Card, mobile credential, payment and security
Present at the National Association of Campus Card Users (NACCU) 18th Annual Conference, April 17 – 20, 2011 in Baltimore, Maryland. It is the most important event in the campus card industry and its quality relies on the presentations made by industry professionals like you.
The deadline for proposals from institutional members and corporate members is Monday, October 4, 2010. The proposal should include the session title, description and learning outcomes. Educational Sessions are 60 minutes in length and should include time for questions.
If you are interested in presenting, please visit http://www.naccu.org/2011/callforpresenters.htm for more information or to submit a proposal.
Free webinar: Thursday, August 5, 2010 2:00 PM - 2:45 PM EDT
During this webinar, industry veteran Brad Jarvis of HID Global will explore the current and future industry requirements and challenges facing the physical and logical access control (PACs) market. The discussion is based on the Avisian, Inc. 2010 PACs market research study and provides revealing insights on next-generation physical access control systems along with the market drivers behind these trends.
This session will also provide beneficial tips on leveraging secure identity solutions to address rising security challenges, the growing need for higher levels of convenience, and customer demands for reducing the lower total cost of ownership.
Presenters:
Brad Jarvis, vice president of product marketing at HID Global
Chris Corum, editor and publisher at AVISIAN Inc.
U.S. attendee sees similarities and differences between American and European card programs
By Danny Smith, Vice President, ColorID
More than 120 university attendees traveled from all across Europe to Lodz, Poland to attend the 2008 European Campus Card Association (ECCA) Conference. As the only attendee from North America at this year’s conference, I wanted to share an overview of my experience.
ColorID has been a sponsor and has attended the ECCA conference since the inaugural conference in Waterford, Ireland in 2002. Each year attendance of the ECCA conference has grown and this year’s event set an attendance record.
The Technical University of Lodz hosted the conference. The university is one of Poland’s largest universities and serves a student population of more than 20,000. Michał Strzelecki of Technical University of Lodz was the main organizer of this year’s event. In addition to being well organized the conference had the right blend of exhibits, presentations and social/networking opportunities.
It is really interesting to see the common challenges between the U.S. and the European card programs. In the end it’s the same, we’re still trying to maximize the available card system technologies to its fullest. Our European counterparts face similar systems limitations and obstacles.
In North America, the National Association of Campus Card Users (NACCU) has done a tremendous job promoting and encouraging card system development by bringing institutional and corporate members together. The ECCA has taken a similar approach in this direction and it is really evident with the European Education Connectivity Solution (EECS) project.
Eugene McKenna of Waterford Institute of Technology, Ireland and Tor Fridell of Linkoping University, Sweden gave a presentation on the connectivity solution, which has been driven by ECCA, at the conference. The goal of this project is to provide standards, mobility and interoperability among European campuses. A comprehensive project proposal has been submitted for funding to the European Union (EU) and ECCA members are waiting to hear the outcome.
While there are many common characteristics between the European and North American card systems, there are also significant differences. For instance, it would be the exception to see a magnetic stripe on a student ID card in Europe. Most schools are using contact or contactless technologies and in some cases, both. Most of the contactless technology is MIFARE.
Also some countries, such as Croatia, Poland and Hungary, have a national university ID cards that are mandated by their government. Several in-depth presentations were given highlighting these programs. I was surprised to learn that many of these ID programs are highly developed and a good number utilize “home grown” solutions involving contact or contactless technologies.
Overall, the ECCA membership is very much like the NACCU membership. Everyone is willing to exchange information, ideas and suggestions. The camaraderie of the attendees has grown each year and many attendees stay in contact throughout the year.
Next year the ECCA conference will be held on the coast of the Adriatic Sea in Croatia, hosted by the University of Zagreb. The specific details will be announced in the near future. The Europeans have embraced advanced technologies and are moving forward with solid applications and solutions. I’m sure you would find attending to be a worthwhile investment and will come away with new ideas and solutions.
Learn more information about ColorID & ECCA at www.ecca.eu / www.colorid.com.
By Jerry Banks, Co-author of RFID Applied
The issues of privacy and security, although interrelated, are different. With respect to RFID, we define these issues as follows:
Privacy: the ability of the RFID system to keep the meaning of the information transmitted between the tag and the reader secure from non-intended recipients.
Security: the ability of the RFID system to keep the information transmitted between the tag and the reader secure from non-intended recipients.
