The Impact of Consumer Perceptions of Information Privacy and Security Risks on the Adoption of Residual RFID Technologies

In today’s global competitive environment, organizations face a variety of challenges. Continuous improvement in organizational efficiencies and improving the entire supply chain are necessary to stay competitive. Many organizations are adopting radio frequency identification technologies (RFID) as part of their information supply chains. These technologies provide many benefits to the organizations that use them. However, how these technologies affect the consumer and their willingness to adopt the technology is often overlooked. Many of these RFID tags remain active after the consumers purchase them. These RFID tags, placed in a product for one purpose and left in the product after the tags have served their purpose, are residual RFIDs. Residual RFID technology can have many positive and negative effects on consumers’ willingness to buy and use products containing RFID, and thus, on the business’s ability to sell products containing RFID. If consumers refuse to buy products with residual RFID tags in them, the business harm is greater than the business benefit, regardless of any gain in supply chain efficiency. In this study, we outline some of the advantages and disadvantages of Residual RFID from the consumer perspective, then follow up with an in depth survey and analysis of consumer perceptions. Using structural equation modeling (SEM) we demonstrate that consumers’ perceptions of privacy risk likelihood and privacy risk harm negatively impact their intentions to use this technology. The implications of these findings need to be considered before the pending implementation of residual RFID technologies in the supply chain on a mass scale

ALGSICS - Combining physics and cryptography to enhance security and privacy in RFID systems

In this paper, we introduce several new mechanisms that are cheap to implement or integrate into RFID tags and that at the same time enhance their security and privacy properties. Our aim is to provide solutions that make use of existing (or expected) functionality on the tag or that are inherently cheap and thus, enhance the privacy friendliness of the technology "almost" for free. Our proposals, for example, make use of environmental information (presence of light temperature, humidity, etc.) to disable or enable the RFID tag. A second possibility that we explore is the use of delays in revealing a secret key used to later establish a secure communication channel. We also introduce the idea of a "sticky tag," which can be used to re-enable a disabled (or killed) tag whenever the user considers it to be safe. We discuss the security and describe usage scenarios for all solutions. Finally, we review previous works that use physical principles to provide security and privacy in RFID systems

Tracking RFID

RFID-Radio Frequency Identification-is a powerful enabling technology with a wide range of potential applications. Its proponents initially overhyped its capabilities and business case: RFID deployment is proceeding along a much slower and less predictable trajectory than was initially thought. Nonetheless, in the end it is plausible that we will find ourselves moving in the direction of a world with pervasive RFID: a world in which objects\u27 wireless self-identification will become much more nearly routine, and networked devices will routinely collect and process the resulting information. RFID-equipped goods and documents present privacy threats: they may reveal information about themselves, and hence about the people carrying them, wirelessly to people whom the subjects might not have chosen to inform. That information leakage follows individuals, and reveals how they move through space. Not only does the profile that RFID technology helps construct contain information about where the subject is and has been, but RFID signifiers travel with the subject in the physical world, conveying information to devices that otherwise would not recognize it and that can take actions based on that information. RFID implementations, thus, can present three related privacy threats, which this article categorizes as surveillance, profiling, and action. RFID privacy consequences will differ in different implementations. It would be a mistake to conclude that an RFID implementation will pose no meaningful privacy threat because a tag does not directly store personally identifiable information, instead containing only a pointer to information contained in a separate database. Aside from any privacy threats presented by the database proprietor, privacy threats from third parties will depend on the extent to which those third parties can buy, barter, or otherwise gain database access. Where a tag neither points to nor carries personal identifying information, the extent of the privacy threat will depend in part on the degree to which data collectors will be able to link tag numbers with personally identifying information. Yet as profiling accelerates in the modem world, aided by the automatic, networked collection of information, information compiled by one data collector will increasingly be available to others as well; linking persistent identifiers to personally identifying information may turn out to be easy. Nor are sophisticated access controls and other cryptographic protections a complete answer to RFID privacy threats. The cost of those protections will make them impractical for many applications, though, and even with more sophisticated technology, security problems will remain. This article suggests appropriate government and regulatory responses to two important categories of RFID implementation. It concludes with a way of looking at, and an agenda for further research on, wireless identification technology more generally

A Strategic Case for RFID: An Examination of Wal-Mart and its Supply-Chain

Although Radio Frequency Identification (RFID) implementation faces a host of challenges, Wal-Mart perseveres in its drive for RFID adoption throughout its supply chain. By being such early adopters of RFID, Wal-Mart’s suppliers suffer increased costs which put pressure to bear on their profitability. In the face of the additional costs of RFID, why has Wal-Mart chosen to mandate the use of RFID tagging in its supply chain and insisted on such a short implementation period? This paper reviews Wal-Mart’s relationship with its supply chain, describes Wal-Mart’s RFID initiative, and proposes a possible unexpressed motivation underlying Wal-Mart’s drive to go to RFID. Early results are indicating incremental improvements at Wal-Mart due to RFID implementation; however, the argument can be made that Wal-Mart’s ultimate goal is an innovative improvement on a Schumpeterian scale – the desire to radically improve an important supply chain metric, the cash-to-cash cycle. This reasoning supports fertile areas for future research in the relationship between RFID and the Cash-to-Cash Cycle

Security and Privacy in RFID Applications

Concerns about privacy and security may limit the deployment of RFID technology and its benefits, therefore it is important they are identified and adequately addressed. System developers and other market actors are aware of the threats and are developing a number of counter measures. RFID systems can never be absolutely secure but effort needs to be made to ensure a proper balance between the risks and the costs of counter measures. The approach taken to privacy and security should depend on the application area and the context of a specific application. In this chapter, we selected and discussed four application areas, but there are many others where privacy and security issues are relevant.JRC.J.4-Information Societ