US20150116095A1 - Reader, writer and method for programmable tags - Google Patents

Reader, writer and method for programmable tags Download PDF

Info

Publication number
US20150116095A1
US20150116095A1 US14/500,125 US201414500125A US2015116095A1 US 20150116095 A1 US20150116095 A1 US 20150116095A1 US 201414500125 A US201414500125 A US 201414500125A US 2015116095 A1 US2015116095 A1 US 2015116095A1
Authority
US
United States
Prior art keywords
tag
data
security identifier
identifier
security
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US14/500,125
Inventor
Andrew Chadbourne
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bibliotheca Ltd
Original Assignee
Bibliotheca Ltd
Bibliotheca Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bibliotheca Ltd, Bibliotheca Ltd filed Critical Bibliotheca Ltd
Assigned to BIBLIOTHECA LIMITED reassignment BIBLIOTHECA LIMITED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: CHADBOURNE, ANDREW
Publication of US20150116095A1 publication Critical patent/US20150116095A1/en
Priority to US15/378,496 priority Critical patent/US10152618B2/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10297Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for handling protocols designed for non-contact record carriers such as RFIDs NFCs, e.g. ISO/IEC 14443 and 18092
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/0723Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips the record carrier comprising an arrangement for non-contact communication, e.g. wireless communication circuits on transponder cards, non-contact smart cards or RFIDs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/08Error detection or correction by redundancy in data representation, e.g. by using checking codes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K19/00Record carriers for use with machines and with at least a part designed to carry digital markings
    • G06K19/06Record carriers for use with machines and with at least a part designed to carry digital markings characterised by the kind of the digital marking, e.g. shape, nature, code
    • G06K19/067Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components
    • G06K19/07Record carriers with conductive marks, printed circuits or semiconductor circuit elements, e.g. credit or identity cards also with resonating or responding marks without active components with integrated circuit chips
    • G06K19/073Special arrangements for circuits, e.g. for protecting identification code in memory
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10257Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves arrangements for protecting the interrogation against piracy attacks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10366Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves the interrogation device being adapted for miscellaneous applications