The issues have very different repercussions and different solutions. In a given environment, an RFID solution may pose security risks without affecting the issue of privacy. An example of this scenario is when a tag broadcasts its unique identification number in a consistent and unencrypted manner. This enables the tag to be detected by any reader that can decode the RF signal. If all that is read is the tag's unique identifier – and no association can be made to what that identifier means without access to the backend database that maintains the relationship between the tag IDs and the objects that they represent – there is no privacy issue. However, issues of traceability and inventorying may remain.
Traceability and inventorying relate to the ability of an unauthorized entity to read the identifiers sent by RFID tags without necessarily being concerned as to what the tag is affixed to or who/what is carrying it. In other words just by capturing the signals emitted by an RFID tag, a third party could trace where the tag is or has been (traceability) as well as to what tags have been detected (inventorying).
A standard EPC tag conveys information associated with a particular item, its model or product class and its manufacturer. Anyone with a standard EPC reader could get close enough to a shopper leaving a store to determine what products and what quantities were purchased. Furthermore, the unauthorized reader could track the shopper from a distance utilizing a high-powered reader.
RFID is an excellent technology for object tracking. In this case, we can define an object as a physical asset that occupies 3-dimensional space. This means that the whereabouts of any physical object (including animals and humans) can potentially be tracked within the scope of the RFID infrastructure. As RFID technology development progresses, this scope can become larger and larger.
This fact has raised many questions and concerns from people because of the potential invasion of privacy that can be attributed to RFID technology. But, before we get deeper into the privacy issues and their repercussions, let's look at a few examples of what privacy advocates and the concerned public claim can go wrong with the use of RFID technology.
Consumer and privacy advocates have closely followed the deployment of RFID enabled solutions in the supply chains of major retailers such as Wal-Mart, Tesco, Target and others. They contend that by using the same technology adopted by the retailers to track individual items through their supply chains, consumers could potentially be tracked after buying the merchandise and leaving the retail stores.
The U.S. government has made a decision to implement contactless chips in U.S. citizen's passports. These chips contain the passport holder's information as well as a digitized picture of the holder. Initially, the U.S. Department of State's proposal did not include any security protocols. The information would be contained unencrypted within the passport's chip. Therefore, anyone with the right reader technology could potentially scan a traveler's passport, perhaps while still in the traveler's possession, and obtain personal information. This, it is argued, could help terrorists, thieves or others to determine the traveler's identity or nationality.
After much negative feedback from the public and different organizations the Department of State changed its proposal and added 3 layers of security:
Security experts still raise a debatable issue relating the fact that the chip's unique identifier can be read by any reader since this falls below the layer of protection provided by the encryption methodology. This could create an issue of passport traceability.
Many libraries, primarily in Europe, have implemented RFID technology in their operation. In the most advanced scenario, the idea is to tag every book in the library with an RFID chip and allow patrons to "automatically" check out the books by means of carrying an RFID tag and making the proper association of books-to-patron as the patrons exit out though the checkout portal. Privacy groups contend that patrons' right of privacy could be violated by someone with the proper technology within close proximity of the patrons. This would allow the malicious person to determine what books have been checked out by the patron.
The most aggressive privacy concern groups claim that governments could potentially gain access to all commercially controlled RFID databases and, therefore, have full access to the consumer, travel, and general habits of its population. Or governments could achieve this by deploying wide-area RFID infrastructures where all the activities of its citizens could be tracked, from what they buy, to what they read, to where they travel, to what they watch on videos.
Initially, commercial applications of RFID did not emphasize security. RFID readers and tags communicated with each other using open, unencrypted messages. Even today, most RFID readers and tags transmit information without any encryption.
There are a few reasons why this has been the case:
The fundamental issue is that in order to create a widespread market for RFID, the cost of its infrastructure must be kept to a minimum. This fact limits the complexity of the tag, thus limiting its capability to process information. So the dilemma of how to create a secure RFID infrastructure remains an elusive target.
High security RFID systems should have the ability to guard against the following categorized security and privacy threats:
Eavesdropping
RFID tags are designed to transmit stored information to an inquiring reader. This allows unauthorized users to scan tags by eavesdropping on the wireless RFID channel. The unrestricted access to tag data might reveal private information if it is stored on the tag.
If the security protocol used in the RFID channel is revealed, attackers can write blank RFID tags with the same formatted data that has been collected. For instance, dishonest persons could replace the RFID tag on an item to get a cheaper price when checking out from a supermarket.
