This blog post examines the operating principles and security vulnerabilities of passive RFID, along with technical and institutional countermeasures to address them, analyzing the potential for balancing everyday convenience with personal information protection.
Passive RFID (Radio-Frequency Identification) systems consist of a reader and passive tags that lack their own power source. The tag consists of a coil and a chip containing a small amount of data. When the tag enters the electromagnetic field generated by the reader, electromagnetic induction induces electricity in the coil. This power is used to transmit the data stored on the chip to the reader. Because it utilizes an electromagnetic field, information can be read quickly and accurately without direct contact, simply by the tag passing near the reader. It also has the advantages of eliminating maintenance burdens like battery replacement and enabling miniaturization. However, since the tag’s power depends on the reader’s electromagnetic field, there are limitations on the available power supply. Consequently, there are also limits to the amount of data the chip can store and its information processing capabilities.
When two or more tags enter the reader’s communication range simultaneously, the information transmitted by each tag can become entangled. Recently, several algorithms have been developed to resolve this issue. Applying this method allows nearly simultaneous reading of information from all tags within the reader’s communication range. This enables the instant identification of multiple items simply by passing them through the checkout counter. To facilitate actual sales, procedures are required to either record sales information on the tag or disable the tag’s functionality. When RFID systems are integrated into credit cards or ID cards, daily convenience can increase significantly. Not only can product information be verified, but payment and signature verification can also be processed simultaneously. However, due to the characteristic that all tag information within the communication range can be transmitted to the reader, there is a possibility that information such as ‘what you were wearing, what you were carrying, when and where you were, who you were with, and how much you purchased’ could be tracked without your knowledge. This means you could be exposed defenselessly even in front of a maliciously installed reader.
Therefore, when tags are used for purposes like ID cards or credit cards, it is necessary to differentiate the reader’s information access rights. That is, when a reader attempts to read a tag’s information, a selective information provision function is required to ensure only the permitted scope of information is transmitted based on the reader’s type. Implementing this function requires adding circuitry enabling the tag to identify the reader type. However, since such additional components are burdensome, the widely adopted approach currently is to configure tags so that while their data can be read, its contents cannot be verified without proper authorization. A representative example is storing pre-encrypted information on the tag and ensuring the encrypted code transmitted by the tag can only be decrypted using the reader’s specific key.
While encryption effectively protects the tag’s contents, it risks exposing the tag’s movement path. This is because the stored encryption key remains constant; continuously recording locations where the same key is read allows tracking the tag’s route. To prevent this, the tag should share a key with the reader and transmit it using an unpredictable encryption key each time it is exposed to the reader. However, even in this case, if the shared key stored on the chip is compromised due to physical loss or theft of the tag, the encryption could be decrypted. Furthermore, analyzing records collected from multiple locations could potentially reveal the tag’s current and past movements. Making tags ultra-small and implanting them in the human body prevents loss or theft, allowing safer enjoyment of RFID benefits. However, this approach raises ethical concerns due to the implantation of tags in the body.
Adding various functions to tags requires additional circuits, increasing both the chip size and power consumption.
Increasing the electromagnetic field strength of the reader to supply more power can cause another problem: interference between neighboring readers. Given the significant number of practical technical challenges that must be resolved, the practical implementation of a system with high security is likely to take more time. Nevertheless, as the scope of use continues to expand, it is essential to establish institutional mechanisms that impose strict restrictions on the extraction and use of personal information to minimize the risk of information leakage.