Definitions

  • the present invention relates to a reader, writer and method for programmable identifiers such as RFID and NFC type tags.
  • RFID Radio Frequency Identification
  • NFC Near Field Communication
  • a programmable tag is fixed or otherwise embedded into an article to be monitored or tracked. This can be, for example: via a removable security device that may be adhered to a book, clipped to garments etc. to prevent theft from shops; affixed to a box or interior of an item via an adhesive pad or similar or the tag may be integrated into the item or packaging during manufacture.
  • a programmable tag typically includes an antenna coupled to some form of memory.
  • the memory can be interrogated and in some cases altered via appropriate signals received by the antenna.
  • Tracking and interrogation of tags can be done in many ways, although typical methods are via use of hand-held scanner type devices at checkouts/point of receipt or departure and via readers positioned in premises such that a tag must pass through them (for example by the door of a shop or the like). Actions taken when a tag is encountered vary depending on application. For example—in package tracking it may just be to record when the package entered or left a facility or vehicle. In retail, the passage of a tag through a portal typically causes an alarm to be sounded (because tags are typically removed or disabled at the point of sale).
  • programmable identifiers are in frequent use and are also frequently programmed and reprogrammed to show loan status
  • lending libraries where a tag may be used to identify a book or other item being borrowed or returned and link to the lender's account to identify fines due and the like.
  • attributes of the tag are also used to identify whether the item has been successfully lent and can be allowed off-premises.
  • the check-out procedure is done by the user via a kiosk or similar without staff interaction so the user may be responsible for correctly “programming” the tag (positioning it so the kiosk can read it and write to it).
  • a tag writer for a programmable tag, the tag writer being operable to generate a security identifier during writing of data to the tag, the security identifier being dependent on one or more of the data written, data already on the tag, metadata associated with the data, the tag and/or the writing of the data.
  • the security identifier is a checksum, hash, encrypted digest or other identifier.
  • the security identifier is written to a data repository for future authentication of the tag and security identifier.
  • the security identifier is repeatable from the data on the tag and the identifier is stored elsewhere whereby upon presentation of the tag, validity of the data on the tag can be authenticated by comparison of the security identifier on the tag with that held in the data repository.
  • the security identifier is derived from security status and/or content of a user memory area of the tag. In one embodiment, one of the data from the user memory area and data on the security status is appended to the other and a checksum or other function is applied to the combined value to generate the security identifier.
  • the security identifier or a part of the security identifier may be written so as to be integral to the data on the tag, wherein reprogramming of the tag changes or deletes the security identifier.
  • the tag includes a unique identifier.
  • the unique identifier may be physically written or etched on to the tag or its packaging, it may be written or encoded in the tag memory or it may be otherwise linked to the tag.
  • the security identifier is linked to the unique identifier in the data repository.
  • the data repository is indexed by the unique identifier of tags and is arranged to receive communications specifying or requesting security identifiers by unique identifier.
  • data on the tag from which the security identifier is derived is written to a backup data repository.
  • a subset of data on the tag is used to generate the security identifier.
  • data defining the subset is associated with the unique identifier or other information identifying the tag.
  • a tag reader operable to read data from a memory of a programmable tag and generate a security identifier from the read data, the tag reader being arranged to compare the security identifier to a previously calculated security identifier for the tag to authenticate the data in the memory.
  • the tag preferably has a unique identifier.
  • the unique identifier may be stored in the tag memory and/or may be physically written on or etched into the tag or otherwise linked to the tag.
  • the security identifier is written to a data repository with a link to the unique identifier, the data repository being responsive to provide the security identifier upon receipt of the unique identifier.
  • the reader need not necessarily do the calculation and may simply pass on read data from the tag for authentication.
  • the data repository may be part of a security system and is arranged to receive data read from a tag and calculate a security identifier therefrom, authentication being made if the calculated security identifier matches the security identifier in the data repository.
  • the reader may include or be linked to a tag writer, wherein upon failure to authenticate the read data in a tag to the stored security identifier, the tag writer may be triggered to overwrite data in the tag with data in a backup data repository defining default data values and/or the immediate past value of data written to the tag to which it should be returned such that it matches the security identifier.
  • Modern mobile phones that contain NFC readers are actually fully-fledged RFID reader/writer devices and so can be used to deliberately modify data stored on any HF (13.56 MHz) RFID tag, including those used in libraries and in retail environments.
  • Embodiments of the present invention seek to address this issue by use of a security identifier such as a checksum that is calculated at write time and stored separately to the tag.
  • the identifier can be used to authenticate data being later read because if the data had changed, it would not be possible to recreate the identifier.
  • an alarm or other alert may be raised on failure to authenticate.
  • the data may be returned to a default or past recorded state on failure to authenticate—for example a library book may have its tag maliciously tampered with to avoid an alarm sounding as it leaves the premises, upon a portal detecting a tag that is disarmed and has data that does not reflect a proper check-out, the tag may be re-armed so as to trigger an alarm as it leaves the building.
  • a default or past recorded state on failure to authenticate for example a library book may have its tag maliciously tampered with to avoid an alarm sounding as it leaves the premises, upon a portal detecting a tag that is disarmed and has data that does not reflect a proper check-out, the tag may be re-armed so as to trigger an alarm as it leaves the building.
  • a checksum is made. This checksum is derived from a combination of the security status and the user memory area. The checksum is written to a database together with the unique ID of the RFID tag. This unique ID may be laser-etched at production time so as to be unique and also unalterable.