Relay devices can intercept and retransmit RFID queries. With this kind of device, offenders can abuse various RFID applications by replaying the data in order to imitate a genuine data carrier.
There have been many proposals put forth that aim to create a secure RFID environment. Some of these rely on encryption algorithms, some on cleverly designed communications schemes, and others on taking advantage of the basic physical properties of RFID communication.
This is a relatively low-tech approach to the issue of RFID security. Faraday cages are based on the principle that meshes made of certain metals provide a natural barrier to radio waves. It is the same principle that creates one of the challenges for the application of RFID. While extremely effective, this solution requires a conscious, manual action in which the user must cover and uncover the tag every time he or she wants the tag to function. This method does not offer any protection when the tag is not within the Faraday cage.
There are, however, some applications where a Faraday cage may make sense. The use of a Faraday cover on a passport is one that probably works well for most users since passports are usually only open when they need to be presented. For product RFID, however, a Faraday cage is likely cost prohibitive.
This method relies on the attenuation of the RF signal so that it can only travel a few centimeters. The assumption is that an unintended reader would have to be in close proximity to the tag and therefore probably easily identifiable. Actually, this is a very weak method for security protection. Imagine a person carrying products with limited range transmission RFID tags at rush hour in a subway. It is probably next to impossible to avoid potentially malicious persons with readers getting very close.
The KILL command renders the tag unreadable. This is a command built into the chip that can be activated from a reader at the point of sale. In order to execute the KILL command, the reader must transmit a PIN to the tag to ensure that it has the right control access.
Although extremely effective once the command has been successfully executed, it presents two major limitations:
It is not effective until the command has been executed. This means that it must be combined with some other solution to provide protection during the lifecycle of the tag.
It prevents use of the tag for future applications after the item has been sold.
To illustrate this, imagine the following scenario. Richard, a techno-savvy consumer, chooses to buy the latest model of a washing machine which incorporates RFID functionality. The great thing about the washing machine is that it can use its embedded RFID reader to detect what garments have been placed in it by reading the RFID tags embedded in the garments. This information enables the washing machine to automatically control the temperature settings and washing mode so that the delicate garments are not damaged. However, if the articles that Richard bought at his favorite clothing store implemented the KILL commands, Richard would certainly complain about the inconvenience presented by the washing machine not being able to identify the garments.
Albeit, this is not the most tragic scenario that one could devise, but it portrays the issue at hand. The KILL command can severely limit the functionality and applications of RFID downstream from the point of sale.
The use of SLEEP commands on tags is an attempt to answer the shortcomings cited in the KILL command proposal. The SLEEP command, a more commerce-friendly proposal, has been put forth. Instead of killing the tag at the point of sale, this proposal renders the tag temporarily inactive, until the consumer physically reactivates the tag. The fact that the tag must provide a way to allow a consumer to reactivate the tag creates problems. For instance, imagine when Richard (from the previous example) returns to his home after an afternoon of clothes shopping. In order to achieve the benefits of his RFID-enabled washer, he would have to physically reactivate each tag.
This approach, introduced by IBM, provides a seemly simple, yet effective solution to minimize tag recognition from standard read distances. The procedure uses a tag with a full antenna that can be clipped at the point of sale by the consumer in order to reduce the span of the antenna and therefore reduce its readable range from a few meters to only one or two centimeters.
As you can see, there are many challenges to creating a secure and privacy-enabling RFID solution. There are, however, a variety of technologies and mechanisms in place to assist issuers and consumers. Certainly, we are only beginning to understand the challenges and the solutions to this complex technological and societal question.
This article is part of an ongoing series that explains the principles of RFID. It was created for RFIDNews by Jerry Banks, Tecnologico de Monterrey, Monterrey, Mexico, one of four co-authors of RFID Applied, John Wiley, 2007, ISBN-10:0471793655; ISBN-13:978-0471793656.
A series of free seminars covering card-related topics including off-campus merchant rollouts, electronic financial aid delivery, and credit card tuition payment acceptance will take place in cities across the country. The newly announced series titled, “the future of campus payments,” is being offered by Heartland Payment Systems, recent buyer of General Meters and provider of cell phone payment solution at Slippery Rock University.
During the next 6 weeks, the free events will be held in Pittsburgh, Dallas, Orlando, Philadelphia, Chicago, Minneapolis, Boston, New York, Los Angeles, Seattle, Raleigh, and Denver. To check out the agenda and consider registering for these one-day free events, click here.
