Researchers Develop Anti-Counterfeiting 'Fingerprint' Technology For RFID Tags

Engineering researchers at the University of Arkansas have developed a unique and robust method to prevent cloning of passive radio frequency identification tags. The technology, based on one or more unique physical attributes of individual tags rather than information stored on them, will prevent the production of counterfeit tags and thus greatly enhance both security and privacy for government agencies, businesses and consumers.

“RFID tags embedded in objects will become the standard way to identify objects and link them to the cyberworld,” said Dale R. Thompson, associate professor of computer science and computer engineering. “However, it is easy to clone an RFID tag by copying the contents of its memory and applying them to a new, counterfeit tag, which can then be attached to a counterfeit product -- or person, in the case of these new e-passports. What we’ve developed is an electronic fingerprinting system to prevent this from happening.”

Thompson and Jia Di, associate professor of computer science and computer engineering and co-principal investigator on the project, refer to the system as a fingerprint because they discovered that individual tags are unique, not because of the data or memory they contain, but because of radio-frequency and manufacturing differences.

As Thompson mentioned, RFID tags are becoming more prevalent. They have been used in a wide range of applications, including government processes, industry and manufacturing, supply-chain operations, payment and administration systems, and especially retail.

“In spite of this wide deployment, security and privacy issues have to be addressed to make it a dependable technology,” Thompson said.

A passive RFID tag harvests its power from an RFID reader, which sends radio frequency signals to the tag. The tag, which consists of a microchip connected to a radio antenna, modulates the signal and communicates back to the reader. Working with an Avery Dennison M4E testcube designed for determining the best placement of RFID tags on packages, Thompson, Di and students in the Security, Network, Analysis and Privacy Lab measured tags’ minimum power response at multiple frequencies.

The researchers did this using an algorithm that repeatedly sent reader-to-tag signals starting at a low power value and increasing the power until the tag responded. Radio frequencies ranged from 903 to 927 megahertz and increased by increments of 2.4 megahertz. These measurements revealed that each tag had a unique minimum power response at multiple radio frequencies. Moreover, power responses were significantly different for same-model tags.

“Repeatedly, our experiments demonstrated that the minimum power response at multiple frequencies is unique for each tag,” Thompson said. “These different responses are just one of several unique physical characteristics that allowed us to create an electronic fingerprint to identify the tag with high probability and to detect counterfeit tags.”

Like other electronics equipment, cost and size have driven development of RFID technology. This emphasis means that most tags have limited computational capabilities; they do not include conventional encryption algorithms and security protocols to prevent cloning and counterfeiting. The electronic fingerprinting system addresses these concerns without increasing the cost or physically modifying the tag, Thompson said. The method can be used along with other security protocols for identification and authentication because it is independent of the computational capabilities and resources of the tag.

Thompson and Di are also developing network circuits that are resistant to side-channel attacks against readers and tags.

Featured

  • Video Surveillance Trends to Watch

    With more organizations adding newer capabilities to their surveillance systems, it’s always important to remember the “basics” of system configuration and deployment, as well as the topline benefits of continually emerging technologies like AI and the cloud. Read Now

  • New Report Reveals Top Trends Transforming Access Controller Technology

    Mercury Security, a provider in access control hardware and open platform solutions, has published its Trends in Access Controllers Report, based on a survey of over 450 security professionals across North America and Europe. The findings highlight the controller’s vital role in a physical access control system (PACS), where the device not only enforces access policies but also connects with readers to verify user credentials—ranging from ID badges to biometrics and mobile identities. With 72% of respondents identifying the controller as a critical or important factor in PACS design, the report underscores how the choice of controller platform has become a strategic decision for today’s security leaders. Read Now

  • Overwhelming Majority of CISOs Anticipate Surge in Cyber Attacks Over the Next Three Years

    An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC1, the leading provider of enterprise-class domain and domain name system (DNS) security. Read Now

  • ASIS International Introduces New ANSI-Approved Investigations Standard

    • Guard Services
  • Cloud Security Alliance Brings AI-Assisted Auditing to Cloud Computing

    The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today introduced an innovative addition to its suite of Security, Trust, Assurance and Risk (STAR) Registry assessments with the launch of Valid-AI-ted, an AI-powered, automated validation system. The new tool provides an automated quality check of assurance information of STAR Level 1 self-assessments using state-of-the-art LLM technology. Read Now

New Products

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • 4K Video Decoder

    3xLOGIC’s VH-DECODER-4K is perfect for use in organizations of all sizes in diverse vertical sectors such as retail, leisure and hospitality, education and commercial premises.