As the use of RFID in supply chain settings progresses, industry experts have been devising ways to address consumer privacy concerns related to item-level RFID tagging.
IBM is to demonstrate an RFID tag with a disabling feature that limits — but doesn’t kill — a wireless chip’s ability to broadcast item information.
The Clipped Tag gives consumers the option to disable RFID tags on items they purchase without eliminating the possibility that the tags could be used later to expedite product returns or recalls, says Paul Moskowitz, a research staff member at IBM’s Watson Research Centre in New York. The design calls for a product label with perforations “like a sheet of postage stamps,” he says.
After purchasing a tagged item, a consumer can tear the Clipped Tag label along the perforations to remove a portion of the tag’s antenna, reducing its transmission capability. “When you do that, you do not kill the tag completely. The chip is still there, and it has some of the antenna left. But you’ve just taken a tag that may have had a 30-foot range and reduced the range to just a few inches.”
Once it’s torn, the tag can’t be read unless it’s presented directly to a reader.
“The tag becomes a close proximity tag rather than a long-distance tag,” Moskowitz says. By preserving the tag’s functionality, retailers can still read the information stored on the chip if necessary.
Typically, an item-level RFID tag stores a single Electronic Product Code (EPC). An EPC is a 96-bit identification number that indicates a manufacturer’s code and product code, along with a serial number unique to the item. Retailers and consumer goods manufacturers can link an EPC number with other supply-chain data to determine information, such as where an item was shipped from, how long it sat on store shelves and price history.
An EPC code isn’t readily associated with a consumer’s personal information, such as who bought the item or the buyer’s credit card number. But privacy advocates say the association with particular items purchased is enough to compromise privacy.
For example, since RFID tags don’t require direct contact with a reader, a wireless reader could potentially reveal the contents of a shopper’s bag by determining the manufacturers’ codes and product codes. Just as barcodes aren’t encrypted, neither are EPC codes typically encrypted, according to Moskowitz.
So far, in the supply chain world, most RFID implementations involve labelling shipping cases and pallets. But, before long, individual retail items will sport RFID labels, Moskowitz says.
“This is where privacy becomes a concern, because RFID tags can be read at a distance and they can be read by wireless means,” he says.
To address the issue, standards body EPCglobal built a kill command into the new Gen2 communications protocol for UHF tags. Retailers can execute the kill command at the point of sale — but it deactivates tags permanently. This means tags can’t be revived and used to help facilitate a product return or product recall, Moskowitz says.
Another disadvantage of the kill command is that it will require retailers to manage passwords for every item, Moskowitz says. “If you have a kill command and it’s not password-protected, you open yourself to vandalism. Somebody could just kill all the tags.”