The Financial Services Technology Consortium (FSTC) today announced the launch of a project whose goal is to help member banks adopt radio frequency identification technology (RFID).[From FSTC | Financial Services Technology Consortium – Press & Articles]
Why would banks want to do that? Well, it is relatively easy to implement vicinity (let’s say up to a couple of metres) read-only functionality along side the proximity (let’s say up to a couple of centimetres) read-write functionality used in contactless identity cards, bank cards and NFC phones. The chip sets are readily available. Handled correctly, this is something that a great many customers would appreciate.
Imagine a world where, when you walk into your bank, messages and adverts pop up that address you by name.[From What high street banking will look like in 2020]
While The Times might see this as something for 2020, more technologically advanced nations are already experimenting with the technology,
Now “Yes Bank” which is a commercial bank operating out of India has been piloting an RFID system so that bank employees can identify these rich fat customers and offer them personalized services. Under the pilot RFID banking cards have been offered to select customers apart from deployment of RFID interrogators and customized gate antennas at bank premises… The moment the elite customer arrives in the bank his details are flashed on the system which enables the relationship team to identify the concerned person so that they can accord him services in the best possible manner.[From The RFID Weblog: RFID being used to give preferential treatment to rich clients in Indian banks]
I can readily imagine using a Tesco Clubcard with this technology, or a BA Executive Club card or a transit card. As a consumers, I want to get better service where possible and the idea that everything from shopping cards to airport display boards might know who I am and deliver personalised service because of that is rather appealing. At least, it’s rather appealing provided that my identity is managed properly and my privacy is assured. This could be done at a physical level: you might, for example, have a Clubcard that only functions when you press a button on it.
This system creates a tiny, ultra-thin, pressure sensitive switch “which ensures that the device can only be read when the owner is pressing the switch”, said Peratech.[From British firm develops RFID security technology to prevent ‘skimming’ | 20 Aug 2008 | ComputerWeekly.com]
Well, I can see how that might work for a card, although it seems a bit of a hassle in practice. But what about other form factors, particularly form factors that might make it difficult for someone to physically reach the switch. For example:
In times where a lot of hue and cry is being raised over injecting humans with RFID tags here is a video of a guy who seems pretty cool about injecting RFID chip in his hand[From The RFID Weblog: The Do It yourself Guide to implanting RFID Chip in your hand]
Connecting things up is easy, but disconnecting them is hard! The solution, surely, is not down at the physical layer but in the logical layer above it. Extending the future digital identity management infrastructure to the Internet of things has to be the way forward and if properly designed such an infrastructure could deliver more, I think, thank many people imagine. In particular, such an infrastructure could protect privacy through the judicious use of cryptography rather than through codes of practice or goodwill.
I’m actually going to give a talk on this topic at the M2M Business Exchange in Brussels from 16th-18th November 2009. I’ll be speaking on Monday 16th in the morning and I’m really looking forward to a great session. I’ll be on in the “Technology Insight” session and will be explaining how the use of appropriate technology can deliver both security and privacy into the “internet of things”. IIR are doing some great experiments with the way events work, and the M2M Business Exchange is a good example. It’s free to end-users of the technology, to encourage them to come along and share their experiences as well as survey new developments in the field, so if you are already using M2M applications and want to come along, just go to the web page or the LinkedIn group and find out more.
In an action of wonderful benefaction, our good friends at IIR have not only offered a 15% discount to readers of this blog (e-mail me for the discount code) but they have also given me a delegate pass for the event — worth an astounding THREE THOUSAND FOUR HUNDRED AND NINETY FIVE EUROS plus VAT — to give away on this blog as a competition prize. So if you are going to be in Brussels on those dates and you’d like to come along to hear some of the leaders in the field discussing the practicalities of M2M, then all you have to do is be the first person to respond to this post with the name of the noted Hollywood actress who is named on a 1942 US patent for secure wireless communications.
In the traditional fashion, this competition is open to all except for employees of Consult Hyperion and members of my immediate family, is void where prohibited and is raising awareness of climate change. The prize must be claimed within three months. Oh, and no-one can win more than one of the Digital Identity Blog prizes per calendar year.
These opinions are my own (I think) and are presented solely in my capacity as an interested member of the general public [posted with ecto]