-sure adequate management of information pertain-ing to privacy protection concerning RFID tags andto make appropriate and swift response to com-plaints, establish an information administrator incharge of such matters and disclose methods tocontact the said information administrator.
Article 10 (Explanation and Information Of-ferings to Consumers)
Stakeholders, including companies, industryorganizations and public entities, shall make ef-forts to encourage consumers to understand RFIDtags through information provision, so that con-sumers can obtain correct knowledge on the pur-poses of the use of RFID tags, characteristicsthereof, merits and demerits thereof.
d) Enterprise Privacy Group219
The Enterprise Privacy Group, a consultancyfirm that is active in the area of data protection,freedom of information and related privacy issues,has developed a Privacy Code of Conduct for RFIDTechnologies (published 3 May 2005).
The Code of Conduct has to ensure that everyuser associated with an RFID system understandshis responsibilities for protecting personal informa-tion, and acts accordingly.
Organizations that implement consumer-fac-ing RFID Systems without first considering the mis-use of the technology have suffered adverse mediapublicity from watchdog groups, and in conse-quence have had to modify or abandon theirplans.
Any RFID implementation should therefore,according the Enterprise Privacy Group, incorpo-rate privacy safeguards, based on a rigorous riskassessment process coupled with ‘best practice’recommendations for controls. One such controldevice is the Code of Conduct.
Ann
ex 4
: Sel
f reg
ulat
ion:
gui
delin
es a
nd c
ode
of p
ract
ices
258
Tech
nica
l Rep
ort S
erie
s
219 Toby Stevens (2005). ‘A privacy Code of Conduct for RFID Technologies’, Enterprise Privacy Group, Hants, 2005.
Annex 5: European activities in E-passports
RFI
D te
chno
logi
es
259
Tech
nica
l Rep
ort S
erie
s
MEMBER STATE E-PASSPORT PARTNERS
Austria RFID-chip based OeSD (State’s printing institute)Flex cover
Belgium RFID-chip based OberthurFlex cover
Cyprus no data available no data available
Czech Republic Polycarbonate cover Cz National Printing Agency STCTrüb (CH)Axalto tech
Germany RFID-chip based BundesdruckereiFlex cover
Denmark Polycarbonate Setec (Gemplus)RFID-chip based
Estonia RFID-chip based Gemalto
Spain Flex cover FNMT
Finland Polycarbonate Sentec (Gemplus)RFID-chip based
France Flex cover Imprimerie nationaleAxalto tech
Greece Flex cover Toppan (JP)ASK
Hungary Flex cover Multipolaris
Ireland Polycarbonate Bearingpoint
Italy Flex cover Polygraphico
Lithuania Polycarbonate Setec (Gemplus)RFID-chip based
Luxembourg RFID-chip based Bundesdruckerei Group, Phillips (NXP)
Latvia RFID-chip based (expected to Gieseke & Devrient;rollout by 3rd quarter of 2007) GemaltoPolycarbonate Bundesdruckerei Group
Malta RFID-chip based, not rolled out yet no data available
The Netherlands Polycarbonate SDURFID-chip based Datecard Group
Collis
Poland RFID-chip based Gemalto
Portugal Flex cover INCM
Sweden Polycarbonate Crane/Setec (Gemplus)RFID-chip based
Slovenia Flex cover Mirage/Cetis
Slovakia RFID-chip based, not rolled out yet no data available
United Kingdom Flex cover SPSL
Annex 6: Overview on ID documents in Europe
RFI
D te
chno
logi
es
261
Tech
nica
l Rep
ort S
erie
s
PurposesCard (C) covered Technologyor Proce (explained or technologies
Country Name dure (P) below) used Status, Comments, References
Europe European C Ident RFID, Bio Concept, prototypes and early Passport (Face, implementations (e.g. in Germany);
later Finger) implementation until October 2006.
Austria “Bürgerkarte” P Sign Cert, ElSig, Implemented since 2005, especially requires for e-government.PKI
e-card C e-health SmCh Implemented since 2005 with 8.3 (Option: Sign) Mio users.
Belgium ID Card C Ident (Option: SmCh, Cert, Implemented since 2005.Sign) ElSig,
requires PKI
Finland FINEID Card P Sign Cert, ElSig Implemented since 1999.
France e-ID Card C Ident RFID, Bio (Face, INES concept (Identité Nationale later Finger) Électronique Sécurisée);
implementation planned to start in 2007.
Germany ID Card C Ident SmCh, Cert, Concept; implementation planned (Option: Sign) (Option: ElSig) in 2007.
E-Health C e-health SmCh, Cert, Prototype.Card (Option: Sign) (Option: ElSig)
“JobCard” P Requires Requires ElSig Concept, planned to start in 2007. Sign, used and PKI Aim is to centralise different for SocIn procedures concerning social insurance
in Germany. The access of the insurance holder to this information shall be possible via electronic signature card.
