Concerns about wireless tracking devices discussed

Despite new research pointing to security vulnerabilities in wireless tracking technology known as radio-frequency identification, government and business representatives remain confident in its use.

Last week, a study from Amsterdam's Vrije University warned that computer viruses could move from RFID tags to exploit some software systems. The research -- "Is Your Cat Infected with a Computer Virus?" by Melanie Rieback -- was presented at the Institute of Electrical and Electronics Engineers conference in Pisa, Italy.

RFID software code writers must build appropriate checks "to prevent RFID middleware from suffering all of the well-known vulnerabilities experienced by the Internet," according to the report. The paper claims to present the first self-replicating RFID virus.

Governments and businesses around the world have been adapting applications of RFID for various tasks, such as tracking groceries or cargo and verifying people's identities.

A State Department official said the United States plans to begin deploying new passports with RFID technology on a widespread basis this summer. The number of passports being issued over the past few years has increased from 7.3 million in fiscal 2003 to more than 13 million expected to be issued in 2006.

"The security of the e-passport is of the utmost importance to the State Department. We only went ahead in issuing them after ensuring that the data would be protected," said the official, who noted that the passport includes a different type of RFID than the one questioned in the report.

To address privacy concerns, the State Department has added technology to prevent the inappropriate "skimming" of passport data by other technology in the vicinity. Privacy advocate Bill Scannell labeled the move "considerably better than nothing."

Dan Mullen, president of the identification trade association AIM Global, said in a statement that many of the paper's assumptions "overlook a number of fundamental design features necessary in automatic data-collection systems and good database design." A representative for the RFID company Alien Technology agreed.

But the technology has some privacy advocates concerned. "There is absolutely no need to use an RFID technology," said Scannell, who added that "relying on RFID for security is a bad idea."

RFID "works well for cattle but not for people," Scannell said in reference to the use of the technology in livestock for tracking purposes.

Evan Scott, the president of Evan Scott Group International, said he has confidence in the system and works with RFID companies on a daily basis. "A lot is being done every day to ensure security," he said.

"There are risk and concerns with all technology," said Scott, who noted that the concerns drive research and development. "RFID issues will be resolved and fixed through good technology. We are in the information age now. Everything is on the Internet or through the airwaves."

A lot of venture-capital investments have been going toward RFID in the last couple years, Scott noted. He expects the trend to continue with more commercial and security applications.

Stay up-to-date with federal news alerts and analysis — Sign up for GovExec's email newsletters.
Close [ x ] More from GovExec

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

  • Cyber Risk Report: Cybercrime Trends from 2016

    In our first half 2016 cyber trends report, SurfWatch Labs threat intelligence analysts noted one key theme – the interconnected nature of cybercrime – and the second half of the year saw organizations continuing to struggle with that reality. The number of potential cyber threats, the pool of already compromised information, and the ease of finding increasingly sophisticated cybercriminal tools continued to snowball throughout the year.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • GBC Issue Brief: The Future of 9-1-1

    A Look Into the Next Generation of Emergency Services

  • GBC Survey Report: Securing the Perimeters

    A candid survey on cybersecurity in state and local governments

  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

  • eBook: State & Local Cybersecurity

    CenturyLink is committed to helping state and local governments meet their cybersecurity challenges. Towards that end, CenturyLink commissioned a study from the Government Business Council that looked at the perceptions, attitudes and experiences of state and local leaders around the cybersecurity issue. The results were surprising in a number of ways. Learn more about their findings and the ways in which state and local governments can combat cybersecurity threats with this eBook.


When you download a report, your information may be shared with the underwriters of that document.