RFID Arena

Categories

Perks, practices, privacy – are privacy concerns outdated?

A customer attitude report recently summarized that a majority of people are willing to trade off personal data for perks. If that is the case, are privacy concerns a thing of the past?

Privacy is a controversial topic and in relation to UHF RFID technology there are frequent discussions on privacy concerns. This topic certainly deserves to be taken seriously and thus we attempt to shed light on it from different angles. We want to take a look on whether UHF RFID poses a larger risk for compromised privacy than e.g. loyalty cards? What information could be gathered and what practices are available that will help to keep your shopping behaviour private?

Privacy2

The hot topic of privacy

Communispace published a report investigating customer attitudes regarding perks and privacy. The conducted research showed that 70% of consumers are willing to trade off personal data in return for perks. One question arises from these results "is privacy - after all - still a controversial topic and big issue in the eyes of customers?"

Privacy issues: loyalty card vs RFID

Nowadays it is common that people own several loyalty cards and share information about themselves in social media. People do readily share their location, for example by making their location public via Facebook or by checking in via Foursquare.

Loyalty cards are a part of most of our daily lives, at least for the majority of us. Retail stores offer their own cards, oftentimes giving consumers the option to sign up and e.g. enjoy the perk of getting a 15% reduction off of the first purchase as well as offers that we receive per email. We swipe our loyalty cards when grocery shopping, when we buy clothes and at the garden centre. This means that for most of us the swiping of our card happens at least weekly, oftentimes daily.

Why is UHF RFID technology perceived as more risky than giving up privacy with a loyalty card or by announcing your location via social media? One major difference posed by UHF RFID technology, is that to the customer's eye it appears to be invisible. With loyalty cards the reading or swiping of the card is apparent and reading of a code is obvious. Customers seem to feel that a loyalty card or social media allows them to better control what information will be obtained and when.

But does UHF RFID technology pose a higher privacy risk than what we already decidedly give up with regular loyalty cards as is? Let's look into the information that could be available of customers.

Information, Information, Information

Customers fear that privacy related data could be gathered about their purchasing behaviour. What information could possibly be obtained by outsiders?

Within a store

The information that could be obtained within a store environment is related to product information. This means that if a customer walks through the store, the information that could be scanned via UHF RFID would be about the product a customer is carrying. For example information about the item, size, colour and so forth. In the case that a customer also carries an RFID enabled card, the product could be linked to a specific individual, otherwise no connection to a person could be made.

In the store:

  • Tag contains product information
  • No connection to person identified unless individual is connected to the product via an RFID card

Generally this would mean that customer X could be scanned with item Y in a specific size and colour in the store. This would not greatly be different from the information made available at the point of sale if an item is purchased by credit card or in connection with a loyalty card. The difference between the information obtained via barcode or UHF RFID is that barcode associates the customer to a product group. With UHF RFID a customer is associated with a unique product meaning that colour and size are likely to be attributes that are additionally disclosed.

Outside of a store

What is the situation outside, once a customer leaves a store? Outside of a store it is theoretically possible to obtain information if an UHF RFID tagged product and a person with an UHF RFID card can be linked.

Outside of a store

  • Tag contains product information
  • Product can only be linked to person if the product's tag is scanned in combination with an RFID member card

Once a customer leaves the store environment and an outside person would use UHF RFID technology to link customer and UHF RFID tags, product information could be scanned. Nevertheless this would only be possible in cases where RFID tags are not removed from purchased garments. Most UHF RFID tags are attached by hang labels that can easily be cut and removed from a garment. This is easily done by store personnel at the point-of-sale. And of course also the consumer can easily remove the tags from purchased products. Also, it is important to bear in mind that identifying a purchased product would only be possible if no other privacy protection measures have been taken.

From the two scenarios we see that the key in the privacy debate would be to control the tag information after the tag leaves the store as this is where a difference between barcode and UHF RFID is apparent. There are already practices in place that ensure customer privacy. Thus, we want to take a closer look at what practices UHF RFID technology offers for privacy protection.

Privacy1

What practices for privacy protection does UHF RFID Technology offer?

  • Private/Public profiles

In this case, privacy is protected with a feature made possible by the tag /chip manufacturer. The tag contains the functionality where data can be classified as either private or public information. The private profile is protected with a password and this makes it impossible for unknown readers to access data classified as private. This way companies can control what data could potentially be obtained by outsiders and what data is secured behind the private profile.

