Secure RFID 'fingerprint' could curb counterfeit activity

Researchers have developed an "electronic fingerprinting" system to prevent counterfeiters from copying RFID tags, putting to rest fears that the technology is not secure enough to use in passports and other sensitive documentation.

Researchers have developed an "electronic fingerprinting" system to prevent counterfeiters from copying radio frequency identification tags, putting to rest fears that the technology is not secure enough to use in passports and other sensitive documentation.

Engineering researchers at the University of Arkansas developed a technology that hampers cloning of RFID tags by using "unique physical attributes" of individual tags, rather than information stored on them.

RFID technology, which has been implemented in new passports and is used for identification, controlling access and retail, has come under fire for being easy to hack. The passive tags, which hold sensitive information, can be read and copied by counterfeiters at a close distance, such as when a passport booklet is open.

A passive RFID tag harvests its power from an RFID reader, which sends radio frequency signals to the tag. The tag, which is made of a microchip connected to a radio antenna, modulates the signal and communicates back to the reader.

The researchers call it an "electronic fingerprinting system" because the method takes advantage of each tag's unique radio-frequency and manufacturing attributes.

Using an algorithm, the researchers repeatedly sent signals from reader to passive tag, starting at a low power value and increasing the power until the tag responded.

The resulting measurements -- radio frequencies ranged from 903 to 927 megahertz and increased by increments of 2.4 megahertz -- revealed that each tag had a unique minimum power response at multiple radio frequencies. The researchers found that power responses different significantly even among tags of the same model and type.

“These different responses are just one of several unique physical characteristics that allowed us to create an electronic fingerprint to identify the tag with high probability and to detect counterfeit tags," said Dale Thompson, associate professor of computer science and computer engineering, in a statement.

That's important because most RFID tags have limited to no security on their own to keep costs down. The new method doesn't require existing tags to be modified, keeping costs to implement the new method low.

The method remains independent of the tag's computational resources, the researchers said.

This post was originally published on Smartplanet.com