RFID Tracks You Down...Or Does It?
Excerpts from Ephraim Schwartz's InfoWorld column at http://www.infoworld.com/article/04/02/13/07OPreality_1.html. Mr. Schwartz lists two possible scenarios identified by Hal Etterman, an "expert on data encryption and surveillance systems" at MindForce Consulting.

...You're sitting in the food court at your favorite mall...when a cordon of mall police surround your table, guns drawn, screaming at you to "Drop the bun and put your hands up!"...[T]he clerk at the Gap forgot to deactivate the RFID (radio frequency identification) tag in the sweater you just bought. When you passed an RFID reader, connected to the Wi-Fi enabled network, it sent a message to the security desk, and as you passed each RFID reader along the way, they tracked you down in the food court.

You don't need this level of overkill. All you need is a very loud alarm as you exit the Gap. These alarms exist today, although RFID will allow better tracking of the merchandise.

Here's another scenario: You're going on vacation in Las Vegas, and...you buy a book on card counting. Unbeknownst to you, it, too, has an RFID tag impressed into the binding....Now as you enter the hotel/casino, an unobtrusive RFID reader tells management that you have in your possession a book on counting cards. The book has a unique serial number associated not with your credit card -- that would be illegal -- but with a customer ID, name, and address.

Why would anyone (well, anyone other than BookCrossing) even WANT to embed customer information in a book? If Joe's Books sells a book, it doesn't want to place its valuable customer data out in the book itself, where any competitor can get a hold of it.

The casino, in turn, subscribes to a service, maybe from Amazon, with a database of every book in print.

This is again overkill. Assuming that the information is embedded in the book in the first place, and assuming that the information is stored in a standard non-proprietary format, the casino can simply perform a word search for flagged terms such as "card counting." Much easier, and you save the cost of paying huge sums to Amazon.

In a world of zero latency, as you passed through the doors, your photo was also taken and now it is distributed to every casino on the strip, so that every time you try to enter a casino, your image is matched to the database...

Hold it right there. The National Institute of Standards and Technology has performed two rounds of face recognition vendor tests. As noted in the summary of the results of the 2002 tests, facial recognition accuracy in substandard lighting conditions is atrociously poor. Unless every person who enters the casino is subject to three-point lighting and positioned in front of an 18% gray backdrop, you can forget about accurate recognition of card counters.

...as a possible card counter, and two guys with closely cropped hair and tight-fitting sports jackets politely ask you to leave.

Well, I don't know a lot about THIS industry...

Comments

Popular posts from this blog