Higher One is working with Intuit, maker of financial software page Quicken, to build “unique solutions to help students” with financial education. Beginning in February, students will be able to access Quicken Online to use in tandem with their Higher One accounts.
Quicken Online enables students to keep track of their finances
New Haven, CT – January 2, 2008 - Higher One, a financial services company focused exclusively on higher education, will work together with Intuit’s Quicken, the industry leader in personal finance software. The two will work in concert to develop unique solutions to help students get the early best practices about financial management and succeed in the future.
“We are always looking for ways to help teach students how to better understand their finances,” explained Dean Hatton, President & CEO, Higher One. “It is important for us, as a financial services company serving higher education, to assist students as many begin to use banking services for the first time. Higher One is very excited to work with Intuit to deliver Quicken Online to students.”
Higher One’s Refund Management capabilities enable Colleges and Universities to distribute refunds to students electronically. The service streamlines the disbursal process and provides students with a more convenient means for receiving refunds. With Higher One, students also have the ability to open a fully functioning, FDIC-insured checking account known as the OneAccount. Linked to a Debit MasterCard®, students can use the OneAccount to purchase items anywhere MasterCard is accepted.
With increased enrollment in institutions of higher education and Colleges and Universities offering a vast array of financial services to these students, teaching students fiscal responsibility has become increasingly important. Thanks to Quicken Online, students can now use this powerful software to help track their finances and manage their financial well being.
Students will be able to access Quicken Online via www.higherone.com beginning in February of this year.
About Higher One
Focused exclusively on higher education, Higher One provides Refund Management to higher education institutions and banking services to members of their community through a card based solution. Higher One’s integrated solution helps it’s clients reduce administrative costs, streamline business processes, create new revenue streams, increase student customer service and strengthen the campus community. Higher One’s OneDisburse® provides students with more choices and better services for receiving financial refunds and payroll. Higher One also offers a suite of banking services called OneFinanceSM, which includes the OneAccount, a no minimum balance, no monthly fee checking account with the OneCard, a Debit MasterCard® for ATM withdrawals and purchases, and exclusive features such as “Send Money”, Easy RefundSM, and Campus AutoLoad. The OneFinanceSM and OneDisburse® solutions can be integrated with the institution’s ID card or provided through a separate “refund only” card.
To date, Higher One has disbursed $3.2 billion dollars in refunds for its clients. Almost 1,000,000 students, faculty, and staff at distinguished public and private higher education institutions use Higher One’s services through their ID or refund card.
“It’s no longer simply about putting a photo on a white piece of plastic,” says Ryan Park, Fargo Electronics’ director of product marketing for secure printers/encoders. “It’s just not secure. Unfortunately, that represents a lot of the ID vehicles out there today. There are very few applications in the ID card world that don’t have a need for security.”
The need for greater security in the issuance process is what’s driving Fargo today. “Two years ago, we (Fargo) decided to step off the path, to not be a printer company anymore but a secure card program producer. We’re looking at all the places, cradle to grave, that could be vulnerable. Our message as a company is that we’ve expanded from printers to helping our customers issue secure credentials. In a post 9-11 world, we’ve seen a rapid increase in ID theft. Previously, we’ve focused on our printers, simply putting photos on cards. We now also want to be the best at securing the entire process.”
He said there are three elements to security: “The printer you choose, securing the card itself and having the process and personnel in place for when it comes out of the machine.”
Printer
As to the printers themselves, many have their own security features, he said, such “as the ability to load cards into the machine, then lock the access doors, or the ability to lock up the materials section of the printers so operators can’t access them.”
Some Fargo customers have gone so far as to bolt the printer to something immoveable, like a vault. “One of the things we’ve learned is you can have all the alarm bells in the world, but if someone is willing to crash a truck through a wall, you want to bolt the printer to something that can’t be moved,” said Mr. Park.
He calls it “lock and bolt. It’s your best defense.”
Another solution: “Give your printer some business rules,” he said. “For example you could define at what hours should the cards be produced. We know that cards being produced on the weekend may still may be legitimate, but it’s something we need to know about. Or you can determine which operators can physically use the product. The printer can periodically ask for code words that only certain parties should know.”
He said there are a “handful of features where a printer can be self-aware. You can set it up so every time a job is produced, a password is needed. Or you can use biometrics, where the operator might have to give his thumbprint. But at same time, you might have this bad person in the office and you want to prevent him from grabbing the materials so he can produce an ID outside the office. That’s where something like a secure vault comes in handy. You make sure the cards are locked up in the printer. Outside the printer you need to do inventory counts.”
