ODYSSEY: The Leader in Defense Commerce Solutions Blog

Privacy and Data Security in the RFID Industry

Posted by Bo McMillan on Thu, Dec 3, 2015 @ 16:12 PM



If a list of buzzwords was to be created for 2015 (and surely there will be such a list), one of those words will no doubt be “security.” Granted, that particular word could come in a variety of forms: cybersecurity, data security, even data breach, privacy, etc. Large-scale data breaches like what happened to Target, and even our own government, have made people acutely aware of how easily information can be stolen and the need to keep it protected. That need certainly expands to the RFID realm as what we do literally involves specific information being packaged and shipped in easy-to-read labels.

            What Odyssey does then, in light of protecting sensitive information, is a bit of a double-edged sword. On one hand we seek to be a pioneer in the DoD RFID and smart label realm by using technology and methods, which streamline time, effort, and information for DoD vendors. In other words, the Odyssey software uses emerging technology to make life easier on our clients. That’s good, right? Of course it is. But the reverse of that is the fact that information, especially distilled information that’s meant to be moved easily, affords better opportunities for data to be stolen. We live in a world where efficiency isn’t enough. Privacy has risen to such a great importance that customers and companies are willing to forgo simplicity and efficiency in order to protect their information.

            At the risk of frightening readers out of passive RFID technology, it must be noted that our solutions to these risks will be outlined further in the post and that we consider the privacy of our information of the utmost importance. That being said, passive RFID presents a unique opportunity to those looking to get ahold of information in unauthorized manners. The difference in our passive tags, as opposed to active tags, is that passive tags lay dormant until picked up by a reader or scanner. That data is essentially sitting on the tag waiting to be read. DoD vendors tend to use short-range scanners in their warehouses that read these labels as they enter or exit their facilities, cataloging the boxes and pallets for appropriate tracking. Suppose, for a moment that an outside source, someone looking to steal a supplier’s data for malicious intent, were to use a long-range reader to activate a label and intercept data during shipment. Scary, right? Particularly since something like that doesn’t seem all that difficult to do. “Skimming,” as this is sometimes called, is the reason RFID-blocking wallets exist and are popular amongst travelers. With passive chips being embedded in credit cards, driver’s licenses and passports, those looking to protect their information are buying them up in droves.

            But what about our industry? What about DoD suppliers looking to ship their assets with absolute safety? Surely there are no wallets big enough to put pallets in. So what do we do? Well, several things actually. We believe that a multi-layered security approach is key to protecting our clients. We start by encrypting all data being sent from Odyssey servers, which blocks unauthorized outside access. Next, we ensure that the data on our tags acts as more as a key than a source of vital information. Essentially, the labels only contain a cage code and serial number. No personal information, etc. is included. If a malicious source did attempt to intercept any data from the tags they wouldn’t tell that source much at all. This “key” format, used by the DoD, means the labels simply unlock more information. That information is securely stored in iRAPT, which we have written about in the past.

            The privacy and security landscape is changing all around the world. Our goal is to be one step ahead of the trends, just like we do with technology in our industry. We consider client privacy one of the key services in the complete experience we’ve built with Odyssey’s software.


Watch a  Personalized Demo Here!

Topics: RFID, Passive RFID, Data Security