  • the database can be queried at every point the tag is read.
  • a very quick process can compare the unique ID to the checksum and therefore give a positive/negative response as to if the data is accurate or it may be have been changed.
  • FIGS. 1-4 are schematic diagrams of a control system according to an embodiment of the present invention.
  • FIG. 5 is a schematic diagram of a control system according to another embodiment of the present invention.
  • FIG. 1 is a schematic diagram of a control system according to an embodiment of the present invention.
  • the control system 10 includes a tag reader 20 and a tag writer 30 (although it will be appreciated that in some embodiments, a single entity may act as a reader and writer).
  • the control system 10 also includes a data repository 40 which is arranged to communicate with the tag reader 20 and writer 30 , for example over a wired or wireless data communication network 50 .
  • the tag writer 30 Upon writing data to a programmable tag 60 , the tag writer 30 is configured to generate a security identifier 60 ′.
  • the security identifier is dependent on one or more of the data being written, data already on the tag, metadata associated with the data, the tag and/or the writing of the data (for example, the origin of the data, time/date when written, data identifying the tag writer etc.).
  • the security identifier 60 ′ may be a checksum, hash, encrypted digest or other identifier.
  • the security identifier 60 ′ is communicated to the data repository 40 where it is stored for future authentication of the tag and its data.
  • the security identifier 60 ′ may be computed from a one-way calculation (so that the data itself may not be recoverable from the identifier but the identifier itself can be re-computed if the same data is provided as input to the calculation).
  • the security identifier 60 ′ is repeatable from the data on the tag and the identifier is stored elsewhere whereby upon presentation of the tag, validity of the data on the tag can be authenticated by comparison of the security identifier on the tag with that held in the data repository.
  • the security identifier is derived from a security status field 61 and the content of a user memory area 62 of the tag 60 , as shown in FIG. 2 .
  • One of the data from the user memory area and data on the security status is appended to the other (as long as the order is consistently applied during operation it does not matter which is first) and a checksum or other function is applied to the combined value to generate the security identifier.
  • the security identifier 60 ′ or a part of the security identifier may be written to the tag in a field 63 .
  • it may be written so as to be integral to the data on the tag, for example as the last n digits of the user memory area.
  • reprogramming of the tag changes or deletes the security identifier and can immediately be spotted without needing to recomputed the security identifier.
  • the tag includes a unique identifier written in a field 64 (it may also or alternatively be etched on to the tag or its packaging, or otherwise linked to the tag).
  • the security identifier is linked to the unique identifier in the data repository 40 .
  • the data repository may be indexed by the unique identifier of tags, for example, and is arranged to receive communications specifying or requesting security identifiers by unique identifier.
  • the tag reader 20 is configured to read data from a memory of a presented programmable tag 60 .
  • a security identifier 60 ′′ is generated from the read data (either by the reader or by a device or service to which the reader communicates the read data).
  • the security identifier 60 ′′ is then compared to a previously calculated security identifier 60 ′ for the tag 60 that is held in the data repository 40 to authenticate the data in the memory. if the data is manipulated, the tag 60 # would have data such that a different security identifier 63 # would be created when the function is next applied to the data 61 #, 62 #. Authentication would fail as the comparison to the identifier stored in the repository would report a mismatch, as shown in FIGS. 3 and 4 .
  • the data repository may operate as a service, returning the previously calculated security identifier 60 ′ upon presentation of the corresponding unique identifier for the tag.
  • the data repository may receive both the unique identifier and read data or the unique identifier and calculated security identifier and return an authentication result (thereby reducing calculations needed to be performed by the reader and also reducing risk that a stolen reader or writer could be reverse engineered to determine the function used to calculate security identifiers).
  • the function generating the security identifier need not necessarily operate on all of the data in the user memory area and may, for example, be configurable to operate on a selected bit pattern or the like.
  • the bit pattern may be linked to the unique identifier and stored or otherwise referenced in the data repository.
  • the security identifier may be stored in the tag, either in its own field or at the start/end of or elsewhere in the user memory area. In the latter case, in a similar way to the bit pattern, a mask or other data identifying position of the security identifier could be stored to allow this to be recovered (or else dropped from the user memory area before the security identifier is re-computed at read time).
  • FIG. 5 is a schematic diagram of a control system according to another embodiment of the present invention.
  • FIG. 5 corresponds to that of FIGS. 1 and 2 but includes a backup data repository 100 to which the tag writer 30 writes data 60 * that is used to generate the security identifier against the tag's unique identifier.
  • the tag reader 20 Upon a tag failing authentication, the tag reader 20 triggers re-writing of the data in the tag based on the data 60 * in the backup data repository 100 .
  • some or all of the data in the backup data repository may include default values for the tag.
  • the device performing the check of a tag could reprogram the tag with the correct data. This may be automatic or subject to customer or staff approval via a user interface at the kiosk or at a remotely manned workstation or the like.
  • the security flag (which triggers alarms at exit to a building etc) may be set by default if the tag is reprogrammed, irrespective of whether it was previously enabled or disabled according to the backup data repository 100 . This allows for detection of someone interfering with tags.
  • code e.g., a software algorithm or program
  • firmware e.g., a software algorithm or program
  • computer useable medium having control logic for enabling execution on a computer system having a computer processor.
  • Such a computer system typically includes memory storage configured to provide output from execution of the code which configures a processor in accordance with the execution.
  • the code can be arranged as firmware or software, and can be organized as a set of modules such as discrete code modules, function calls, procedure calls or objects in an object-oriented programming environment. If implemented using modules, the code can comprise a single module or a plurality of modules that operate in cooperation with one another.

