Entries Tagged "RFID"

Page 1 of 8

RFID Tags Protecting Hotel Towels

The stealing of hotel towels isn’t a big problem in the scheme of world problems, but it can be expensive for hotels. Sure, we have moral prohibitions against stealing — that’ll prevent most people from stealing the towels. Many hotels put their name or logo on the towels. That works as a reputational societal security system; most people don’t want their friends to see obviously stolen hotel towels in their bathrooms. Sometimes, though, this has the opposite effect: making towels and other items into souvenirs of the hotel and thus more desirable to steal. It’s against the law to steal hotel towels, of course, but with the exception of large-scale thefts, the crime will never be prosecuted. (This might be different in third world countries. In 2010, someone was sentenced to three months in jail for stealing two towels from a Nigerian hotel.) The result is that more towels are stolen than hotels want. And for expensive resort hotels, those towels are expensive to replace.

The only thing left for hotels to do is take security into their own hands. One system that has become increasingly common is to set prices for towels and other items — this is particularly common with bathrobes — and charge the guest for them if they disappear from the rooms. This works with some things, but it’s too easy for the hotel to lose track of how many towels a guest has in his room, especially if piles of them are available at the pool.

A more recent system, still not widespread, is to embed washable RFID chips into the towels and track them that way. The one data point I have for this is an anonymous Hawaii hotel that claims they’ve reduced towel theft from 4,000 a month to 750, saving $16,000 in replacement costs monthly.

Assuming the RFID tags are relatively inexpensive and don’t wear out too quickly, that’s a pretty good security trade-off.

Posted on May 11, 2011 at 11:01 AMView Comments

Biometric Wallet

Cool idea, or dumb idea?

Its features include:

  • Fingerprint access only
  • Bluetooth enabled for notification alerts—automated notification via bluetooth if your wallet strays more than 10 feet from your body
  • Protected against RFID electronic theft—the case shields all contents from RFID scanners

Posted on May 11, 2010 at 12:27 PMView Comments

Fingerprinting RFID Chips

This research centers on looking at the radio characteristics of individual RFID chips and creating a “fingerprint.” It makes sense; fingerprinting individual radios based on their transmission characteristics is as old as WW II. But while the research centers on using this as an anti-counterfeiting measure, I think it would much more likely be used as an identification and surveillance tool. Even if the communication is fully encrypted, this technology could be used to uniquely identify the chip.

Posted on December 1, 2009 at 1:25 PMView Comments

Cloning RFID Passports

It’s easy to clone RFID passports. (To make it clear, the attacker didn’t actually create fake passports; he just stole the data off the RFID chips.) Not that this hasn’t been done before.

I’ve long been opposed to RFID chips in passports, and have written op eds about them in the International Herald Tribune and several other papers.

EDITED TO ADD (2/11): I got some details wrong. Chris Paget, the researcher, is cloning Western Hemisphere Travel Initiative (WHTI) compliant documents such as the passport card and Electronic Drivers License (EDL), and not the passport itself. Here is the link to Paget’s talk at ShmooCon.

Posted on February 11, 2009 at 5:09 AMView Comments

UK Electronic Passport Cloned

The headline says it all: “‘Fakeproof’ e-passport is cloned in minutes.”

Does this surprise anyone? This is what I wrote about electronic passports two years ago in The Washington Post:

The other security mechanisms are also vulnerable, and several security researchers have already discovered flaws. One found that he could identify individual chips via unique characteristics of the radio transmissions. Another successfully cloned a chip. The State Department called this a “meaningless stunt,” pointing out that the researcher could not read or change the data. But the researcher spent only two weeks trying; the security of your passport has to be strong enough to last 10 years.

This is perhaps the greatest risk. The security mechanisms on your passport chip have to last the lifetime of your passport. It is as ridiculous to think that passport security will remain secure for that long as it would be to think that you won’t see another security update for Microsoft Windows in that time. Improvements in antenna technology will certainly increase the distance at which they can be read and might even allow unauthorized readers to penetrate the shielding.

Posted on August 8, 2008 at 4:59 AMView Comments

1 2 3 8

Sidebar photo of Bruce Schneier by Joe MacInnis.