Greece Traditional C Ident - No plans for eID found.ID card
Hungary HUNEID C Sign SmCh, Cert, Concept and prototype. Within the ElSig Hungarian Electronic Public
Administration Interoperability Framework currently standards are being defined and middleware is being specified.
Italy ID Card C Ident, Sign SmCh, Cert, Prototypes. Includes laser-band to (CIE) ElSig, Laser store up to 1.8 mega-byte of data.
Malta eID Card P e-Gov, Cert Launched in 2005.m-Gov
The ID Card C Ident RFID, Bio Prototypes, introduction planned Netherlands (Face, later August 2006.
Finger)
Portugal “Cartão C Ident, SocIn, SmCh, Mag Citizen card project approved bycomum do e-health, Stripe, Bio Council of Ministers on April 2005.cidadão” voting, tax (finger, other?) Seems to be in design phase still.
PurposesCard (C) covered Technologyor Proce (explained or technologies
Country Name dure (P) below) used Status, Comments, References
Spain eID card C Ident SmCh, Cert, 1st version presented in 2004. (“DNI (Option: ElSig (requires Card scheduled to begin in 2006.electrónico”) Sign) PKI), Bio (finger) Delays probable.
Sweden eID Card C Ident SmCh, RFID, Issued since 1st of October 2005.(Option: Bio (Face, later Includes contact chip, RFID and Sign) Finger), Options: biometrics in accordance with the
Cert, ElSig; ICAO standards for international Options passports. Card issued by police, require PKI biometric and other identification
data is centrally stored at police.
Source: Study on ID Documents, FIDIS (Future of identity in the Information Society.) 20 December 2006. fidis-wp3-del3.6.study_on_id_documents.doc
Purpose of identity document:
Ident Official identification of a citizen of a state by passports or official identity cards
Sign Identification of an individual/company and electronic signing for egovernment and / or e-commerce applications; re-mark: PKI integration needed
e-health Identification of an individual and transfer of or access to sensitive data in the e-health sector (e-health cards)
SocIn Identification of an individual and transfer of or access to sensitive data for social insurance purposes
Ann
ex 6
: Ove
rvie
w o
n ID
doc
umen
ts in
Eur
ope
262
Tech
nica
l Rep
ort S
erie
s
Annex 7: RFID in European Public Transport projects
RFI
D te
chno
logi
es
263
Tech
nica
l Rep
ort S
erie
s
Publictransportcards Tag system application numbers project benefits
Florence, 13.56 MHz C. ASK local and regional n.a. roll-out optimise resources; Italy, ATAF ticket (ASK) bus companies meet passenger demands
Manchester, 13.56 MHz ERG local and regional 10 districts trial from Reduce abuse and fraudUK, GMPTE (ASK); ITSO (Prepayment bus companies; 40 transactions 2004; Reduce survey data costs
compliant Cards Limited) companies, yearly, roll-out 2006 Data capture for viable(interrogator and 10 districts 650.000 multi-operatorsystem integrator); residents Reduce misuse;StagecoachHoldings,Firstgroup, National Express Group
Liverpool, 13.56 MHz Global Smart local public n.a. 2005-… improved customer UK multi- Applied Media transport costs: 3.8 M experience and valuefunctional Card Merseytravel extended use as USD joint promotional card Technologies city smart card cost per card: opportunities
16 kB EEPROM (if successfull) 6.5 USD coalition and affinity marketing oportunities
Paris RATP, 13.56 MHz; Successor to Carte Reduce maintenanceFrance ASK (C-tickets); Orange (since 20 March costs; combat fraud;
Schlumberger; 2006); endorsed by RATP, Increase passenger flowsD&G SNCF and 93 private travel (up to 400%)
operators
Rhein-Main 13.56 MHz NFC application n.a.Verkehrsverbund (Nokia, Philips)) Nokia, Philips in public transportbuses NFC application
Skane Cubic Nord Cubic Nord Smart card in started Reduce fraud and misurseCounty, trains and buses costs: Increase user convenienceSweden 56 rail stations, 21.8 M USD (internet based
950 buses; open uploading of cardsarchitecture
Southport, 13.56 MHz na 10.000 cards UK (Philips Mikron issued for buses roll-out
card)) (on-going)
Stor-Oslo 13.56 MHz Thales Clearinghouse 2006-2007 user convenienceLokaltrafikk, (Thales) system to settle (contactless cards areNorway payments of better than contact cards
contactless cards in moving buses); fraude detection
Translink, 13.56 MHz Thales, Dutch public pilot phase 2004 travel informationNetherlands (Mifare 4K Accenture, transport system 1.4 M cards; fraud reduction
card, Philips) Vialis roll-out: 10 M speeding up boarding timeC.ticket (ASK) cardsASK processing 1.5 B
transactionsyearly
Transport 13.56 MhHz Cubic Oyster 2.2 M value of the Fraud reduction (now 65Mfor London, Schlumberger (interrogator); travelcard for Oyster contract: 1.6 B USD per year); SpeedingOyster card Sema, G&D, TranSys London cards USD (17 years up boarding time
Infineon, (system creation and Customer benefits Axalto integrator) operation) (queues, ease of use);
300 M USD operational costscapitalinvestmentprogramme
Publictransportcards Tag system application numbers project benefits
Umico 13.56 MHz Public transport 2.5 M C. 300 M Capri, ASK (C.ticket) ASK at Capri tickets capital Italy investment
programme
Verband card.etc; ERG, card.etc; ERG, Local transport 2.3 M Roll-out ResearchDeutscher SmardTech SmardTech companies to use cards 2009Verkehrsun- SMicroelec- SMicroelec- smart cards for all initiallyternehmen, tornics tornics PTO-servicesGermany
Warsaw Payment on 1.5 Million transit Cards subway cards
trains and buses in Warsaw
Source: IDTechEx Knowledge base www.idtechex.org (visited 25 June 2006)
Ann
ex 7
: RFI
D in
Eur
opea
n Pu
blic
Tra
nspo
rt p
roje
cts
264
Tech
nica
l Rep
ort S
erie
s
Annex 8: RFID pilots and trials within the EU and the US
RFI
D te
chno
logi
es
265
Tech
nica
l Rep
ort S
erie
s
Land and Airlines Animals Books, Financials, Sea
Member and and Libraries, Security Health Logistics,states Total airports farming Archives Safety care Postal
Austria 13 1 1 1
Belgium 7 1 1 3
Czech Republic 6 2 1
Denmark 19 1 2 1 2
Estonia 2 1
Finland 13 4 2 2
France 86 2 3 4 12 12 14
Germany 120 7 1 6 14 12 16
Greece 4 1
Hungary 4
Ireland 5 2 1
Italy 40 1 4 4 4
Latvia 1
Lithuania 1
Luxembourg 1
Netherlands 62 2 2 12 11
Poland 6 1
Portugal 6 2 2
Slovakia 4 1
Slovenia 2 1
Spain 21 2 1
Sweden 36 2 1 4 1 6
United Kingdom 255 11 10 7 65 27 32
USA 812 26 24 22 121 90 56
Total Europe 714 28 18 25 123 59 96
Total 2240 54 42 47 244 149 152
Passenger Retail, Member Leisure, Transport, Consumer states Laundry Sports Manufacturing Military Automotive Goods
Austria 8 1 1
Belgium 1 1
Czech Republic 1 2
Denmark 7 1 2 3
Estonia 1
Finland 2 1 2
France 12 2 4 9 12
Germany 11 14 3 16 20
Greece 1 1 1
Hungary 3 1
Ireland 1 1
Italy 8 2 2 9 6
Latvia 1
Lithuania 1
Luxembourg 1
Netherlands 2 18 3 2 6 4
Poland 1 1 3
Portugal 1 1
Slovakia 2 1
Slovenia 1
Spain 8 3 1 6
Sweden 7 3 8 4
United Kingdom 1 17 13 7 36 29
USA 5 40 58 33 89 248
Total Europe 3 107 40 35 96 84
Total 8 147 98 68 185 332
Source: IDTechEx Knowledge base www.idtechex.org (visited 16 October 2006)
Ann
ex 8
: RFI
D p
ilots
and
tria
ls w
ithin
the
EU a
nd th
e U
S
266
Tech
nica
l Rep
ort S
erie
s
Annex 9: Full contents
Table of Contents ........................................................................................................................... 5
List of figures.................................................................................................................................. 9
List of tables ................................................................................................................................... 11
List of boxes ................................................................................................................................... 13