  • Reading distance optimization

Reading distance optimization refers to a special feature in a tag or chip that allows adjusting the reading distance for data classified as private. In practice, this could mean that once an item has been purchased in a retail store, the reading distance of the tag / chip can be adjusted at the POS (Point-of-Sale). The reading distance can be adjusted to a minimum distance for all purchased items. That way any attempt to scan the item outside of the store environment would require extremely close proximity to the item. Consequently the retailer could utilize the tag information later on, for example in case when items are returned.

  • Physical removal of a tag

Physical removal or destruction of a tag is also a way for protecting customer privacy. In practice this means that when an item is purchased, tags are physically removed or destroyed at the POS. The practice can either comprise that the tag is detached from an item or that the tag is destroyed e.g. by cutting it into half.

  • Kill tag functionality

This differs from the above destruction of tags as it is done electronically. In this case tags are not destroyed by cutting or removing but through electronic destruction of the tag at the point of sale.

  • Removal or modification of the EPC (electronic product code)

In this privacy practice a retailer chooses to remove or modify the EPC code in a tag. This happens at the checkout where a product is identified first. Then the EPC code is either removed or changed according to a predefined rule, making it impossible for unknown readers to interpret the product code. If the retailer chooses to modify the code, it is possible to reinstate the product code in cases where products are returned to the store.

  • Unique EPC coding

Depending on what kind of coding is used, the EPC code of the product can be or cannot be interpreted outsiders. Some retailers might choose to use their own codes instead of codes that comply with the GS1 standard. Unique EPC codes are only interpretable by internal personnel and UHF RFID readers.  Generally coding as per GS1 standard is the recommended approach as it ensures compliance throughout the entire supply chain. Nevertheless, for smaller retail stores that carry out tagging at store level or in their own production unique EPC coding can be feasible.

What will the new Gen2v2 Protocol bring to the table?

The new Gen2v2 Protocol will impact privacy protection further for example in regards to restricting access privileges. Private / Public profiles will become even more prominent once Gen2v2 standard compliant UHF RFID tags will hit the markets. The profiles will then no longer be proprietary to the tag and tag manufacturer but incorporated into the ISO/IEC 18000-63 standard. With these private / public profiles, data can be hidden, restricted and made even harder accessible due to reading range adjustments.

The protocol behind the new Gen2v2 standard will also support cryptographic authentication. In practice this means that the communication between tag and reader can be concealed by equipping both with an encryption key. This will significantly aid to protect the communication between tag and reader from outside eaves dropping.

Another feature relates to the user memory functionalities. The user memory of tags can be defined into specific portions and then access to each part can accordingly be more specifically defined and granted.

As the technology evolves, practices are constantly revised and improved to tackle issues and concerns that arise.

Perks, practices and privacy

So how does this all translate into real life and our concern for privacy? Nowadays there are many ways to risk disclosing private information.

Privacy itself is of course never an outdated topic, as technology is constantly evolving, privacy and data security should always form an important focus for legislations, standards, policies and practices. Nevertheless transparency and awareness of UHF RFID technology certainly help to see where privacy concerns are valid and what can be done to keep information secure. The risks with UHF RFID are not higher than other data collection methods if action is taken to ensure data privacy.

Protecting private information can - and is - done by practices that already exist today. Of course one certain way to avoid disclosing information altogether, would be to fully decline all loyalty cards, credit cards or RFID cards, but this does probably not seem feasible in today's world. We have to realize that it is the interest of both in customer and retailer equally, to avoid threats to consumer privacy.

And when it comes to fearing that UHF RFID tags could be read from earth orbit - don't worry - that is simply not possible. RFID reading distances have improved but such a distance is not achievable by any UHF RFID reader.

Sources

Report: 70% of Consumers Would Share Personal Data in Exchange for Perks

http://online.wsj.com/article/PR-CO-20140306-909007.html

GS1 EPC Gen2v2 Fact Sheet

http://www.gs1.org/docs/epcglobal/EPC_Gen2v2_Factsheet.pdf

 

Post a comment

Keep in touch

Send me more info!
Send me a Newsletter!
Send me a Magazine!
Contact info