In recent years, multinational corporations such as Cathay Pacific, Facebook, Uber and numerous others have been heavily fined due to security and data protection violations. This period has seen data protection laws increase as more and more information is gathered and shared online. As such, it becomes crucial to account for security capabilities when choosing an embedded device that touches potentially sensitive data.

RFID readers very much belong to the ecosystem wherein personal or user identification data is transmitted either to a host system such as a PC or to an endpoint such as a Human Machine Interface (HMI). A passive RFID transponder, soft credential such as a mobile phone app using BLE/NFC or smart cards and other contact-based credentials all can carry sensitive data or personal information. In the case of smart card or contact-based credentials, the storage of personal information such as name, address or date of birth is more prevalent compared to contactless credential where an identification number may be used.

Security as a concept

RFID media may directly lead to a compromise in your intended application’s security

In general, security as a concept is always related to the entire system that includes RFID media (contact/contactless credentials), RFID reader, the host system and any database or cloud server. While accounting for security across a system is needed it is more important to consider the application or use case that is in question. One should carefully evaluate the consequences of any security breaches and if there is any sensitive information being exchanged from the RFID media to the host. As an example, the simple choice of RFID media may directly lead to a compromise in your intended application’s security. There are numerous references on security vulnerabilities related to Low Frequency (125KHz) contactless transponder types. The references focus on using interceptors to access unprotected static card information. The adversaries may then clone this credential that may be used for triggering action such as granting access to a facility or unlocking a computer. Some references also highlight vulnerabilities in the Wiegand interface about intercepting the data signals to capture card value.

Therefore, some older RFID transponders and communication interfaces that may be based on the aforementioned technology or have been subject to vulnerability hacks are now considered fundamentally compromised.

As mentioned previously, the overall security depends on every component of the system that includes the RFID reader. This article will mainly focus on some of the basic security considerations that need to be accounted for when choosing an RFID reader but also whether or not your application requires these abilities. Some of the key security considerations are as follows:

Does your application require encryption capabilities? If so, does the reader have the capability to execute cryptographic algorithms? 

In every application where RFID technologies are involved, there is a need to first assess whether encryption is required and if so, determine the exact channel where this needs to be enforced. It could be that the host interface requires the exchange of encrypted data or the air interface needs to transfer protected data. Once the requirements are established, one may then evaluate the strength of this security.

Furthermore, many types of contactless transponders can store data within their memory segments and encrypt or lock these segments with cryptographic keys. An apt card reader is one that can not only decrypt the memory segments and access the data but also provides an easy means for the end-user to carry out this operation. In many instances, the end-users have their own customised cryptographic keys for their credentials and are unwilling to share these keys with the card reader provider. Therefore, having the capability to load custom keys by someone other than the card reader manufacturer becomes essential. This can be facilitated in multiple ways, such as implementing high-level APIs and allowing the user to write applications for the card reader, or it could be enabling the customer with agraphical user interface to enter keys used to access data sectors.

Many types of contactless transponders can store data within their memory segments

Do you require encrypted data exchange? If so, where and can the card reader support this?

In a typical scenario, the card reader behaves as a medium to facilitate data collection and transfer between the contactless or contact-based transponder and the host system. The host system can either be an endpoint that locally validates the credential presented to it or it can be a microcontroller that sends data over the network to the cloud or a database for validation and authentication.  As mentioned previously, assessing whether the need for encryption is between the RFID media and the reader or from the reader to the host is important. If the former, the appropriate credentials are required. Depending on this factor you may then consider choosing an appropriate RFID reader.

There are use cases wherein personal information such as name, address, date of birth or biometric data can be stored within the credential, eg: smart cards or passports as credentials. Therefore, encrypting the exchange of such data both between the credential and the reader as well as the reader and the host becomes critical. Moreover, encryption algorithm engines such as AES, DES, 3DES, or the capability to implement custom algorithms, need to be present on the card reader as this enables ease of integration. In cases where smartcards or contact-based credentials are used, the host system typically drives the communication in its entirety. So, the card reader must also have:

  • Software capabilities such as Personal Computer Smart Card (PCSC) or Chip Card Interface Device (CCID) mode of communication. The availability of drivers to facilitate communication with the host also enables easy software integration.
  • Hardware support for communication standards such as ISO7816 and the presence of Secure Access Modules(SAM) slots and other contact-based interfaces.