Securing the Card
“The first thing you have to identify is what are the truly sensitive pieces of the process,” he said. “Are you a university utilizing a tamper-proof hologram? While anyone can buy a card printer, a hologram is something you can control.”
The purpose here – whether at a university, a major corporation, or as a federal agency or one that is supplying the feds – is to make the card counterfeit-resistant.
“At the very highest level, such as with a government agency, you want to control the movement of your hologram at all stages,” said Mr. Park. “For example, a hologram could be shipped by armored car, controlling the entire process. These are services we offer for very sensitive applications.” He said the street figure for these kinds of holograms would reach six figures, which is why securing them is so important.
Process and Personnel
“You’ve got this fantastic card you’re producing with smart encrypted chips and holograms, but you’re using temp labor to produce the cards, and all of a sudden 1,000 cards end up on the black market,” said Mr. Park. “You actually have to secure the production of that card.”
With cards that are instantly produced, “you’re basically postponing production of the card as long as feasible so the card is produced and given to the customer as soon as possible. It’s encoded in the machine and it goes directly to you. Once it’s produced, it’s now a valid entity. The more you can shrink that time the more secure it is.” Driver licenses are a good example. Some states utilize a central issuance facility, while most instantly produce the licenses and distribute them right away to applicants, he added.
“We’re talking about back-end production, but it’s very critical at the front end, too,” he said. “A driver license can be produced in a valid way but you could still end up with a forged driver license.”
The chain and its weakest link
As the old saying goes, a chain is only as strong as its weakest link. When it comes to issuance of secure identity credentials, the chain involves the securing the printer, the card, and the process. To improve your issuance security, make sure all three are evaluated on a regular basis.
Colleges have other options for cell phone alerts, of course. They could go off campus and hire a company specializing in text messaging. That’s what Rave Wireless and Mobile Campus are offering to universities.
Rave offers what its COO, Raju Rishi, calls “an alert solution, which basically gives the university the ability to get emergency broadcasting to the entire school or a subset of the school (like students who live on campus), whether it’s about a gas leak or orientation. The university pays us for that capability yearly. We tie into Blackboard (campus card solution),” he added, “so we don’t have to recreate the lists.”
This alert solution costs a college about $10,000 a year. “It gives students unlimited text messaging plans,” added Mr. Rishi.
He said the plan works with all cell phone carriers, email, and web mail. So if the student doesn’t have a cell phone, he can still receive an email alert.
Rave also offers a full-blown cell phone solution called Rave Campus that is tied to a specific carrier. At Atlanta-based Mercer University, Rave Campus recently announced a tie-in with Sprint. “With this you get additional features like really reduced phone rates and other options,” said Mr. Rishi. And of course, the program includes the emergency text notification feature.
“Rave Alert is designed to work with any cell phone. Rave Campus is designed around a (specific) phone model (and carrier),” he added.
The company currently serves about 25 campuses, about half which use just Rave Alert and the other half Rave Campus. By the end of the year, Mr. Rishi said he expects to have 60 or 70 campuses in one or the other program.
While Rave’s alert feature is nice, said Michael Belote, Mercer’s vice president of information technology, that’s not the reason the Macon, Ga.-based school went with Rave. “Most students are into instant communication instead of email. They’re using MySpace, Facebook and text messaging. We’re just adapting our communications technologies to meet the needs of today’s students.”
In fact, the decision to go with Rave, and its enhanced text messaging features, came in March, about a month before the Virginia Tech shooting.
“There is certainly a safety component of Rave Wireless but we see a lot of value in some of the applications that Rave provides in building the community, enhancing student learning as well as the safety features,” added Mr. Belote.
The phones are free to students and the $32.50 base plan includes unlimited text messaging, free nights and weekend calls and unlimited calling using Mercer’s Mobile Network, explains Mr. Belote. Full deployment is expected to take place this August, in time for fall enrollment.
He said if a student decides to keep his existing phone, he can still sign up with the college to receive emergency or other types of text messaging alerts.
Mobile Campus uses advertising to support free alert messaging
Another option is Mobile Campus, Atlanta, GA. It offers free text messaging to university students in exchange for the students agreeing to receive advertisements a couple times a day.
Jim Ryan, president and CEO for Mobile Campus, said the company gives university administrators a web-based interface to communicate with students.