Abstract

A tag writer, reader and method are disclosed. The tag writer is operable to generate a security identifier during writing of data to the tag, the security identifier being dependent on one or more of the data written, data already on the tag, metadata associated with the data, the tag and/or the writing of the data.

Description

  • This patent application claims the benefit of priority under 35 U.S.C. Section 119(a) of Great Britain Patent Application No. 1317292.9, filed Sep. 30, 2013, which is hereby incorporated by reference as if set forth in its entirety herein.
    • FIELD OF THE INVENTION
  • The present invention relates to a reader, writer and method for programmable identifiers such as RFID and NFC type tags.
    • BACKGROUND OF THE INVENTION
  • Programmable identifiers such as RFID (Radio Frequency Identification) and NFC (Near Field Communication) tags are commonplace in many applications, particularly in customer/user based applications such as retail sales and inventory management.
  • Typically, a programmable tag is fixed or otherwise embedded into an article to be monitored or tracked. This can be, for example: via a removable security device that may be adhered to a book, clipped to garments etc. to prevent theft from shops; affixed to a box or interior of an item via an adhesive pad or similar or the tag may be integrated into the item or packaging during manufacture.
  • A programmable tag typically includes an antenna coupled to some form of memory. The memory can be interrogated and in some cases altered via appropriate signals received by the antenna.
  • Tracking and interrogation of tags can be done in many ways, although typical methods are via use of hand-held scanner type devices at checkouts/point of receipt or departure and via readers positioned in premises such that a tag must pass through them (for example by the door of a shop or the like). Actions taken when a tag is encountered vary depending on application. For example—in package tracking it may just be to record when the package entered or left a facility or vehicle. In retail, the passage of a tag through a portal typically causes an alarm to be sounded (because tags are typically removed or disabled at the point of sale).
  • One particular application where programmable identifiers are in frequent use and are also frequently programmed and reprogrammed to show loan status is in lending libraries where a tag may be used to identify a book or other item being borrowed or returned and link to the lender's account to identify fines due and the like. In such cases, attributes of the tag are also used to identify whether the item has been successfully lent and can be allowed off-premises. Often the check-out procedure is done by the user via a kiosk or similar without staff interaction so the user may be responsible for correctly “programming” the tag (positioning it so the kiosk can read it and write to it).
  • During the early implementation of RFID and similar tags, at least some of the security they provided was through obscurity—nobody could read or write to them without the appropriate (typically bespoke) hardware and software.
  • However, this is no longer the case, particularly with the advent of NFC capable smart phones.
    • SUMMARY OF THE INVENTION
  • According to an aspect of the present invention, there is provided a tag writer for a programmable tag, the tag writer being operable to generate a security identifier during writing of data to the tag, the security identifier being dependent on one or more of the data written, data already on the tag, metadata associated with the data, the tag and/or the writing of the data.
  • Preferably, the security identifier is a checksum, hash, encrypted digest or other identifier. Preferably the security identifier is written to a data repository for future authentication of the tag and security identifier. Preferably the security identifier is repeatable from the data on the tag and the identifier is stored elsewhere whereby upon presentation of the tag, validity of the data on the tag can be authenticated by comparison of the security identifier on the tag with that held in the data repository.
  • In one embodiment, the security identifier is derived from security status and/or content of a user memory area of the tag. In one embodiment, one of the data from the user memory area and data on the security status is appended to the other and a checksum or other function is applied to the combined value to generate the security identifier.
  • Optionally, the security identifier or a part of the security identifier may be written so as to be integral to the data on the tag, wherein reprogramming of the tag changes or deletes the security identifier.
  • Preferably, the tag includes a unique identifier. The unique identifier may be physically written or etched on to the tag or its packaging, it may be written or encoded in the tag memory or it may be otherwise linked to the tag. Preferably, the security identifier is linked to the unique identifier in the data repository. Most preferably, the data repository is indexed by the unique identifier of tags and is arranged to receive communications specifying or requesting security identifiers by unique identifier.
  • Optionally, data on the tag from which the security identifier is derived is written to a backup data repository. Optionally, a subset of data on the tag is used to generate the security identifier. Optionally, data defining the subset is associated with the unique identifier or other information identifying the tag.
  • According to another aspect of the present invention, there is provided a tag reader operable to read data from a memory of a programmable tag and generate a security identifier from the read data, the tag reader being arranged to compare the security identifier to a previously calculated security identifier for the tag to authenticate the data in the memory.
