Software // Enterprise Applications
News
1/31/2008
11:16 AM
Connect Directly
RSS
E-Mail
50%
50%

California Senate Approves Bill To Outlaw Skimming RFID Tags

Technology to steal -- or skim -- information from RFID tags is readily available, off-the-shelf, and surprisingly inexpensive.

The California State Senate voted to make it a crime to skim information stored on RFID tags.

The Senate voted 36 to 3 to pass the bill, introduced by State Sen. Joe Simitian (D-Palo Alto). The bill, SB 31, goes to the California State Assembly.

Simitian participated in a controlled experiment to demonstrate how skimming works.

"The problem is real," he said, while announcing passage of his bill. "The card I use to access the State Capitol was skimmed and cloned by a hacker in a split second. Minutes later, using that clone of my card, he was able to walk right into the Capitol through a 'secure' and locked entrance." Simitian said personal information on tags used for drivers' licenses and student IDs should be protected the same way other personal property is protected.

"If you've been mugged, or even had your pocket picked, you know you've been a victim," he said. "You can take steps to protect yourself against identity theft. But if your personal information has been 'skimmed' without your knowledge or consent, you're completely vulnerable. Right now if someone steals your ID, it's a crime; but if they steal the information on your ID by 'skimming,' it's not."

Simitian said the problem is exacerbated by the fact that millions of IDs and access cards carry unlimited information and there aren't any rules about including technology to protect privacy for privately-issued cards.

"RFID technology is not in and of itself the issue," he said. "RFID is a minor miracle with all sorts of good uses. But it's easier than ever to steal someone's personal information with an unauthorized reader -- technology that is readily available, off-the-shelf, and surprisingly inexpensive." Simitian's bill makes exceptions for inadvertent scanning. It also allows emergency medical workers and law enforcement agencies to scan cards without permission, while trying to provide care or investigate crimes -- as long as investigators have obtained a search warrant.

Comment  | 
Print  | 
More Insights
Building A Mobile Business Mindset
Building A Mobile Business Mindset
Among 688 respondents, 46% have deployed mobile apps, with an additional 24% planning to in the next year. Soon all apps will look like mobile apps and it's past time for those with no plans to get cracking.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and trends on InformationWeek.com
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.