Does your application require MUTUAL authentication with Secure Access Modules (SAM) and RFID media? If so, does the reader support This?

A Secure Access Module is a type of smart card that follows a contact-based communication standard to interact with a card reader. These modules ensure the protection of security keys as well as facilitate cryptographic operations. Typically, SAMs are used to generate application keys based on a specific master key or to generate session keys. They also enable secure messaging between the RFID media, the reader and the host system.

Many contactless credentials hold memory segments/applications that are encrypted with cryptographic keys. These keys are often stored in SAMs and supplied to card reader manufacturers. This not only ensures the security of the keys but adds a step in the authentication process. The card reader in this case should first perform authentication operations with the SAM and then carry out a series of cryptographic and bit manipulation operations between the contactless card and the SAM. This can be further secured by adding a key diversification step. The card reader must be able to support such a scenario both in the hardware as well as in the software. Many end-users require the card reader to natively support such a scenario and have the ability to provide high-level API’s to help in their implementation. In addition to this, high-security applications demand the transfer of data in an encrypted format. One can ensure end-to-end encryption/security with the help of SAMs. In such an architecture, the reader facilitates mutual authentication with the RFID media and the SAM, thus transferring protected data over a Radio-Link and also ensuring the security of encryption keys. The reader can also transfer data encrypted by the SAM to the host system maintaining a high level of security across the system.

Appropriate precautions are to be put in place to improve the overall security

Note that the safety of distributing SAMs as well as administering the installation process within the reader should be treated as a separate issue and tackled accordingly. There is also an issue of the readers being stolen or the SAM modules being dismounted from the reader. The security considerations here do not indulge in these topics and appropriate precautions are to be put in place to improve the overall security of the system. 

Does the card reader have communication interfaces other than Wiegand such as RS485 or RS232?

The Wiegand card as well as the Wiegand interface for data transmission is a 40-year old technology that originates from the Wiegand effect discovered by John R. Wiegand in the early 1970s. While the Wiegand cards are still in production, they have been largely replaced by newer and cheaper forms of access cards. However, these cards are still based on the Wiegand data format that is susceptible to interception as the data are available in plain text. Also, the Wiegand interface introduced in the 1980s remains prevalent across the logical access as well as the physical access control industry despite various security vulnerabilities. This technology no longer conforms to the current security standards. It is therefore important for integrators to choose a communication interface that can offer higher security from interception and support encrypted data exchange.

Do you require tamper detection technologies? If so, can the reader meet this requirement?

The need for tamper detection largely varies from one application to another so it is more important to consider whether this level of security is suitable for your respective use case. As an example, card readers attached to multi-function printers (MFPs) for releasing print jobs in an enterprise environment can be considered less critical since tampering with the reader can ultimately lead to the downtime of the printers but will not compromise the safety of your documents. Typically, in such scenarios, the card reader works hand in hand with the MFP and a print management solution that ensures the release of print jobs. Therefore, if the card reader is sabotaged or tampered with, the MFP or the solution simply prevents the release of any information.

On the other hand, high-security environments such as data centers certainly need greater protection. One must thoroughly evaluate the consequences of any attempts directed towards compromising the device integrity or the data associated with the device. These topics need to be considered separately and are outside the scope of this article. In conclusion, depending on the application, the credentials involved as well as the data that is being exchanged with the card reader and eventually the host, tamper detection technologies can improve the security of the device. There are several technologies in the market such as mechanical and optical tamper detectors that can be embedded directly on the card reader for superior protection against threats. 

Do you require the reader's ronfiguration or firmware to be securely shared or loaded on the card reader?  If so, can the reader meet this requirement?

