Smartworld: Identity Profiling With Radio Frequency

RFID, or radio frequency identification (also known as near field communication, or NFC) is used for wireless communication between devices, one of which is a transmitter and the other is a receiver. This involves the use of low frequency radio waves passing between the devices; it is in widespread use, although the impact onhealth is rarely alluded to. RFID is being used for a multitude of applications involving sensing and communication of information, especially ID verification using smart cards/phones, miniscule sensors known as smart dust, bodily implants, and product tracking.

There are already many well-established ID Management companies who are also using or advocating RFID and biometrics. These companies are heavily involved in the emerging global identity ecosystem (eg, the NSTIC program, the work of the ITU, and the European initiatives, including STORK), and include Accenture, IBM, Verisign/Symantec and Oracle. The industry has grown significantly and the trend looks set to continue – especially considering the heavy investment by leading corporations like Google, IBM, and Microsoft.

The smart card industry is playing a leading role in identity management, indicating that in the near future the public will expect to manage their digitised identity with extrinsic devices such as contactless cards and mobile phones.

In Denver, for instance, Auraria Higher Education Center recently decided to issue new contactless smart cards to students (over 43,000 of them), and to staff. The cards will control door access using RFID, and will even serve as Visa debit cards. The plan is to eventually integrate the cards with other applications for student services, including parking, meal payment, library checkout, event management, emergency incidents, and lab and recreational tracking.

Assa Abloy, and its subsidiary HID Global, have both been involved with the NSTIC throughout its inception. HID manufactures RFID tags for people/animal-identification, as well as for tracking products. HID recently shipped out further supplies of their “e-ID solutions” to supply over 150 million people with chipped passports/smartcards. In due course, however, the problems caused by people losing their smart phones or e-passports, or having them stolen or damaged, will likely signal the need for further security, leading to the uptake of implantable devices, like the VeriChip. There are already problems with the Bring Your Own Device (BYOD) phenomenon – where employees connect with the computing system at work with their own phone, etc – which could be ‘solved’ by implanted chips and identity management.

Intercede is a highly successful company in the identity industry, and recently has developed a means of enabling smart phones to use NFC for logical and physical access control, as well as identity verification and attribute management. This method actually replaces the need for smart cards. It works even when the phone isn’t switched on, and claims to avoid ‘skimming’ of personal data held on the phone by necessitating the “conscious consent of the user”.

Arguments that the chip is liable to hacking, whether it be in a device, card, or implant, are being countered with the advance of a new technology which claims to make the communications between a RF chip and a reader secure. Active Identity has developed an open protocol called ‘Opacity’ which prevents wireless transmissions being intercepted.

The use of identity authentication devices has necessitated the use of passwords or biometrics to validate use of the device. The problem is that the devices can be lost or damaged, and passwords can be forgotten or stolen. But now computer scientists have developed a mobile system which provides strong authentication for personal devices – a small device which measures unique physiological signatures is worn on the wrist (as a watch, or jewelry) and will automatically detect the identity chip it is linked to, whether it be a chip in a phone, or one that has been ingested, or implanted. Currently, mobile phones and smart cards/passports are the main devices used to verify identity, but proving the right person is using a device has been fraught with problems. This system will prevent impersonation because biometric authentication of the person presenting the identity device is automatically provided at all times. The system works by measuring ‘bioimpedance’, which is claimed to be more effective than other forms of biometrics, such as fingerprint scans.

All sorts of RF technologies for ID management, from phones to implants, are part of a burgeoning industry, as evidenced by a comprehensive report released in July by UK-based firm Smither Spira; the ‘Ten-year Forecast of Disruptive Technologies in Personal Identifica...’ report,

provides exclusive forecasts of market technology adoption through to 2022, broken down by end use and identity control type. This brand new report identifies 25 technologies that are predicted to have major influence on the personal ID market in the next ten years. Technologies covered include security printing inks, biometrics, national identity registries, encoded taggants, high-resolution optical effects and geolocation. Each of the 25 technologies is explained, analysed and ranked based on the impact it is likely to have on this evolving industry.

Some of the subject headings in the contents list include:

body implanted chips;
a biometric civil registry;
a VeriChip implant;
contact lenses that act like a computer screen;
geolocation as a security feature in personal identification.

There is a steady increase in the use of mobile devices for access and control; more and more people are using their phones and smart cards for identity verification, as well as using a phone to pay for things by just waving it near to a ‘reader’. There is even new technology which allows people to use NFC to scan their smart meter and pay their electricity bill with their smart phone.