“The first thing you need is for students to opt in to receive the messages. Probably the most effective means to reach your students is via SMS,” said Mr. Ryan, former head of AT&T’s wireless data services division. “When Virginia Tech happened, people became more interested in SMS as a way to communicate with their student bodies and we got a lot of calls.”
In a perfect world, that would be all that’s needed. But cell phones aren’t perfect. “The challenge is we don’t own the SMS infrastructure,” said Mr. Ryan. “All we can do is place the message out there for delivery. But (carrier) capacity and various other challenges will determine how long it will take to get the message to the individual,” he said.
Text messages delivered around the country shouldn’t be a problem, “but when you’re delivering SMS in a given geography, when you try to send 30,000 messages through one cell site, that’s when you run into capacity (problems),” he added.
That’s why he believes universities should concentrate on delivering “something that’s multi-modal–text messaging and email–so if one fails, the other works,” he said.
While Mobile Campus’ text messaging service can reach “a significant portion of the student body,” says Mr. Ryan, “we don’t have to reach 100% of the students to get the message out. Even if you hit 40%, the rest will know pretty quickly simply by word of mouth.”
He said 14 universities have signed so far with Mobile Campus and “we’re actively seeking to serve another 11. We expect in the fall to have quite a large constituency signed up.”
Texas A&M selected CBORD’s Foodservice Suite® to power their dining services operation. The institution will also use the company’s NetNutrition® online nutritional analysis programand EventMaster® PLUS! catering and event management solution. Texas A&M has 47,000 students, 10,000 in residence halls, and 8200 on board plans.
Texas A&M University selects CBORD’s Foodservice Suite
University purchases software to improve margins and efficiency
Ithaca, New York: The CBORD Group, Inc. is pleased to announce that Texas A&M University in College Station, TX recently selected the company as its food service management technology provider. Texas A&M converted to the Foodservice Suite® modular software package on account of its flexible integration capabilities, user-friendly design, and superior client support.
Texas A&M uses Foodservice Suite to handle menu and recipe management and improve inventory control, reducing waste and increasing accuracy. The university also chose to implement CBORD’s NetNutrition® online nutritional analysis program, along with its EventMaster® PLUS! catering and event management solution. Both products are fully integrated with Foodservice Suite, allowing employees and customers alike to enjoy a seamless user experience with the most up-to-date information.
Foodservice Suite is a leader in the college and university marketplace for improving margins and increasing customer and employee satisfaction by automating campus food service operations. The scalable software package supports functionality for menu management, recipe scaling, nutritional analysis, inventory management, purchasing, and much more. Furthermore, the system’s tight integration with other CBORD® offerings, such as campus card systems, online ordering solutions, catering and event management software, and online nutritional analysis tools, makes it easy for universities to see the “big picture” of auxiliary operations.
The purchase of Foodservice Suite is one of many strategic changes Texas A&M’s food service operations have undergone for the purpose of improving student services under the leadership of Nadeem E. Siddiqui, Executive Director, Dining Services. In fact, the students at Texas A&M recently named Siddiqui Administrator of the Year in recognition of the dedication to student satisfaction he and his staff have displayed.
“We are excited to team up with The CBORD Group to advance and develop our dining program and to ensure the best dining program for our wonderful Aggie community,” says Siddiqui.
“Mr. Siddiqui’s team at Texas A&M has a long history of commitment to student services, and we are very pleased to assist them in refining their food service operations,” says Randy Eckels, Senior Vice President, Sales and Marketing, The CBORD Group, Inc. “Our user-friendly software automates back-end processes, allowing university employees to focus on the quality customer service Nadeem and his staff exhibit every day. We are glad to play a role in their success.”
Texas A&M University currently enrolls 47,000 students. It has a residence hall population of 10,000, with 8,200 students on board plans.
About The CBORD Group, Inc.
The CBORD Group serves colleges and universities, corporations, healthcare facilities, chain restaurants, supermarkets, and a host of other market segments. CBORD’s products are used in food service, catering, nutrition services, online ordering, meal plans, campus ID card privilege control, access control, integrated security, housing services, and other institution-wide activities. The CBORD Group serves more than 6,000 clients in the U.S., Canada, Europe, South Africa, the Middle East, New Zealand, and Australia.
The CBORD Group was founded in 1975. Today it employs more than 475 professionals. To learn more about CBORD, visit us at www.cbord.com.
