RFID Security Ethical and Moral Considerations
Thesis Statement
RFID’s can be used to provide parents with a sense of security knowing that their child arrived safely at school, store important medical information to avoid treatment errors, and save you time by checking in at the front desk to get your room key when you book a hotel. These are all wonderful benefits of the increasing uses of RFIDs. However, is this information safe? What could happen if this information fell into the wrong hands? At what age or who should be tracked or monitored? I can certainly appreciate these advances but it does raise my concern if we as a society have lost trust in ourselves and each other.
RFID Security System
Spreading of RFID technologies to multiple spheres caused a natural need for development of a meaningful security system since technology has become a vulnerable target for numerous malicious activities that can have a negative imprint on the effectiveness and reputation of RFID. Therefore, recent trends in RFID security suggest that research into development of efficient hardware for serving cryptographic function, encryption of messages, authentication, and random number generation represent the best complex of solutions (Karmakar, 2013). Besides, RFID circuit design can be enhanced by manufacturing solutions directed towards cost-effective and power-efficient functions, while considerations of security are paid the major attention. The latter solution is regarded as the most applicable to the contemporary trends since orientation at security renders basic sustainability of the technology. In other words, such security solutions imply environmental, social, and economic efficiency of RFID. However, strategies of RFID security are not limited to the designs mentioned above.
Some RFID vendors deploy their own advancements in RFID security. These solutions are usually related to protection of privacy, authentication, and confidentiality of RFID data. By the same token, RFID vendors contribute much to the designing of a better integrity and confidentiality of RFID reader infrastructures. That enables RFID users to store data on tokens via the use of dynamic re-keying so that signatures of tokens can be rewritten in order to verify the identity of the owner. Conversely, solutions concerning effective security system presuppose substantial costs, which is why the major segment of RFID infrastructure remains to be insufficiently protected. Therefore, a complex of basic approaches to addressing security issues are designed since ethical as well as legislative perspectives demand a direct compliance with their guidelines. The technology is expected to serve the best interests of people, and its ethical considerations are essential for meeting that objective. In addition, Japanese views on technology presuppose Buddhist practice of non-attachment. The principle suggests that technology should focus on serving people moralities while material outcomes are temporal.
Considerations of RFID security are classified into three categories: tag data protection, reader integrity, and personal privacy. In such a way, solutions for tag data protection are the following. A common practice utilizes custom password for every tag so that data cannot become public without permission of the owner. However, storage of all passwords implies the need to enter the database and perform multiple comparisons to access a particular tag. Likewise, tag manufacturers embed locked identifiers before tags are deployed to the environment of their performance. The chip is designed for a read-only mode, and it is capable of storing already incorporated data inside the tag. However, data on these chips cannot be rewritten, which is why space for additional data will be required. That leads to the need for specific algorithms which will detect the latest tag data. Tag memory also presupposes the authentication of original writer of data. In other words, the data is written with a specific private key that leaves information about the author, public key, and algorithm for retrieving non-encrypted data. A reader is able to retrieve non-encrypted data and verify whether the data has been written by the original author. However, updating RFID tag with new information requires a key management system, which creates one-time access private keys.
The second group of security considerations belongs to the solutions of RFID reader integrity. First of all, that perspective of security deals with reader protection. Readers are enabled to deny tag replies with anomalies in response times as well as call power levels. They do not coincide with physical features of tags so that the use of passive tags thwarts any attempts of spoofing. In addition, readers can change bandwidth of data broadcasting within the channel so that unauthorized users cannot easily intrude in the channel for spoofing. Each tag is capable of following users’ bandwidths that can be changed at random. To the greatest extent, many of RFID application servers request user identification. Authentication mechanisms are implemented in the path between the application and the user in order to ensure that data is sent to a verified reader. RFID reader integrity is also secured with read detectors, which are deployed to RFID environments. They indicate attempts of unauthorized connection to a tag bandwidth. Tag detectors can be utilized for spotting unauthorized intervention, especially in cases when attempts are made with tags that are able to transmit a signal to a reserved bandwidth.
The last solutions are particularly focused on the protection of personal privacy. A kill tag command in every RFID tag disconnects it from short-circuit fuse, and the tag cannot be restored again. RFID tags can be protected by a cage made of metal and foil, which is called Faraday Cage. The cage blocks radio signals of certain bandwidth from the outside. As a result, tagged items cannot be detected. Sometimes, a method of active jamming is utilized. A special device initiates a proactive broadcast of a signal to authorized readers, while unauthorized attempts cannot be even made as the entire bandwidth is obtained. Moreover, each tag can be locked with a value of meta-ID, which is a hash value for a related PIN. Therefore, a tag will not open access to itself until a corresponding PIN value is presented. Taking all these points into account, a humanistic approach of ethics can be detected. All security solutions are designed for serving the best interest of people even though they imply additional expenditures on equipment, storage, or management. RFID security is based on the consideration of human needs and concerns so that any malicious use of the technology is strongly limited.
