Bank Systems & Technology is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

10:31 AM
Connect Directly
RSS
E-Mail
50%
50%

Experts refute RFID virus claims

The trade association for automatic identification and mobility, AIM Global, refuted the main findings of an IEEE conference paper presented earlier this week that suggested RFID tags could be used to corrupt databases and even potentially to spread computer viruses.

LONDON — The trade association for automatic identification and mobility, AIM Global, attempted to refute key findings of an IEEE conference paper presented this week that suggested RFID tags could be used to corrupt databases and even spread computer viruses.

The paper, by Melanie Rieback, a third-year PhD student at Amsterdam's Vrije University, was presented at the IEEE conference in Pisa, Italy, on Wednesday (March 15), sent shock waves through the RFID industry.

Titled "Is Your Cat Infected with a Computer Virus?" the paper suggested computer viruses could spread from RFID tags through readers into poorly written middleware applications and backend systems and databases.

"Many of the basic assumptions in the paper overlook a number of fundamental design features necessary in automatic data collection systems and good database design," asserted AIM Global President Dan Mullen.

Mullen suggested that researchers built a system with a weakness and then proceeded to show how the weakness could be exploited. "Not surprisingly, poor system design, whether capturing RFID tag information, bar code information or keyboard-entered data, will create vulnerabilities."

The association said it recognizes the efforts of university researchers is designed to highlight RFID security issues. "But the methodology of this particular research is questionable,” added Mullen.

Responding to the paper, RFID experts and International Organization for Standardization scientists, meeting this week in Kyoto, Japan, to debate RFID standards, emphasized that fixed data RFID tags, such as those used to identify pets, cannot be changed and therefore are immune to infection by a virus.

They skirted the issue of whether other types of tags, such as those where data can be changed, are prone to attacks. The experts did note that specific attributes in RFID systems can protect the overall system.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Bank Systems & Technology Newsletters
Slideshows
Video
Bank Systems & Technology Radio
Archived Audio Interviews
Join Bank Systems & Technology Associate Editor Bryan Yurcan, and guests Karen Massey and Jerry Silva from IDC Financial Insights, for a conversation about the firm's 11th annual FinTech rankings.