Preparation for RFID Certification Exam
Mod 3 – RFID Privacy, Safety & Security – What is tested
SCOPE
RFID is the exchange of data between an item and a reader which then hands off that data to another system for processing. That data may be used to identify an individual person directly (e.g. an employee badge) or to indirectly derive a person’s identity (e.g. a credit card number which leads to the person). Such data needs to be carefully managed in order to comply with any regulatory requirements and also to respect the individual’s right to privacy.
RFID equipment uses electric current to operate and radiates energy when seeking tags of exchanging data, so it is important that all RFID equipment is operated safely, in line with health and safety regulations and without any adverse impact on the surrounding environment.
The exchange of RFID data by radio transmission could be subject to unauthorized interception of the transmission and capture of the data being exchanged. While this would require sophisticated equipment and techniques, it must still be guarded against.
WHAT YOU ARE EXPECTED TO KNOW
- What are the potential privacy issues that may arise in a RFID implementation?
- Why is it important to protect data that can identify a person?
- What are the potential safety issues that can arise from the use of RFID equipment?
- Could data exchanged between a reader and a tag be intercepted?
- What are the potential problems of intercepted data?
WHAT YOU ARE NOT EXPECTED TO KNOW
- Specific privacy regulations for a country or region
- Specific safety regulations for a country or region
- Methods by which RFID data could be intercepted
- Methods by which RFID data could be protected during transmission
- Methods by which RFID data could be encrypted
- How to interpret encrypted data