research-article

Rethinking RFID: awareness and control for interaction with RFID systems

Authors:
Nicolai Marquardt

University of Calgary, Calgary, AB, Canada

University of Calgary, Calgary, AB, Canada
View Profile

,
Alex S. Taylor

Microsoft Research Cambridge, Cambridge, United Kingdom

Microsoft Research Cambridge, Cambridge, United Kingdom
View Profile

,
Nicolas Villar

Microsoft Research Cambridge, Cambridge, United Kingdom

Microsoft Research Cambridge, Cambridge, United Kingdom
View Profile

,
Saul Greenberg

University of Calgary, Calgary, AB, Canada

University of Calgary, Calgary, AB, Canada
View Profile

CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing SystemsApril 2010Pages 2307–2316https://doi.org/10.1145/1753326.1753674

Published:10 April 2010Publication History

CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

Pages 2307–2316

ABSTRACT

People now routinely carry radio frequency identification (RFID) tags - in passports, driver's licenses, credit cards, and other identifying cards - from which nearby RFID readers can access privacy-sensitive information. The problem is that people are often unaware of security and privacy risks associated with RFID, likely because the technology remains largely invisible and uncontrollable for the individual. To mitigate this problem, we introduce a collection of novel yet simple and inexpensive tag designs. Our tags provide reader awareness, where people get visual, audible, or tactile feedback as tags come into the range of RFID readers. Our tags also provide information control, where people can allow or disallow access to the information stored on the tag by how they touch, orient, move, press or illuminate the tag.

