Scheduled System Maintenance:
On May 6th, single article purchases and IEEE account management will be unavailable from 8:00 AM - 5:00 PM ET (12:00 - 21:00 UTC). We apologize for the inconvenience.
By Topic

Embedded RFID and Everyday Things: A Case Study of the Security and Privacy Risks of the U.S. e-Passport

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Meingast, M. ; Univ. of California at Berkeley, Berkeley ; King, J. ; Mulligan, D.K.

New applications for Radio Frequency Identification (RFID) technology include embedding transponders in everyday things used by individuals, such as books, payment cards, and personal identification. While RFID technology has existed for decades, these new applications carry with them substantial new privacy and security risks for individuals. These risks arise due to a combination of aspects involved in these applications: (1) The transponders are permanently embedded in objects individuals commonly carry with them (2) Static data linkable to an individual is stored on these transponders (3) The objects these transponders are embedded in are used in public places where individuals have limited control over who can access data on the transponder. In 2002, the U.S. Department of State proposed the adoption of an "electronic passport," which embedded RFID transponders into U.S. passports for identification and document security purposes. In this paper, we use the U.S. Government's adoption process for the electronic passport as a case study for identifying the privacy and security risks that arise by embedding RFID technology in "everyday things." We discuss the reasons why the Department of State did not adequately identify and address these privacy and security risks, even after the government's process mandated a privacy impact assessment. We conclude with recommendations to assist government as well as industry in early identification and resolution of relevant risks posed by RFID technology embedded in everyday things.

Published in:

RFID, 2007. IEEE International Conference on

Date of Conference:

26-28 March 2007