Executive summary ........................................................................................................................ 15
Preface ........................................................................................................................................... 21
Structure of the report ................................................................................................................... 23
Part one: RFID technologies........................................................................................................... 27
1. RFID technologies: system features and future technologies...................................................... 29
1.1. Introduction........................................................................................................................ 29
1.2. RFID system features .......................................................................................................... 301.2.1. Passive, semi-passive, active.................................................................................... 301.2.2. Frequency ............................................................................................................... 311.2.3. Factors affecting reading capability.......................................................................... 321.2.4. RFID and barcodes .................................................................................................. 331.2.5. Security ................................................................................................................... 34
1.3. RFID infrastructure elements............................................................................................... 341.3.1. RFID readers............................................................................................................ 34
1.4. RFID middleware ............................................................................................................... 35
1.5. Organizations developing international standards............................................................... 361.5.1. EPCglobal................................................................................................................ 361.5.2. Global data synchronization.................................................................................... 361.5.3. International Organization for Standardization (ISO) ............................................... 361.5.4. AIM Global ............................................................................................................. 371.5.5. Ubiquitous ID center ............................................................................................... 37
1.6. Future tagging technologies ................................................................................................ 371.6.1. Surface Acoustic Waves (SAW) ................................................................................ 371.6.2. Embedded tags ........................................................................................................ 381.6.3. UWB tags ................................................................................................................ 391.6.4. Optical tags ............................................................................................................. 391.6.5. DNA tags................................................................................................................. 391.6.6. Software tags ........................................................................................................... 39
1.7. Potential challenges of RFID implementation ..................................................................... 40
2. Spectrum allocation ................................................................................................................... 41
2.1. Regulatory status for using RFID ......................................................................................... 42
2.2. Efficient use of spectrum allocation (RFID, WiFi, ZigBee).................................................... 43
RFI
D te
chno
logi
es
267
Tech
nica
l Rep
ort S
erie
s
3. RFID standards........................................................................................................................... 45
3.1. EPCglobal ........................................................................................................................... 45
3.2. International Organization for Standardization (ISO)........................................................... 473.2.1. ISO/IEC 18000 Information Technology AIDC Techniques-RFID
for Item Management - Air Interface ........................................................................ 473.2.2. 18000-1 Part 1 – Generic Parameters for the Air Interface for Globally
Accepted Frequencies............................................................................................... 473.2.3. 18000-2 Part 2 – Parameters for Air Interface Communications
below 135 kHz. 46................................................................................................. 483.2.4. 18000-3 Part 3 Parameters for Air Interface Communications at 13.56 MHz ........... 483.2.5. 18000-4 Part 4 – Parameters for Air Interface Communications at 2.45 GHz........... 483.2.6. 18000-5 Part 5 – Parameters for Air Interface Communications at 5.8 GHz............. 493.2.7. 18000-6 Part 6 – Parameters for Air Interface Communications at 860 to 930 MHz..... 493.2.8. 18000-7 Part 7 – Parameters for Air Interface Communications at 433 MHz ........... 50
3.3. ISO/IEC 14443.................................................................................................................... 50
3.4. European Telecommunications Standardization Institute – ETSI .......................................... 503.4.1. EN 300 330............................................................................................................. 503.4.2. EN 300 220............................................................................................................. 503.4.3. EN 302 208............................................................................................................. 513.4.4. EN 300 440............................................................................................................. 513.4.5. EN 300 328............................................................................................................. 513.4.6. EN 300 674............................................................................................................. 51
3.5. Conformance testing........................................................................................................... 52
3.6. Interoperability Issues ......................................................................................................... 52
4. RFID technologies: RFID system features................................................................................... 53
4.1. The RFID-systems perspective ............................................................................................ 534.1.1. RFID definition and positioning ............................................................................... 534.1.2. Two views on using RFID ........................................................................................ 544.1.3. Aspects for object virtualization............................................................................... 54