Supplemental Material

p2307.mov

mov

34 MB

Download

References

Ahson, S. and Ilyas, M. RFID Handbook. CRC Press, 2008.Google ScholarCross Ref
Beckwith, R. Designing for ubiquity: the perception of privacy. Pervasive Computing, IEEE 2, 2 (2003), 40--46. Google ScholarDigital Library
Bellotti, V. and Sellen, A. Design for privacy in ubiquitous computing environments. Proc. of ECSCW '93, Kluwer (1993), 77--92. Google ScholarDigital Library
Brunette, W., Lester, J., Rea, A., and Borriello, G. Some sensor network elements for ubiquitous computing. Proc. of IPSN '05, IEEE (2005), 52. Google ScholarDigital Library
Buettner, M., Prasad, R., Sample, A., et al. RFID sensor networks with the Intel WISP. Proc. of SenSys '08, ACM (2008), 393--394. Google ScholarDigital Library
Cavoukian, Ann. Privacy by Design... Take the Challenge. Information and Privacy Commissioner of Ontario (Canada), http://www.ipc.on.ca/images/Resources/PrivacybyDesignBook.pdf, 2009.Google Scholar
Curtin, J., Kauffman, R.J., and Riggins, F.J. Making the 'MOST' out of RFID technology: a research agenda for the study of the adoption, usage and impact of RFID. Inf. Technol. and Management 8, 2 (2007), 87--110. Google ScholarDigital Library
Czeskis, A., Koscher, K., Smith, J.R., and Kohno, T. RFIDs and secret handshakes: Defending against ghost-and-leech attacks and unauthorized reads with context-aware communications. Proc. of CCS '08, ACM (2008), 479--490. Google ScholarDigital Library
Das, R. and Harrop, P. RFID Forecasts, Players and Opportunities 2009--2019. IDTechEx Inc. Report, www.idtechex.com, Cambridge, MA, USA, 2009.Google Scholar
Dourish, P., Grinter, E., Flor, J.D.D.L., and Joseph, M. Security in the wild: user strategies for managing security as an everyday, practical problem. Personal Ubiquitous Comput. 8, 6 (2004), 391--401. Google ScholarCross Ref
Eckfeldt, B. What does RFID do for the consumer? Commun. ACM 48, 9 (2005), 77--79. Google ScholarDigital Library
Fishkin, K.P., Roy, S., and Jiang, B. Some Methods for Privacy in RFID Communication. In Security in Ad-hoc and Sensor Networks. 2005, 42--53. Google ScholarDigital Library
Garfinkel, S. An RFID Bill of Rights. Technology Review, http://www.technologyreview.com/communications/12953/, 2002.Google Scholar
Garfinkel, S., Juels, A., and Pappu, R. RFID Privacy: An Overview of Problems and Proposed Solutions. IEEE Security and Privacy 3, 3 (2005), 34--43. Google ScholarDigital Library
Günther, O. and Spiekermann, S. RFID and the perception of control: the consumer's view. Com. ACM 48, 9 (2005), 73--76. Google ScholarDigital Library
Heydt-Benjamin, T.S., Bailey, D.V., Fu, K., Juels, A., and O Hare, T. Vulnerabilities in first--generation RFID--enabled credit cards. LNCS 4886, Springer (2008), 2. Google ScholarDigital Library
Juels, A., Molnar, D., and Wagner, D. Security and Privacy Issues in E-passports. Proc. of SecureComm '05. (2005), 74--88. Google ScholarDigital Library
Karjoth, G. and Moskowitz, P.A. Disabling RFID tags with visible confirmation: clipped tags are silenced. Proc. of the workshop on Privacy in the electronic society, ACM (2005), 27--30. Google ScholarDigital Library
King, J. and McDiarmid, A. Where's the beep?: security, privacy, and user misunderstandings of RFID. Proc. of Conf. on Usability, Psychology, and Security, USENIX Assoc. (2008), 1--8. Google ScholarDigital Library
Koscher, K., Juels, A., Kohno, T., and Brajkovic, V. EPC RFID Tags in Security Applications: Passport Cards, Enhanced Drivers Licenses, and Beyond. RSA Laboratories. In Submission. http://www.rsa.com/rsalabs/node.asp?id=3557, (2008).Google Scholar
Langheinrich, M. Privacy by Design -- Principles of Privacy-Aware Ubiquitous Systems. Proc. of Ubicomp '01, Springer (2001), 273--291. Google ScholarDigital Library
Langheinrich, M. A survey of RFID privacy approaches. Personal and Ubiquitous Computing, (2008). Google ScholarDigital Library
Marquardt, N. and Taylor, A.S. RFID Reader Detector and Tilt-Sensitive RFID Tags. DIY for CHI Workshop, (2009).Google Scholar
Martinussen, E.S. and Arnall, T. Designing with RFID. Proc. of TEI '09, ACM (2009), 343--350. Google ScholarDigital Library
Nguyen, D.H., Kobsa, A., and Hayes, G.R. An empirical investigation of concerns of everyday tracking and recording technologies. Proc. of Ubicomp '08, ACM (2008), 182--191. Google ScholarDigital Library
Ohkubo, M., Suzuki, K., and Kinoshita, S. RFID privacy issues and technical challenges. Com. ACM 48, 9 (2005), 66--71. Google ScholarDigital Library
Ozer, N.A. Rights "Chipped" Away: RFID and Identification Documents. Stanford Technology Law Review, http://stlr. stanford.edu/pdf/ozer-rights-chipped-away.pdf 1, 1 (2008).Google Scholar
Philipose, M., Smith, J.R., Jiang, B., Mamishev, A., Roy, S., and Sundara-Rajan, K. Battery-free Wireless Identification and Sensing. IEEE Pervasive Computing 4, 1 (2005), 37--45. Google ScholarDigital Library
Poole, E.S., Dantec, C.A.L., Eagan, J.R., and Edwards, W.K. Reflecting on the invisible: understanding end-user perceptions of ubiquitous computing. Proc. of Ubicomp '08, ACM (2008), 192--201. Google ScholarDigital Library
Rieback, M., Crispo, B., and Tanenbaum, A. RFID Guardian: A Battery-Powered Mobile Device for RFID Privacy Management. Proc. of ACISP'05, Springer (2005), 184--194. Google ScholarDigital Library
Sample, A., Yeager, D., Powledge, P., and Smith, J. Design of a Passively-Powered, Programmable Sensing Platform for UHF RFID Systems. Proc. of RFID '07, IEEE (2007), 149--156.Google ScholarCross Ref
Sample, A., Yeager, D., and Smith, J. A capacitive touch interface for passive RFID tags. Proc. of RFID '09, IEEE (2009), 103--109.Google ScholarCross Ref
Schmidt, A. Implicit human computer interaction through context. Personal and Ubiq. Computing 4, 2 (2000), 191--199.Google Scholar
Selker, E.J. Manually Operated Switch for Enabling and Disabling an RFID card. US Patent 6863220, (2005).Google Scholar
Smith, J.R., Fishkin, K.P., Jiang, B., et al. RFID-based techniques for human-activity detection. Commun. ACM 48, 9 (2005), 39--44. Google ScholarDigital Library
Spiekermann, S. and Evdokimov, S. Critical RFID Privacy-Enhancing Technologies. Security & Privacy, IEEE 7, 2 (2009), 56--62. Google ScholarDigital Library
Spiekermann, S. and Berthold, O. Maintaining Privacy in RFID Enabled Environments. In Privacy, Security and Trust within the Context of Pervasive Computing. 2005, 137--146.Google Scholar
Want, R. Enabling ubiquitous sensing with RFID. Computer 37, 4 (2004), 84--86. Google ScholarDigital Library
Want, R. The Magic of RFID. Queue 2, 7 (2004), 40--48. Google ScholarDigital Library
Want, R., Fishkin, K.P., Gujar, A., and Harrison, B.L. Bridging Physical and Virtual Worlds with Electronic Tags. Proc. of CHI '99, ACM (1999), 370--377. Google ScholarDigital Library