Possible Threats
As it has become increasingly apparent, the most explicit threat to RFID security is posed by a potential invasion of user privacy. Invasion of user privacy leads to revealing of a reader’s identity and such outcomes as blackmailing, use of personal data for fraud operations, and performing RFID-related operations on behalf of the owner. Recently, deployment of tagged body implants into human bodies intensified the controversy. That places RFID technology in conditions of ethical dilemma since general efficiency is opposed to concerns of security. Ethical approach of utilitarizm assumes that a certain technology or invention has to serve the majority of people even though some harm to a minor percentage of humans and can be potentially made. On the contrary, consequence-based ethics argue that every single outcome of the deployed technologies should be controlled and regulated. The principle of non-attachment is also applied, especially in terms of RFID use in Japanese cultural environment. Regarding these statements, RFID ethics adjust the design of the technology to both frameworks. Generally speaking, RFID is particularly focused on serving the masses, while their privacy is supposed to be sufficiently protected. RFID providers as well as vendors realize a natural fact that benefits of RFID definitely outweigh the related concerns. However, a wider range of functions, options, and amounts of data require more external control and regulation.
In such a way, detection of identity usually results in negative consequences for a reader. In particular, detection of private data can be divided in the three following categories. The first is location data. The data demonstrates the location of a tagged item as well as the location of a person who has an implanted tag inside his/her body. The second type is personal information such as date of birth, name, relatives, contact data, etc. That type of data is especially important as it provides the most meaningful information about reader’s identity. The last type of privacy invasion is detection of decision behavior. In fact, tag data may demonstrate purchasing patterns of an individual or any other transactions conducted via the tag. Comparison of these data to the related statistics will help reveal the personality of the tag’s owner. Moreover, detection of purchasing patterns may imply external purchases or transactions from an individual’s tag. Needless to say, such evidence does not comply with an integrated ethical framework of RFID. Also, the same threats can be observed on the corporate level.
A prolonged activation of tags because of technical mishap, human error, or specific properties of the tag may result in tracing tagged items far outside the location of their storage. In other words, manufacturers as well as suppliers are able to track their products after delivering them to retailers and distributors. A threat has become explicit for the publicity when Walmart faced a conflict with one of its key suppliers on the basis of such operations. One may argue that it does not have to be regarded as a breach of security since tracking manufactured products via channels of distribution is an evident advantage for advanced supply chain management. Although it is certainly true, it also provides a wide space for fraud activities. Detection of final destination of the goods can help manufacturers resell their products or unnaturally influence the demand and supply in that location. In fact, the ability to track tagged items after their handling presupposes a far wider range of opportunities for illegal and unethical actions. Utilitaristic ethics do not recognize that as opportunities in the best interest of the masses since only a small number of people benefits from deceiving the majority. That is why such actions are strictly prohibited by state as well as federal governments.
Since the use of RFID technology is spreading proactively, an ever-growing amount of data is flowing within RFID channels. That implies a possibility for breach of security since protection of larger amounts of data becomes respectively harder. Therefore, the growth of RFID infrastructure renders an overall vulnerability. A constant growth of infrastructure is the main source for security breaches as vendors and RFID providers are not able to follow the raise in infrastructures and the implied threats to them. Still, a common opinion about ethical considerations of RFID security revolves around combination of consequence-based, utilitarian, non-attachment, and humanistic ethics. Thus, RFID infrastructure can be maximally secured by an intelligent security system, which can be applied to every tag and recognize any undesired algorithms. Such solution requires substantial expenditures on design and prototyping, but these costs are well-justified in comparison with the losses due to security breach. Apart from that, legal perspective should be included. Fraud actions are prohibited by the federal government, but they still can be observed because of two following reasons. The first cause is based on the fact that little is done by the government to prevent fraud actions. The second reason is explained by the complexity of policies and standards of RFID-based performance so that certain users find it easier to violate the laws rather than follow them. That is why RFID security should rely heavily on Japanese approach of non-attachment as it presupposes that expenditures and legal changes are not an object for preserving human privacy.
However, the situation is not critical since many of RFID-driven organizations implement ethical policies, which mainly outline the following statements. Considerations of RFID security are utilized for establishment of public safety, welfare, and national security. This statement addresses a global context of RFID security, especially in terms of the growing threats of cyberterrorism. The second commonly recognized ethical statement suggests that RFID is expected to serve the best interest of people and cannot be used for morally opposite activities. The majority of organizations refer the statement to criminal responsibility because ethical emphasis is insufficiently strong for reduction of fraud evidence. The third statement is based on the requirements to honest, conflict-free, and fair deployment of RFID-driven data since all users are placed in the same conditions. The statement presupposes considerations of equal and diverse use of RFID technology. Eventually, admission of a relatively stable situation concerning prevention of possible threats to RFID security is appropriate. Some distinct gaps have to be surely filled, but the state of RFID security is not critical that is why ethics of non-attachment should be applied. Emerging of new solutions will cause the development of a more sophisticated means of security breach so that people should focus on the development of security without any respect to technological side of the problem.