We are all aware of system and application software updates as at some point our phones have received security patches or app upgrades over the network. In the case of card readers, the process is quite similar except here the software or configuration updates might require encryption based on your use case.  For example, if an end customer is reading static card numbers from an RFID media or isn’t using data protected by encryption keys this does not require the firmware or the configuration to be encryption for a simple reason that these files do not carry any sensitive information. The need to encrypt configuration/firmware files arises if the data that is being read by the reader contains any personal information or is part of a proprietary corporate format that is confidential, or should a customer wish to move to a higher security credential encrypted with keys. This means that either their existing card readers or new card readers must have a configuration that holds these keys.

Configuration or firmware must also be encrypted since it holds sensitive information

In such a scenario, the configuration or firmware must also be encrypted since it holds sensitive information. If the configuration or the firmware is encrypted, the file will no longer pose a security risk and can be shared with customers to perform updates to the existing readers or with the card reader manufacturers to load new readers with the configuration of firmware updates. This not only secures the sharing process but also the update process since the reader is now receiving an already encrypted file.

After all, it is essential to choose a card reader that can carry out the aforementioned security considerations but more importantly the security features that are chosen need to be appropriate to the requirement of the customer. Any integrator first and foremost should thoroughly evaluate the respective application. They should work with subject matter experts in the field and establish requirements and objectives. After developing the concept, system architecture, data flow as well as various secure channels, only then can one begin to account for the security features needed. This process not only helps cement the end system’s overall security view but also elucidates the exact security requirements that correspond to the resulting application.

In conclusion, choosing an RFID product that not only has the above security features but also has a flexible system design capable of accommodating future adaptions will prove to be the right choice for OEM’s and system integrators.

Share with LinkedIn Share with Twitter Share with Facebook Share with What's App Share with Facebook
Download PDF version Download PDF version

Author profile

Kiran Vasishta Field Application Engineer, ELATEC USA

In case you missed it

Which security markets are embracing touchless and contactless systems?
Which security markets are embracing touchless and contactless systems?

The idea of touchless systems has gained new levels of prominence during the last year, driven by the global COVID-19 pandemic. Contactless systems have been part of the industry’s toolbox for decades, while technologies like facial and iris recognition are finding new uses every day. We asked this week’s Expert Panel Roundtable: Which security markets are embracing touchless, contactless systems and why? 

How body worn cameras and AI can curb the issue of abusive behaviour
How body worn cameras and AI can curb the issue of abusive behaviour