Index Terms

Rethinking RFID: awareness and control for interaction with RFID systems
1. Human-centered computing
  1. Human computer interaction (HCI)
2. Networks
  1. Network types
    1. Mobile networks
    2. Wireless access networks

Recommendations

Visible and controllable RFID tags
CHI EA '10: CHI '10 Extended Abstracts on Human Factors in Computing Systems

Radio frequency identification (RFID) tags containing privacy-sensitive information are increasingly embedded into personal documents (e.g., passports and driver's licenses). The problem is that people are often unaware of the security and privacy risks ...
Read More
On two RFID privacy notions and their relations

Privacy of RFID systems is receiving increasing attention in the RFID community. Basically, there are two kinds of RFID privacy notions in the literature: one based on the indistinguishability of two tags, denoted as ind-privacy, and the other based on ...
Read More
RFID: The Next Serious Threat to Privacy

Radio Frequency Identification, or RFID, is a technology which has been receiving considerable attention as of late. It is a fairly simple technology involving radio wave communication between a microchip and an electronic reader, in which an ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
April 2010
2690 pages
ISBN:9781605589299
DOI:10.1145/1753326
General Chair:
Elizabeth Mynatt
Georgia Institute of Technology
,
Program Chairs:
Geraldine Fitzpatrick
Vienna University of Technology
,
Scott Hudson
Carnegie Mellon University
,
Keith Edwards
Georgia Tech
,
Tom Rodden
University of Nottingham
Copyright © 2010 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 10 April 2010
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
awareness
control
feedback
privacy
rfid
sensors
Qualifiers
- research-article
Conference

Acceptance Rates
Overall Acceptance Rate6,199of26,314submissions,24%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 57
  Total Citations
  View Citations
- 2,297
  Total Downloads
- Downloads (Last 12 months)85
- Downloads (Last 6 weeks)16
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Rethinking RFID: awareness and control for interaction with RFID systems

CHI '10: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems

ABSTRACT

Supplemental Material

References

Cited By

Index Terms

Recommendations

Visible and controllable RFID tags

On two RFID privacy notions and their relations

RFID: The Next Serious Threat to Privacy