By Jerry Banks and Les G. Thompson, co-authors of RFID Applied
Under ideal conditions, the popular Alien Squiggle RFID tag can be read at a distance of approximately 20 meters. But what happens if it is placed behind a glass of water? What about placing it to the side, but adjacent to the glass of water? How about placing it in the water?
Answers to these and other questions will appear later, but suffice it to say that the readability of a tag is affected by the placement of the tag and its ambient environment.
When we discuss passive RFID tags with an audience of people that have never seen a tag, or, if they have seen one, they didn't know what it was, we say first that reading the tags is impacted by the release of radio frequency waves in the ambient environment. We ask for examples in the room in which we are making the presentation. We ask you, the reader, to ponder this question before reading the next paragraph.
Here is a hint: Typically, we are making a presentation using PowerPoint. So, there is a computer and a projection device involved. Both of those emit radio frequencies. How about the cell phones in every attendee's possession? What about the lights and the dimmer switches? So, even in an innocuous place like an auditorium, there are ambient sources of radio frequency that interfere with the very weak signal that a passive RFID tag can generate.
So far, you have some speculation that moisture has an impact on the Alien Squiggle tag. And, you have been told that ambient sources of radio frequency waves impact RFID tags, particularly passive tags that don't have a power source.
We aren't selling the Alien Squiggle tag. But, why are there so many different RFID tag designs? For that, we turn to the subject of frequencies.
For convenience sake, the entire RF spectrum has been segregated into bands of frequencies that tend to share common characteristics. Table 1 describes these classifications. You should notice that as the frequency of the wave increases, the length of the wave decreases.
In the previous article, "The black art of RFID antennas," we discussed how to construct a tag based on a target communication frequency, but we did not discuss why a company like Texas Instruments or Alien Technologies would create a suite of tag products, each tag targeting a different frequency. The simple answer is that radio waves at different frequencies interact with their environment differently.
Imagine that you are standing in a large open. If you were to sing a variety of notes, you might eventually sing a note that seems to fill the room with sound much more than the other notes. The note that you found is produced by a sound wave that has the appropriate wavelength to resonate perfectly in the room. This is why most people think that they can sing better in the shower. If you were to change the environment, the note required to produce a resonating sound would change. For instance, if a wood table was placed in the room, the note that resonated in the room before may not still resonate like it once did, and another note may be found that resonates in the room better than the previous note. Sound waves are analogous to radio waves in this respect.
In the world of RFID, the wood table in the previous example may be analogous to another type of material such as paper, water, metal, or cloth that can change the environment. Upon further examination, the previous example is more complex than it seems. Why did the resonant frequency change when the table was placed in the room? The answer is that the table impeded the propagation of the sound wave. There are hundreds of factors that could influence why the wave was impeded, but the two most common are that 1) the sound wave was absorbed by the table, or 2) the sound wave was reflected by the table which disturbed the other waves that were bouncing around the room. Like waves on a pond, sound and radio waves can cancel each other if they collide.
The two most common environmental conditions on the minds of RFID practitioners are water and metals such as iron, lead, and aluminum. The pharmaceutical industry is worried about water because many drugs contain some type of moisture. The manufacturing industry is concerned with metal because assembly lines are usually made of metal and the products may also be made of or contain metal.
Why is water such a problem for RFID tags? The truth is that water is not a problem as long as the correct frequency is chosen. Microwave ovens are tuned to the resonant frequency of water so that they can absorb the energy from the radio waves and heat up our food. The oven produces radio waves at the 2.45 GHz frequency (microwaves). These waves have a wavelength of 12.24 cm. As the waves pass through the water in the food, the water molecules rotate to align themselves with the wave. The molecules rotate with each wavelength. This oscillation causes the increase in temperature. The structure of water molecules is perfect for interacting with this frequency. Other wavelengths would not cause the water molecules to rotate. For RFID, the absorption of energy has a negative consequence unless it is being primarily collected by the antenna attached to an RFID tag.
The microwave example illustrates why choosing a frequency in one of the higher bands such as UHF or SHF would not be a good choice for applications of RFID near water where HF bands work better. The tradeoff with employing a lower frequency is that there is a decrease in the data transmission speed between the reader and tag as the frequency decreases. HF RFID tags are most often used in close proximity to water. These types of tags have coil type antennas, which are designed to work best at lower frequencies. For more information about RFID antennas, please refer to Part 4 in this article series. Some RFID tag manufacturers, like IPico, have created dual-frequency tags to combat these issues. As the name implies, dual-frequency tags transmit at two different frequencies. These types of tags can achieve higher transmission rates when communication is possible at a higher frequency, yet the tag can always be read, even when placed in a glass of water because it can transmit at a lower frequency. These tags are more robust and more expensive.