Amongst the many negative consequences of the pandemic is a rise in violent and abusive behaviour across society. Health workers have experienced it on a regular basis. So too have police officers and public transport workers. Unfortunately, violence and abuse towards shop workers is also endemic in British society. To address this problem which, in truth, has been on the rise since long before the emergence of COVID-19, we need better deterrents. The ability to prosecute these offences is one such deterrent, but just as important is the ability to deescalate situations before they spill over into unacceptable or unlawful behaviour. Major retail customers In both instances, organisations of all sizes are now recognising that the answer could involve greater use of rapidly advancing body worn camera technology. Andy Marsh, the Chief Constable of Avon and Somerset Police, is one of the police officers responsible for introducing body worn cameras to the UK police force, where they are now in widespread use. Andy Marsh is one of the police officers responsible for introducing body worn cameras to the UK police force He explains that “The reason the majority of people don’t speed or drink-drive is that rational human beings weigh up the risk and consequences of breaking the law and getting caught. Body worn cameras help provide appropriate ‘desistance’, especially where there are forward-facing screens so the person interacting with the wearer can see themselves and their behaviour.” Evidence shows that if a forward-facing camera is switched on before the intervention becomes hostile, it will generally lead to a de-escalation – as often as 90% of the time, according to one of our major retail customers. Digital evidence investigations Only a tiny handful of abusive incidents ever translate into arrests and prosecutions. A key issue is a lack of clear evidence – how to get past the usual impasse of one person’s word against the other. Body worn cameras break the deadlock and allow organisations to report incidents to the police with confidence, knowing that they will lead to action. Marsh suggests that “We usually see an earlier admission, an earlier guilty plea and a more appropriate sentence, where body worn camera footage is in play.” The technology has come on in leaps and bounds in recent years. For example, it’s now possible to record high-definition footage on a lightweight device that’s barely the size of a palm. And it’s not just about the evidence organisations gather themselves. Many police forces are looking at ways to make it easier for businesses and the public to collaborate on digital evidence investigations. Body worn cameras This is good for the victims of crime because it means we get the evidence more quickly" “We’ve created an online crime portal in Avon and Somerset which people can use to pass digital evidence and material to us without an officer having to attend their premises. This is good for the victims of crime because it means we get the evidence more quickly and can take action more swiftly to resolve that issue,” adds Marsh. Our body worn cameras can now even support facial recognition thanks to new, smart AI on the devices themselves, which can scan and process faces within a three-metre distance against a pre-defined database of people (which we call a watchlist). Any matches trigger alerts or additional camera activity such as recording and streaming, while the facial recognition data of people not on the watchlist itself is not recorded or saved to assuage privacy concerns. Similar criminal behaviour Where could this technology come in handy? Well, staff at gambling venues or in-store retail workers could undoubtedly benefit from the ability to quickly spot known fraudsters or addicts who have requested that venues refuse their custom. Stewards at mass sporting events could play a key role in helping to identify people who have been banned from attending. The primary reason for using body worn cameras is to increase the safety of frontline workers The primary reason for using body worn cameras is to increase the safety of frontline workers, deescalating confrontations and limiting the use of force. AI-powered facial recognition can also serve this purpose by helping them make better-informed choices about how to handle specific situations. For example, it is a massive advantage to police officers on the beat to understand that the person they are dealing with may have a history of similar criminal behaviour. Facial recognition technology But it’s also an advantage within retail, where aggressive incidents are on the rise and staff need all the help they can get to determine what an appropriate response should be to a particular customer incident. In fact, extensive consultation with our retail, police, transport and gambling customers indicates that introducing facial recognition technology to body worn cameras could be instrumental, not just in helping to prevent crime, but in tracking down vulnerable and missing people too. Of course, facial recognition technology has to be balanced against the need to protect the privacy of ordinary citizens. Video recording using body worn cameras has to be done proportionately – the same is true for the use of facial recognition technology. The technology also has to be compliant with GDPR, Data Protection, the Information Commissioners recommendations and so on. Positive working environment Violent and abusive incidents affect everyone in the immediate vicinity and create a culture of fear Importantly, it should be for a specific, proportionate and justifiable reason which, of course, means it should never be used for indiscriminate mass surveillance. Every organisation using this technology must remember that a facial recognition system match is not proof of someone’s identity, but rather, an indication of likelihood to help inform the user rather than dictate the course of action. Violent and abusive incidents affect everyone in the immediate vicinity and create a culture of fear and apprehension. This is why it’s so important to get on top of the problem – both on a societal and at an organisational level. Body worn cameras have a vital role to play, as an evidence-gathering tool and as a deterrent that empowers the wearer and creates a more positive working environment. Deterring unlawful behaviour One of the critical roles these cameras play is in staff training, providing real-world video evidence that can be used to educate and upskill workers across a variety of industries. Society’s problem with abusive and violent behaviour cannot be solved by technology alone. But with exceptional quality camera footage now a reality, and the possibility of AI technology at the device level in real-time, body worn cameras will only get better at deterring unlawful behaviour and helping to protect hardworking frontline staff. Alasdair Field is CEO of video technology provider Reveal, which works with UK police forces and major brands such as Matalan, JD Sports and Boots to help them improve staff safety, deescalate confrontations and reduce violent and abusive incidents.

