Security in RFID-based Personnel Identification

It is well known that every security method has its limits and that the effort required to crack a security pass or a transponder in an RF-based (Radio Frequency) identification sy...

It is well known that every security method has its limits and that the effort required to crack a security pass or a transponder in an RF-based (Radio Frequency) identification system in most cases bears no relation to the potential gain. The first section of this two-part article provides tips on what to look for in the choice, introduction and security of RFID-based ID systems and what influencing factors there are. The second part will cover new developments and their resistance to hacking attempts.


The abbreviation RFID stands for „Radio Frequency Identification". The data and the power are transmitted via a high frequency magnetic field. For this, coils are built into the so-called ident carrier surface (as antennae) that are connected to a microchip. RFID systems use different frequency ranges, from long wave up to microwaves, that have a bearing on the reading distance. A further distinguishing feature lies in the memory type that is used. The fundamental difference here is between read only and read/write systems. As the RFID chip is extremely small and flat, it can be integrated without a problem into so-called transponders that come in various shapes and sizes. Key fobs are preferred for access control and time recording applications as they are more robust. But identity cards are used as soon as one wants to do more with the medium (pictures, inscriptions, multiple-use visitor badges etc.). Active transponders have their own power source (battery) and are mostly used to cover large distances whereas passive transponders are supplied with power through the reading device.


Keep It Simple
Proximity systems with passive transponders are usually used for access control, staff time recording and canteen data collection where the ID card is brought close to the reader. Read-only and unprogrammed ID cards can be sufficient for the most simple identification jobs with a low security requirement. The basic data of the chip consists of a unique serial or ID number as multiple bytes. Because of this simplicity, the area of the chip can be kept very small, which results in low power consumption and also low manufacturing costs. The useable recognition distances are relatively long thanks to the low power consumption compared to intelligent systems with a large memory. The read and write systems provide more options for applications and better security because of their additional encryption capabilities. A contactless read/write card can also be used for fuel tanking data and canteen billing, e.g. to deduct amounts at vending machines. There is a reduction in reading range because more energy is required for data reading and alteration. The memory capacities vary between 16bytes up to currently 8kbytes.


Close at Hand
The advantage of a contactless chip card lies in its simple usage and that there are no problems through dirt or wearing of contacts. Nowadays there are numerous types of contactless chip cards and the RF standard defines how the transponder and the reader communicate with each other. This has a big effect on the communication distance. As already mentioned, the reading distance is dependent upon the frequency, the RFID chip, type of transponder (card or key fob) and the respective memory capacity of the ID device. For example, a Hitag reader at 125 kHz and small memory has a larger communication distance compared to the higher frequency of 13.56 MHz used by the LEGIC advant reader with larger memory. There are also differences in communication distance within frequency bands, regardless of the ID device type and size of the antenna. A small key fob (mini antenna) for example has a shorter reader distance than an ID card with the same reader antenna size.


The Long and the Short of It
There are currently three different standards that define different reading ranges. Here it is important to note that these are theoretical maximum values that have not been attained in practice.

  • ISO/IEC 10536 close coupling, CCC for a range of c. 1 cm. In these systems, the ID device is inserted into the reader or laid on it. Close Coupling systems work at a frequency under 10 MHz and are seldom used for access control or time recording.
  • ISO/IEC 14443 proximity coupling, PICC for a range of c. 10 cm. Reader versions: e.g. Legic advant, Mifare Classic, Mifare Desfire EV1, Iclass, Applications: e.g. time recording, ePass, ticketing, cash card, Characteristics: short communication distance, larger memory, higher transmission speed
  • ISO/IEC 15693 vicinity coupling, VICC for a range of up to c. 1m. Reader versions: e.g. Legic advant, i-code; Applications: e.g. logistics, goods tracking, sport time recording; characteristics: longer communications distance, smaller memory, lower transmission speed

These standards describe the physical and data characteristics of the transmission paths between a reader and the ID device. The first standard was for the 'Close Coupling Cards' that originate from the time when the available microprocessors had relatively high power consumption so that energy transmission over a longer read distance was not possible. Installations behind stainless steel or aluminum are not advisable, and also other materials can reduce the read range or even prevent it altogether.


As the data of a transponder can also be read out by a transportable reader (see also the publications of the CCC on Mifare Classic and Legic prime hack by the CCC), further security measures should be incorporated for access control to sensitive areas. For example, access can be secured with a PIN, password or biometric recognition system. When using a fingerprint or hand vein recognition system, for example, the reference data can be securely stored in the correspondingly large - and against unauthorized access secured - memory of a chip card.


Making the Choice
The effort required to introduce or the choice of a new ID device, that is, a company ID or transponder, is frequently underestimated. The difficulty lies in the vast choice of multifunctional, RFID-based card systems with a multiplicity of different providers and technologies, in particular when one is not concerned with this subject every day. One wrong choice can lead to many restrictions and to higher consequential costs. ID cards are not only used for access control and time and attendance recording but are also used for electronic payment in the canteen, at the gas station and for collection of operational data. In these cases it is often necessary not only to save and read out data but also to be able to alter specific parts thereof.


Openly Proprietary
The memory needed for future planned tasks must also be taken into consideration, e.g. as a medium for the storage of a biometric template (i.e. the algorithm of a body-specific characteristic such as a fingerprint), or for verification (an ID card plus biometric characteristic). Salespeople frequently highlight the specific RFID-coding of their security solutions but fail to mention that these do not conform to the current state of technology, or are manufacturer-specific and that passes and readers can only be obtained from that supplier. It should always be asked what functional and price alternatives are available and why a particular system is being offered. So far, in the first part of this article, the fundamental technologies and their range differences have been discussed. The second part will look at new developments, in particular at Dual-Interface Cards which combine technologies, and their resistance to hacking attempts.

Business Partner

Logo:

PCS Systemtechnik GmbH

Pfälzer-Wald-Str. 36
81539 München
Germany

Business Partner contact







most read