4.2. RFID system perspective..................................................................................................... 544.2.1. Classification of technologies around RFID.............................................................. 544.2.2. Enabling technologies.............................................................................................. 554.2.3. Enhancing technologies........................................................................................... 574.2.4. Concurrent technologies.......................................................................................... 60
4.3. RFID lifecycle description................................................................................................... 624.3.1. Fabrication .............................................................................................................. 624.3.2. Pre-deployment ....................................................................................................... 624.3.3. Deployment ............................................................................................................ 634.3.4. Removal of tags ....................................................................................................... 63
4.4. Typology of RFID usages..................................................................................................... 644.4.1. Realization framework............................................................................................. 644.4.2. Usage typology model............................................................................................. 654.4.3. Business scope ........................................................................................................ 684.4.4. Proprietary versus standardized RFID solutions........................................................ 684.4.5. Information sensitivity and RFID tag types ............................................................... 69
4.5. RFID usage in business domains......................................................................................... 704.5.1. Example business scenario Healthcare .................................................................... 704.5.2. Example business scenario Electronic Identity cards ................................................ 70
Ann
ex 9
: Ful
l con
tent
s
268
Tech
nica
l Rep
ort S
erie
s
4.5.3. Example business scenario Food quality .................................................................. 71
4.6. Summary and conclusions.................................................................................................. 71
Part two: Market perspectives and socio-economic issues ............................................................. 73
5. RFID market perspectives .......................................................................................................... 75
5.1. Actors and stakeholders ...................................................................................................... 755.1.1. The RFID value chain .............................................................................................. 755.1.2. Market actors........................................................................................................... 765.1.3. RFID tag manufacturers ........................................................................................... 775.1.4. System integrators.................................................................................................... 805.1.5. Software providers................................................................................................... 815.1.6. Consultants and main contractors............................................................................ 825.1.7. Non offering related actors ...................................................................................... 85
5.2. Market key drivers .............................................................................................................. 855.2.1. Radio standards and spectrum allocation................................................................. 855.2.2. RFID versus barcode................................................................................................ 855.2.3. The “return on investment” challenge...................................................................... 865.2.4. Privacy concerns ..................................................................................................... 865.2.5. The tag cost ............................................................................................................. 875.2.6. Goods traceability ................................................................................................... 885.2.7. “IT doesn’t matter” paradox..................................................................................... 88
5.3. Strengths, weaknesses, opportunities, threats ...................................................................... 88
5.4. Market forecasts and trends ................................................................................................ 895.4.1. RFID maturity: the hype cycle ................................................................................. 895.4.2. Market forecasts ...................................................................................................... 90
5.5. RFID patents ....................................................................................................................... 92
5.6. RFID and SMEs................................................................................................................... 94
6. Socio-economic aspects of RFID ................................................................................................ 95
6.1. Framework of the study ...................................................................................................... 956.1.1. Aims and objectives ................................................................................................ 95
6.2. Methodology and reading guide ......................................................................................... 95
6.3. Theoretical framework on adoption and diffusion of technology ........................................ 966.3.1. Main theories on diffusion of innovation and technology acceptance...................... 966.3.2. Innovation diffusion process theory ......................................................................... 966.3.3. Technology acceptance model ................................................................................ 986.3.4. Unified theory of acceptance and use of technology ............................................... 99
6.4. Trust and acceptance of RFID technology ........................................................................... 996.4.1. Definition of trust .................................................................................................... 996.4.2. Trust-risk model of RFID success.............................................................................. 1006.4.3. Evidence-based analysis of acceptance and adoption of RFID technology............... 102
6.5. Diffusion and adoption of RFID .......................................................................................... 1046.5.1. Introduction............................................................................................................. 1046.5.2. Stages of diffusion and adoption of RFID ................................................................. 1056.5.3. Issues in the RFID adoption in the retail industry: advantages
and disadvantages for retailers. ............................................................................... 1066.5.4. Issues in the RFID adoption in the retail industry: advantages