ASSA ABLOY Opening Solutions embraces BIM to smooth specification and installation of door security solutions
ASSA ABLOY Opening Solutions embraces BIM to smooth specification and installation of door security solutions

BIM (building information modeling) provides a process for creating and managing information during the building lifecycle and beyond. BIM is often equated with 3D modeling of construction projects, but the visual component is just part of the value of BIM. Additional data, such as specifications and other documentation, is also part of the process, underlying the visual aspects, helping to drive decision making and providing immediate access to detailed information about all facets of the building process. Incorporating BIM systems For the last six years, ASSA ABLOY Opening Solutions has worked with specification writers and architects in Europe, the Middle East, and Africa (EMEA) to make it easy to incorporate ASSA ABLOY Opening Solutions doors, hardware, and security solutions into BIM systems. Everyone on a project can work together in the interactive and information-rich BIM environment. BIM tools are also used by contractors, distributors, facility owners, and security consultants. BIM software BIM information relating to doors, hardware, and security solutions is available in the cloud  BIM information relating to doors, hardware, and security solutions is available in the cloud with the company’s Openings Studio BIM software. This improves the process of door scheduling and visualisation and enables customers to focus on the design, installation, and management of openings. “If you have up-to-date information inside the BIM model, you can reduce mistakes and misunderstanding in the building industry,” says Marc Ameryckx, ASSA ABLOY Opening Solutions’ BIM Manager for the EMEIA region. “It helps to eliminate mistakes before they happen or as early as possible in the building process. The earlier, the less it costs. We provide data as soon as possible in the process.” (ASSA ABLOY Opening Solutions also has comparable systems available in other regions of the global company.) Centralised data in BIM 3D model Expanding the data available in BIM provides additional value compared to merely providing “BIM objects” that can be incorporated into a BIM 3D model. The combination of BIM modeling and the underlying specifications boosts the quality of the project and its key to success, says Marc Ameryckx. Even after the building is complete, the BIM model is still valuable, providing a repository of “as-built” information that can be used by building managers and security professionals tasked with operating and maintaining the building. For example, if a lock needs to be replaced, retrofitting is simpler because all the information about the lock and existing installation is available in a centralised data file. Revit and ArchiCAD A widely used BIM software is Revit from Autodesk, a program that brings architecture, engineering, and construction disciplines into a unified modeling environment to drive more efficient and cost-effective projects. Another BIM software program is ArchiCAD, developed by the Hungarian company Graphisoft. Openings Studio™ added a plugin for ArchiCAD this year, in addition to Revit. Tailor-made information security solutions We provide tailor-made information security solutions with various hardware on projects with more doors" “We can provide tailor-made information security solutions with various hardware on projects with more doors, adding more flexibility,” says Marc Ameryckx. “Customers do not need to be the experts on the products because we provide expertise as part of our specifications.” For example, how often do building mistakes occur because of a misunderstanding about the electrical needs of a lock and the wrong cabling is installed? The problem is especially expensive if it is discovered only after the walls are complete. Providing complete data about the electrical lock as part of a BIM system avoids the snafu. Another example is the specification of a deadbolt lock on a door that operates with an electric strike. The deadbolt undermines the intended operation of the electric strike and can interfere with escape routes in case of an emergency. The mistake becomes obvious in the BIM environment and can be rectified before consequences impact the real world. Data addition to Opening Suites site ASSA ABLOY Opening Solutions is continuously expanding the data it provides at the Opening Suites site, covering additional functionality and more components including the door, cabling, and electrical connections. Hardware sets are linked to specific doors in the BIM models, including all the details of various components, including article numbers, technical sheets, electrical requirements, all depending on customer expectations. Physical equipment includes QR codes that can be scanned by a smartphone to provide information on the door (A mobile app is in development). More details and more data Experienced BIM consultants work with the Openings Studio software on projects ranging from single doors to large buildings with many doors. Data will be more and more important, and there will be more data inside BIM models Adding more data and detail to the BIM process at the level of each door expands the usefulness of BIM, which has historically been focused on broader issues such as structural work and HVAC. “Openings Studio™ provides all the data to integrate doors and security in the BIM process,” says Marc Ameryckx. The higher level of detail may be a new aspect even for customers who already use BIM software. “Data will be more and more important, and there will be more data inside BIM models,” says Marc Ameryckx. In the future, the use of “digital twins” could expand the capabilities even further; for example, the software could simulate escape routes in case of fire. More data makes more things possible.