THE EMBARRASSMENT OF THE WORLD’S LAST SMART CARD USER
Perfect 'Neighborhood Security' at last
For me, this is a somewhat embarrassing story. Here was your entrepid reporter, trying to pay at a restaurant, with my trusty smart card, worn thinner through years of use, its PIN firmly lodged in my brain. Then the waiter approached me.
“May I see some form of identification, please sir?”
“Uh, sure – Passport? ID? Driver’s Licence?”
“Any of those would be fine, as long as it has a photograph.”
“Well, it’s all on my smart card you see…but so is my fingerprint, you could check that.”
“Yes, if we still lived in the 2000s and your electronic data was secure! People can hack that stuff real easy now…secrets have a very short life-span!” (The waiter seemed to be a conspiracy theorist.)
“So why the ‘paper’ verification?” I asked.
“Well, ironically, physical stuff is still more secure. Sir, don’t tell me that you don’t have ‘Neighborhood Verification’ set up on your phone?”
Things were getting a bit technical for a simple reporter – I mean, I just want stuff to work, not know HOW it works.
I gave up and handed the bill over to my wife. She pulled out her phone, spoke some gibberish instructions…and paid.
The waiter gave me a pitying look and left without a tip.
What exactly was he talking about?
(Read the full story of this new ‘neighborhood’ approach to security in the detailed Analysis/Synthesis section – for subscribers only)
ANALYSIS >> SYNTHESIS: How this scenario came to be
Radio frequency identification, or RFID, is a generic term for technologies that use radio waves to automatically identify people or objects. There are several methods of identification, but the most common is to store a serial number that identifies a person or object, and perhaps other information, on a microchip that is attached to an antenna (the chip and the antenna together are called an RFID transponder or an RFID tag). The antenna enables the chip to transmit the identification information to a reader. The reader converts the radio waves reflected back from the RFID tag into digital information that can then be passed on to computers that can make use of it.
RFID tags are tiny and cheap and RFID systems can be used just about anywhere, from clothing tags to missiles to pet tags to food – anywhere that a unique identification system is needed. The tag can carry information as simple as a pet owners name and address or the cleaning instruction on a sweater to as complex as instructions on how to assemble a car. Some auto manufacturers use RFID systems to move cars through an assembly line. At each successive stage of production, the RFID tag tells the computers what the next step of automated assembly is.
One of the key differences between RFID and bar code technology is RFID eliminates the need for line-of-sight reading that bar coding depends on. Also, RFID scanning can be done at greater distances than bar code scanning. High frequency RFID systems offer transmission ranges of almost 30 meters.
2006: RFID becomes ubiquitous
Based on the phenomenal success of early experiments by Wal-Mart, Gilette, Tesco etc. using RFID to control inventories and value chains, the RFID industries have exploded and sensors are ubiquitous in most First World products. Food, clothes, accessories, all types of media and electronic appliances are now electronically tagged. Costs of using the technology drop exponentially as competition for the global customer hots up.
2007: Multiplicity emerges as key security opportunity
Electronic tags coupled with explosion of communication formats (for example those used in cell phones – Infra-red, GSM, GPRS, HSCSD, Bluetooth, 802.11 etc.) create a multiplicity of information interaction and much redundancy.
Theories begin to emerge that could allow this reality to develop into a brand new form of security.
2008: Neighborhood Security formalized
Over time standards have emerged to tie together the various ‘tag’ formats with the multiplicity of wireless communication standards.
Everytime you buy something, such as a suit, its 2nd generation RFID tag gets updated with your particulars, or just linked together in real-time with 3rd generation RFID.
Security now has become a matter of verifying items in the context of their ‘neighborhood’. You don’t just verify a single item, but the entire neighborhood, the context within which the item exists and the transaction occurs.
Over time, the network of items becomes larger, and more secure. Even your travel itinerary and information about your friends and associates can be used as part of your personal information neighborhood!
Old smart cards are by comparison woefully insecure. People can steal it, hack it…or hack off your thumb for the biometry checks!
It’s tough to steal your wardrobe, all your personal items and your friends. “What is the likelihood of the person using my PDA, my PIN, while also wearing MY Armani suit, MY Zegna shoes and being with a person listed as a friend in my network list?”
It may sound freaky – everything being trackable – you may even feel it’s a complete loss of privacy.
So, who controls this system?
2009: Who controls the controllers?
Standardisation often leads to more and more central control and then concerns are raised about the level and authority of those who control the data.
In this case the secret is in the technology itself. The tiny operating systems in my phone, smart card and on the RFID tags manage the interchange of information to build up a network of ‘neighborhood security’. The information never leaves the network and is only used to create a positive or negative response to security or transaction requests. It’s either ‘yes’ or ‘no’.
The individual has complete control. Only if the the answer is ‘no’ will he or she have to get involved.
The software is the broker that checks the required levels of security (essentially the number of neighborhood ‘hits’) for each vendor and brokers the collection of information. I still have a PIN, but I haven’t had to use it in years.
Manufacturers and retailers are delighted too. They can track inventories easier.
It was a tough lunch. I have finally laid my inert smartcard to rest.
Warning: Hazardous thinking at work
Despite appearances to the contrary, Futureworld cannot and does not predict the future. Our Mindbullets scenarios are fictitious and designed purely to explore possible futures, challenge and stimulate strategic thinking. Use these at your own risk. Any reference to actual people, entities or events is entirely allegorical. Copyright Futureworld International Limited. Reproduction or distribution permitted only with recognition of Copyright and the inclusion of this disclaimer.