The Financial Services Technology Consortium (FSTC) today announced the launch of a project whose goal is to help member banks adopt radio frequency identification technology (RFID).[From FSTC | Financial Services Technology Consortium – Press & Articles]
Why would banks want to do that? Well, it is relatively easy to implement vicinity (let’s say up to a couple of metres) read-only functionality along side the proximity (let’s say up to a couple of centimetres) read-write functionality used in contactless identity cards, bank cards and NFC phones. The chip sets are readily available. Handled correctly, this is something that a great many customers would appreciate.
Imagine a world where, when you walk into your bank, messages and adverts pop up that address you by name.[From What high street banking will look like in 2020]
While The Times might see this as something for 2020, more technologically advanced nations are already experimenting with the technology,
Now “Yes Bank” which is a commercial bank operating out of India has been piloting an RFID system so that bank employees can identify these rich fat customers and offer them personalized services. Under the pilot RFID banking cards have been offered to select customers apart from deployment of RFID interrogators and customized gate antennas at bank premises… The moment the elite customer arrives in the bank his details are flashed on the system which enables the relationship team to identify the concerned person so that they can accord him services in the best possible manner.[From The RFID Weblog: RFID being used to give preferential treatment to rich clients in Indian banks]
I can readily imagine using a Tesco Clubcard with this technology, or a BA Executive Club card or a transit card. As a consumers, I want to get better service where possible and the idea that everything from shopping cards to airport display boards might know who I am and deliver personalised service because of that is rather appealing. At least, it’s rather appealing provided that my identity is managed properly and my privacy is assured. This could be done at a physical level: you might, for example, have a Clubcard that only functions when you press a button on it.
This system creates a tiny, ultra-thin, pressure sensitive switch “which ensures that the device can only be read when the owner is pressing the switch”, said Peratech.[From British firm develops RFID security technology to prevent ‘skimming’ | 20 Aug 2008 | ComputerWeekly.com]
Well, I can see how that might work for a card, although it seems a bit of a hassle in practice. But what about other form factors, particularly form factors that might make it difficult for someone to physically reach the switch. For example:
In times where a lot of hue and cry is being raised over injecting humans with RFID tags here is a video of a guy who seems pretty cool about injecting RFID chip in his hand[From The RFID Weblog: The Do It yourself Guide to implanting RFID Chip in your hand]
Connecting things up is easy, but disconnecting them is hard! The solution, surely, is not down at the physical layer but in the logical layer above it. Extending the future digital identity management infrastructure to the Internet of things has to be the way forward and if properly designed such an infrastructure could deliver more, I think, thank many people imagine. In particular, such an infrastructure could protect privacy through the judicious use of cryptography rather than through codes of practice or goodwill.