and disadvantages for consumers............................................................................. 1076.5.5. Drivers and rationale in RFID adoption ................................................................... 109
RFI
D te
chno
logi
es
269
Tech
nica
l Rep
ort S
erie
s
6.5.6. The broad landscape of RFID applications............................................................... 1096.5.7. RFID and the new consumer or the new citizen ...................................................... 1116.5.8. Conclusions............................................................................................................. 111
6.6. RFID: Employment, training and education ........................................................................ 1126.6.1. Impact of RFID technology on the workplace and the employment market ............. 1126.6.2. Training requirements and training facilities in relation
to the widespread adoption of RFID technologies .................................................... 114
6.7. Conclusions and recommendations .................................................................................... 115
7. Privacy aspects of RFID.............................................................................................................. 119
7.1. Introduction........................................................................................................................ 119
7.2. The sensitivity of RFID towards privacy infringements ........................................................ 119
7.3. Privacy in RFID systems...................................................................................................... 121
7.4. Privacy threats within the tag-reader system ....................................................................... 1237.4.1. The unauthorised reading of tags ............................................................................. 1237.4.2. Using tags to track persons ...................................................................................... 124
7.5. Privacy threats at the backend of the RFID system .............................................................. 1247.5.1. Aggregating personal information ............................................................................ 1247.5.2. Using data for purposes other than originally specified............................................ 1257.5.3. Using data to monitor specific behaviours ............................................................... 125
7.6. Open and closed RFID systems .......................................................................................... 125
7.7. Strategies to cope with the privacy threats .......................................................................... 126
7.8. Privacy laws ....................................................................................................................... 126
7.9. Self –regulation................................................................................................................... 1287.9.1. Addressing the issue by NGOs ................................................................................ 1287.9.2. EPCglobal guidelines for EPC usage......................................................................... 1287.9.3. Centre for Democracy and Technology guidelines
for the deployment of RFID technology ................................................................... 128
7.10. Technical solutions ........................................................................................................... 130
7.11. Conclusions ...................................................................................................................... 132
8. Security aspects of RFID ............................................................................................................ 133
8.1. General overview of RFID security threats .......................................................................... 133
8.2. Security threats for the tag .................................................................................................. 1338.2.1. Falsification of contents ........................................................................................... 1338.2.2. Falsification of tag ID............................................................................................... 1338.2.3. Deactivation............................................................................................................ 1338.2.4. Physical destruction................................................................................................. 1338.2.5. Detaching the tag .................................................................................................... 133
8.3. Security threats for the air interface..................................................................................... 1338.3.1. Eavesdropping ......................................................................................................... 1338.3.2. Blocking .................................................................................................................. 1338.3.3. Jamming.................................................................................................................. 1348.3.4. Relay attack............................................................................................................. 134
8.4. Security threats for the reader ............................................................................................. 1348.4.1. Falsifying reader ID ................................................................................................. 1348.4.2. Security threats for other parts of RFID systems........................................................ 1348.4.3. Tag-borne attacks at back office............................................................................... 135
Ann
ex 9
: Ful
l con
tent
s
270
Tech
nica
l Rep
ort S
erie
s
8.4.4. Misuse of gateway interface..................................................................................... 1358.4.5. Corrupted drivers..................................................................................................... 1358.4.6. Attacking the reader-gateway communication ......................................................... 135
8.5. Security measures for the tag .............................................................................................. 1358.5.1. Security measures to prevent unauthorized modification of tag data (contents and ID)... 1358.5.2. Security measures for deactivation........................................................................... 1368.5.3. Security measures for physical destruction............................................................... 1368.5.4. Security measures for detaching the tag ................................................................... 136
8.6. Security measures for the air interface ................................................................................ 1368.6.1. Security measures for eavesdropping ....................................................................... 1368.6.2. Security measures for blocking ................................................................................ 1368.6.3. Security measures for jamming ................................................................................ 1368.6.4. Security measures for relay attacks .......................................................................... 136
8.7. Security measures for the reader ......................................................................................... 1368.7.1. Security measures for falsifying the reader ID .......................................................... 136