Experimenting with RF tags and water
With this knowledge we can answer the questions posed at the beginning of this article. The Alien 9540 Squiggle tag adheres to the EPC Gen 2 standards and communicates at a frequency of 915 MHz. From what we have learned about the effects of water on radio waves in the UHF band, we can deduce that the signal and energy will be attenuated by the water. The electromagnetic field required by the tag will weaken as the tag is moved closer to the water until the tag will no longer operate unless the reader is extremely close to the tag. The exact effect cannot be determined with respect to the reduction in read range for a tag when measured outside of a controlled environment such as a laboratory. It is certain, however, that if a tag is placed in the water there will be a significant reduction in its read range. Now, what if a tag worked at the lower frequency of 13.56 MHz in the HF spectrum? We can predict that the tag will operate better than the UHF tag, but a tag that operates at 125 KHz could be read at a much further distance if it was submerged fully in the water.
At our request, the Electro-Optical Systems Laboratory at the Georgia Tech Research Institute (GTRI) conducted an experiment using the Alien 9540 Squiggle tag. As shown in Table 2, their tests demonstrated that the tag is affected by water as we would expect.
The effect on a radio wave is also influenced by some types of metal with which the wave is interacting. There are many elements on the periodic table that are classified as metals. Most of them are not used on a day-to-day basis. This discussion will pertain to the more common metals that an RFID tag may come in contact with such as iron, aluminum, and copper. Ferrous metals, such as iron are often regarded as having the worst effect on electromagnetic radiation because they are, for the most part, magnetic. Non-ferrous metals, like aluminum and copper, are not magnetic and interact better with electromagnetic radiation. Not all ferrous metals are magnetic and vice versa.
Metal (the kinds mentioned above this qualification won't be repeated every time we say the word "metal") can affect radio waves in several different ways. First, radio waves cannot penetrate these metals. If RF waves cannot penetrate a metal, the metal is said to be opaque to radio waves. It is interesting that these metals do not need to be solid to completely stop a radio wave. RF engineers work in sterile environments known as a Faraday cage. The Faraday cage has walls made of highly conductive metal mesh or screen that have holes smaller than the RF wavelength being tested. If the holes are small enough and the metal is thick enough, all radio waves will be absorbed and distributed along the surface of the screen.
Metal can detune a radio wave. Detuning occurs when the amplitude and/or wavelength of the wave is skewed if the wave comes in contact with the metal. Once the wave is detuned, it cannot couple with the RFID tag. In addition to detuning, the RFID waves form miniature RF eddies where they intersect the metal. These eddies effectively cancel out the wave such that it either dissipates completely or the wave is impeded to the point that it cannot couple with the tag.
Metal may also absorb some of the radio wave. This is known as parasitic capacitance. Just like water, the metal diminishes the strength of the radio wave by absorbing some of its energy. In active RFID systems, where energy is abundant, the metal can become a conduit for the RF energy. It is not uncommon for a gas or water pipe to channel a radio wave down a hall into another room or to another floor of the building. These types of occurrences can be very challenging for active tag real-time location systems because active tags transmit with so much more energy (wattage) than passive tags do. Any metal objects such as pipes or handrails can become a secondary antenna for the active tag's transmissions.
Understanding the characteristics of RF can aid in the successful planning and implementation of an RFID solution. The basic physical principles of RF are a necessary tool in the RFID practitioner's tool belt. It is important to remember that real world environments are much different than RF labs. Passive RFID systems are much more susceptible to harsh RF environments than active RFID systems. Even so, dynamic environments can cause even the most robust RFID systems to stumble unless they are designed correctly.
About this article:
We would like to thank Gisele Bennett and her group of researchers at the Electro-Optical Systems Laboratory at the Georgia Tech Research Institute for conducting the water readability tests referenced above.
This article is the fifth in an ongoing series that explains the principles of RFID. It was created for RFIDNews by Jerry Banks, Tecnológico de Monterrey, Monterrey, Mexico and Les G. Thompson, Lost Recovery Network, Inc., Atlanta, Georgia. The authors are two of four co-authors of RFID Applied, John Wiley, 2007, ISBN-10 0471793655; ISBN-13 978-041793656.