Ulterior Motives
Since the current state of ethical perspective of RFID security has become explicated, ulterior motives can be discussed in detail. In regard to detection of privacy, the basic ulterior motive relates to purposes of blackmailing a reader since his/her personal information has become available for someone else. Hence, it can be used for any blackmailing scenarios: from demanding money in exchange for the restored privacy to taking revenge because of a personal conflict with a reader. In the same way, private data can be used for performance of various fraud activities like making purchases on behalf of the owner or using the tag for storage of illegal data. Since tags are read-only devices and updating them with illegal data is hard, involvement of already recorded data in criminal activities is more possible. The latter statement particularly depicts fraud actions in the sphere of business and stock trading. These fields are naturally fraud-friendly as they presuppose remote communication and correspondence of figures with real facts. Therefore, certain manipulations can be conducted through someone else’s tags. Elimination of these ulterior motives can be achieved through the creation of a stricter punishment for related illegal actions as well as more flexible legal perspective for performing business, especially on the basis of RFID technology. In general, businessmen should be provided with better conditions for running business so that the need for taking an illegal action would be unlikely to emerge.
The second major ulterior motive is tracking tagged items (or even people) without authentication. Such fraud practices are usually applied in the sphere of supply chain management. A manufacturer or a supplier tracks handled items in order to detect their final destination. That enables them to create their specific channels of distribution so that certain parties of a supply chain can be omitted. In a similar manner, such actions may be taken to avoid particular legal requirements and standards. As for the tagged human implants, they enable the access to a person’s location and even his/her health data, provided that the implant contains a tag with external data management. Again, the main ulterior motive for that is blackmailing a person or even planning a crime, which is why the current location of a victim is needed. Returning to the subject of tracking tagged products, their owner can also be detected by revealing the geographic location of the tagged product. Overall, this ulterior motive is the most severe violation of RFID ethics, which is why tagged implants and goods have caused a strong controversy among designers, vendors, application providers, and users. However, preventive measures are basically related to criminal responsibility since commitment of crime takes place in the real world, while RFID technology is utilized as a mean of preparation. That is why the extent of the punishment remains to be the matter of legal sphere as crime is always recognized as an ethically wrong action. However, less severe ulterior motives are insufficiently addressed.
For instance, active tags can be used for making a purchase from someone else’s account or make the same transaction multiple times via the other active tag. This is a minor breach of ethics, but it is one of the most frequent evidence of RFID security violation. It can be explained by the fact that the operation is relatively simple while the punishment is minimal in comparison with blackmailing or tracking a person for a crime planning. That ulterior motive has raised a strong controversy regarding justification of active tag deployment. Walmart’s experience has demonstrated that protection of active tags is associated with substantial costs so that the low-scale use of the RFID technology creates a favorable environment for fraud actions. Under these circumstances, security of active tags is available only for organizations that are able to afford specific security solutions. An ethical dilemma is rather apparent since frequent negative outcomes of the technology application contradict the basic framework of consequence-based ethics. In a similar manner, the technology loses its compliance with utilitaristic ethics. As a matter of fact, active tags are an explicitly vulnerable target for fraud, which is why they do not serve the interest of the society any longer. The technology itself is obviously convenient and is aimed at addressing human needs, while considerations of security require drastic cutting-edge changes in the approaches to detection of external intrusion in a bandwidth of a tag. Overall, presence of ulterior motives in the use of RFID technologies still can be detected despite up-to-date security systems and criminal responsibility.
All in all, consequence-based ethics strongly suggest leveraging the application of RFID technologies since their security contains specific gaps that result in negative outcomes for users. On the contrary, utilitaristic ethics place emphasis on the best interest of the masses, which is why such useful technologies do not have to be limited. Therefore, a combination of both ethical frameworks is a sufficiently adequate judgment of the situation, especially provided that security of RFID will be always exposed to external threats. That can be explained by a human factor that plays the primary role in formation of ulterior motives. Attempts to enhance security system of RFID should be made even though perfectly protected RFID infrastructure cannot be created a priori. Nobody would argue with the fact that striving for better ethical standards of security will positively impact overall advancements of RFID technology. Finally, a contribution of ethics to the improvement of RFID design has to be admitted. As it has been discussed in the previous subsections, orientation at enhancing the security system boosts development of cost-effective and power-efficient solutions for operational functions of the technology. Ethics of security should be comprehended in a larger context of the technology application, which is why this subsection has given an account of ulterior motives, which can be recognized as the primary reasons for establishment of security ethics in the use of RFID technology. It is appropriate to make a general comment on the fact that the perspective of ethics regulates the balance between the advantages of RFID and the related concerns for security.