8.8. Security measures for other parts of RFID systems............................................................... 1378.8.1. Security measures for tag-borne attacks at back office ............................................. 1378.8.2. Security measures for misuse of gateway interface................................................... 1378.8.3. Security measures for corrupted drivers ................................................................... 1378.8.4. Security measures for attacking the reader-gateway communication........................ 1378.8.5. Security measures against cloning ........................................................................... 137
8.9. General security evaluation of RFID ................................................................................... 1378.9.1. The costs for unauthorized modification of data ...................................................... 1388.9.2. The costs for deactivation ........................................................................................ 1388.9.3. The costs for physical destruction............................................................................ 1388.9.4. The costs for detaching the tag ................................................................................ 1388.9.5. The costs for eavesdropping .................................................................................... 1388.9.6. The costs for blocking.............................................................................................. 1398.9.7. The costs for jamming ............................................................................................. 1398.9.8. The costs of a relay attack........................................................................................ 1398.9.9. The costs for falsifying the reader ID........................................................................ 139
8.10. RFID security challenges in a broader perspective ............................................................ 1398.10.1. Healthcare............................................................................................................. 1408.10.2. Animal tracking ..................................................................................................... 1418.10.3. Public transport ..................................................................................................... 1418.10.4. Identity card .......................................................................................................... 1418.10.5. Smart shop ............................................................................................................ 142
8.11. Security aspects of RFID in EU research projects............................................................... 1428.11.1. Research projects on RFID..................................................................................... 1428.11.2. Security aspects of RFID in EU research projects.................................................... 1438.11.3. From research to policy ......................................................................................... 145
8.12. Conclusion ....................................................................................................................... 1468.12.1. Conclusions of overall risk analysis ....................................................................... 1468.12.2. Conclusions of risk analysis per application domain.............................................. 1478.12.3. Conclusions on RFID security within European programme................................... 147
Part three: RFID case studies.......................................................................................................... 149
9. Searching the dynamics of RFID practices ................................................................................. 151
9.1. Selecting the appropriate cases ........................................................................................... 152
RFI
D te
chno
logi
es
271
Tech
nica
l Rep
ort S
erie
s
9.2. Main conclusions from the case-studies.............................................................................. 1549.2.1. Animal tagging ........................................................................................................ 1559.2.2. ICT sector ................................................................................................................ 1559.2.3. Healthcare............................................................................................................... 1569.2.4. Identity cards........................................................................................................... 1569.2.5. Public transport ....................................................................................................... 157
10. RFID in animal tagging............................................................................................................. 159
10.1. Overview RFID in animal tagging..................................................................................... 16010.1.1. Use cases .............................................................................................................. 16110.1.2. Technologies used ................................................................................................. 16110.1.3. Application area .................................................................................................... 16110.1.4. Project................................................................................................................... 16310.1.5. Companies involved.............................................................................................. 16310.1.6. Benefits ................................................................................................................. 163
10.2. Illustrative examples ......................................................................................................... 163
10.3. EU activities in animal tracking ........................................................................................ 16310.3.1. The IDEA project ................................................................................................... 16410.3.2. DEFRA sheep identification ................................................................................... 166
10.4. European legislation ......................................................................................................... 16810.4.1. Bovine animals...................................................................................................... 16810.4.2. Ovine and caprine animals.................................................................................... 16910.4.3. Equine animals ...................................................................................................... 16910.4.4. Porcine animals..................................................................................................... 16910.4.5. Pets ....................................................................................................................... 169
10.5. Discussion of EU approach............................................................................................... 170
10.6. US approach to electronic identification........................................................................... 170
10.7. Discussion........................................................................................................................ 17210.7.1. Pitfalls and barriers, drivers and opportunities ....................................................... 17210.7.2. Actors.................................................................................................................... 17310.7.3. Costs ..................................................................................................................... 17310.7.4. Training requirements ............................................................................................ 17310.7.5. Security and privacy issues .................................................................................... 17310.7.6. Future technologies ............................................................................................... 174
11. RFID in healthcare ................................................................................................................... 175
11.1. Description of cases.......................................................................................................... 175
11.2. RFID applied to objects: medication and equipment traceability....................................... 17611.2.1. Locating and tracking hospital equipment, US hospitals ........................................ 17611.2.2. . Avoid leaving objects in the patient body,
Stanford University Medical Center (USA) ............................................................... 17811.2.3. Tracking medication from pharmacy to patient, Jena
University Hospital (Germany, June 2006) ............................................................... 178
11.3. RFID applied to objects: services operation support .......................................................... 17811.3.1. Blood transfusion monitoring at San Raffaele Hospital, Milan (Italy) ...................... 179
11.4. RFID for people identification and localization in healthcare............................................ 17911.4.1. Monitoring chronically ill patients, Hackensack University Medical Center (USA) ..... 180
11.5. Lessons to learn ................................................................................................................ 18111.5.1. Technological issues and problems ........................................................................ 181
Ann
ex 9
: Ful
l con
tent
s
272
Tech
nica
l Rep
ort S
erie
s
11.5.2. Market issues ......................................................................................................... 18111.5.3. Privacy issue.......................................................................................................... 182
11.6. Recommendations for European policy............................................................................. 182
12. RFID in the ICT sector.............................................................................................................. 183
12.1. Description of cases ......................................................................................................... 18312.1.1. RFID for asset management ................................................................................... 18312.1.2. RFID in mobile phones.......................................................................................... 18412.1.3. RFID for DRM (Digital Rights Management) and PRM (Property Rights Management).. 187
12.2. Drivers and barriers: lessons to learn for Europe ............................................................... 187
13. RFID in identity cards .............................................................................................................. 189
13.1. Overview of RFID in identity cards ................................................................................... 18913.1.1. Analysis of cases.................................................................................................... 18913.1.2. Contact versus contactless cards............................................................................ 19013.1.3. Various types of ID-cards....................................................................................... 191
13.2. RFID in e-passports........................................................................................................... 19113.2.1. Goals of an e-passport ........................................................................................... 19113.2.2. Security and privacy threats to e-passports............................................................. 19213.2.3. Safeguard solutions for threats of privacy misuse ................................................... 19313.2.4. RFID and identity cards in the USA ....................................................................... 19413.2.5. Other identity cards developments ........................................................................ 19613.2.6. Serious questions in the USA concerning the use of RFID
in e-passports and national identity cards ................................................................ 196
13.3. RFID and identity cards in EU........................................................................................... 19713.3.1. European regulation .............................................................................................. 19713.3.2. European biometric passports ................................................................................ 198
13.4. Financial institutions cards ............................................................................................... 19913.4.1. Use of smartcards for contactless payments ........................................................... 19913.4.2. Advantages and disadvantages of contactless credit cards ..................................... 20013.4.3. Concern regarding the use of RFID in credit cards ................................................. 201
13.5. Discussion........................................................................................................................ 20113.5.1. Main issues in e-passport developments ................................................................ 20113.5.2. Issues to be solved in relation to RFID applications ............................................... 20213.5.3. Need for a user-centred design .............................................................................. 204
14. RFID in public transport........................................................................................................... 205
14.1. RFID in public transport ................................................................................................... 20614.1.1. Actors.................................................................................................................... 20714.1.2. The benefits........................................................................................................... 208
14.2. Case 1: the Netherlands.................................................................................................... 20814.2.1. Objective .............................................................................................................. 20814.2.2. The actors.............................................................................................................. 20914.2.3. Technology............................................................................................................ 21014.2.4. Issues surrounding the introduction of the card...................................................... 21214.2.5. Concluding observations ....................................................................................... 213
14.3. Case 2: London ................................................................................................................ 21314.3.1. Objectives ............................................................................................................. 21414.3.2. Actors.................................................................................................................... 21414.3.3. The technology...................................................................................................... 215
RFI
D te
chno
logi
es
273
Tech
nica
l Rep
ort S
erie
s
14.3.4. Issues surrounding the introduction of the Oyster card .......................................... 215
14.4. Case 3: Venice.................................................................................................................. 21714.4.1. Pilot....................................................................................................................... 21714.4.2. Actors.................................................................................................................... 21814.4.3. Services ................................................................................................................. 218
14.5. Discussion........................................................................................................................ 21814.5.1. Drivers .................................................................................................................. 21814.5.2. Barriers.................................................................................................................. 21914.5.3. Market potential .................................................................................................... 22014.5.4. User acceptance and trust ..................................................................................... 22014.5.5. Privacy and security issues .................................................................................... 22114.5.6. The European situation.......................................................................................... 221
Part four: Policy analysis and recommendations ............................................................................ 223
15. Policy analysis and recommendations ...................................................................................... 225
15.1. European RFID stakeholders and markets ......................................................................... 225
15.2. EU-wide benefit of RFID................................................................................................... 227
15.3. Issues for public policy intervention ................................................................................. 22915.3.1. RFID tag-reader. .................................................................................................... 23015.3.2. Application domain............................................................................................... 23315.3.3. People ................................................................................................................... 23415.3.4. Companies ............................................................................................................ 23515.3.5. Governments......................................................................................................... 235
15.4. Policy options to further research needs............................................................................ 235
15.5. Policy recommendations .................................................................................................. 23715.5.1. Technology and research policy ............................................................................ 23815.5.2. Innovation policy .................................................................................................. 23815.5.3. Regulatory activities .............................................................................................. 23915.5.4. Stimulating adoption and dissemination of RFID ................................................... 23915.5.5. Acting as launching customer................................................................................ 240
Annex 1: References....................................................................................................................... 243
Annex 2: Acronyms ........................................................................................................................ 249
Annex 3: Regulatory status RFID in the UHF spectrum.................................................................. 251
Annex 4: Self regulation: guidelines and code of practices............................................................. 255
Annex 5: European activities in E-passports ................................................................................... 259
Annex 6: Overview on ID documents in Europe ............................................................................ 261
Annex 7: RFID in European public transport projects .................................................................... 263
Annex 8: RFID pilots and trials within the EU and the US.............................................................. 265
Annex 9: Full contents.................................................................................................................... 267
Ann
ex 9
: Ful
l con
tent
s
274
Tech
nica
l Rep
ort S
erie
s
European Commission
EUR 22770 EN – Joint Research Centre – Institute for Prospective Technological Studies
Title: RFID Technologies: Emerging Issues, Challenges and Policy Options
Authors: Marc van Lieshout, Luigi Grossi, Graziella Spinelli, Sandra Helmus, Linda Kool, Leo Pen-nings, Roel Stap, Thijs Veugen, Bram van der Waaij, Claudio Borean.
Editors: Ioannis Maghiros, Pawel Rotter, Marc van Lieshout…
Luxembourg: Office for Official Publications of the European Communities
2007
EUR – Scientific and Technical Research series – ISSN 1018-5593
ISBN 978-92-79-05695-6
Abstract
Radio Frequency Identification (RFID) technology, an enabling technology for automatic identi-fication based on radio waves, will impact the daily lives of European citizens in many different ways,as it is a bridge between the physical and the virtual world. RFID has enormous socio-economic po-tential but it also brings challenges, such as serious security threats and the potential danger of im-pinging on personal lives, which if not addressed properly may limit the foreseen benefits from thewide-spread deployment of this technology. This report gives an overview of established and emerg-ing RFID technologies, RFID standards and spectrum allocation, presents RFID market parameters andforecast, privacy and security issues and social aspects of RFID. Five case studies from different ap-plication sectors (animal tracking, healthcare, ICT sector, identity cards and public transport) allowus to draw conclusions about both specific areas of development and the whole RFID market in Eu-rope. In the final part, the likely role of Europe is presented, as are policy options for further initia-tives.
INST
ITU
TE F
OR
PR
OSP
ECTI
VE
TEC
HN
OLO
GIC
AL
STU
DIE
SEN
LF-NA
-22770-EN-C
EUR
227
70 E
N
RFID Technologies:Emerging Issues,Challenges andPolicy Options
Publications Office
Publications.eu.int
The mission of the JRC is to provide customer-driven scientificand technical support for the conception, development, implementa-tion and monitoring of EU policies. As a service of the European Com-mission, the JRC functions as a reference centre of science andtechnology for the Union. Close to the policy-making process, it servesthe common interest of the Member States, while being independent ofspecial interests, whether private or national.