  • The tag preferably has a unique identifier. The unique identifier may be stored in the tag memory and/or may be physically written on or etched into the tag or otherwise linked to the tag. Preferably, the security identifier is written to a data repository with a link to the unique identifier, the data repository being responsive to provide the security identifier upon receipt of the unique identifier. It will be appreciated that the reader need not necessarily do the calculation and may simply pass on read data from the tag for authentication. For example, the data repository may be part of a security system and is arranged to receive data read from a tag and calculate a security identifier therefrom, authentication being made if the calculated security identifier matches the security identifier in the data repository.
  • In one embodiment, the reader may include or be linked to a tag writer, wherein upon failure to authenticate the read data in a tag to the stored security identifier, the tag writer may be triggered to overwrite data in the tag with data in a backup data repository defining default data values and/or the immediate past value of data written to the tag to which it should be returned such that it matches the security identifier.
  • Modern mobile phones that contain NFC readers are actually fully-fledged RFID reader/writer devices and so can be used to deliberately modify data stored on any HF (13.56 MHz) RFID tag, including those used in libraries and in retail environments. This presents a problem in that tag data could be maliciously changed and security could be deactivated to allow items to leave the library or retail facility without sounding security gates. Embodiments of the present invention seek to address this issue by use of a security identifier such as a checksum that is calculated at write time and stored separately to the tag. The identifier can be used to authenticate data being later read because if the data had changed, it would not be possible to recreate the identifier. Optionally, an alarm or other alert may be raised on failure to authenticate. In one embodiment, the data may be returned to a default or past recorded state on failure to authenticate—for example a library book may have its tag maliciously tampered with to avoid an alarm sounding as it leaves the premises, upon a portal detecting a tag that is disarmed and has data that does not reflect a proper check-out, the tag may be re-armed so as to trigger an alarm as it leaves the building.
  • In preferred embodiments, whenever a tag is programmed (using any device) a checksum is made. This checksum is derived from a combination of the security status and the user memory area. The checksum is written to a database together with the unique ID of the RFID tag. This unique ID may be laser-etched at production time so as to be unique and also unalterable.
  • Once this data is held, the database can be queried at every point the tag is read. A very quick process can compare the unique ID to the checksum and therefore give a positive/negative response as to if the data is accurate or it may be have been changed.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • Embodiments of the present invention will now be described, by way of example only with reference to the accompanying drawings in which:
  • FIGS. 1-4 are schematic diagrams of a control system according to an embodiment of the present invention; and
  • FIG. 5 is a schematic diagram of a control system according to another embodiment of the present invention.
    •  DETAILED DESCRIPTION OF CERTAIN EMBODIMENTS OF THE INVENTION
  • FIG. 1 is a schematic diagram of a control system according to an embodiment of the present invention.
  • The control system 10 includes a tag reader 20 and a tag writer 30 (although it will be appreciated that in some embodiments, a single entity may act as a reader and writer). The control system 10 also includes a data repository 40 which is arranged to communicate with the tag reader 20 and writer 30, for example over a wired or wireless data communication network 50.
  • Upon writing data to a programmable tag 60, the tag writer 30 is configured to generate a security identifier 60′. The security identifier is dependent on one or more of the data being written, data already on the tag, metadata associated with the data, the tag and/or the writing of the data (for example, the origin of the data, time/date when written, data identifying the tag writer etc.).
  • The security identifier 60′ may be a checksum, hash, encrypted digest or other identifier.
  • The security identifier 60′ is communicated to the data repository 40 where it is stored for future authentication of the tag and its data.
  • The security identifier 60′ may be computed from a one-way calculation (so that the data itself may not be recoverable from the identifier but the identifier itself can be re-computed if the same data is provided as input to the calculation).
  • Preferably the security identifier 60′ is repeatable from the data on the tag and the identifier is stored elsewhere whereby upon presentation of the tag, validity of the data on the tag can be authenticated by comparison of the security identifier on the tag with that held in the data repository.
  • In one embodiment, the security identifier is derived from a security status field 61 and the content of a user memory area 62 of the tag 60, as shown in FIG. 2. One of the data from the user memory area and data on the security status is appended to the other (as long as the order is consistently applied during operation it does not matter which is first) and a checksum or other function is applied to the combined value to generate the security identifier.
  • Optionally, the security identifier 60′ or a part of the security identifier may be written to the tag in a field 63. Alternatively, it may be written so as to be integral to the data on the tag, for example as the last n digits of the user memory area. In such an arrangement, reprogramming of the tag changes or deletes the security identifier and can immediately be spotted without needing to recomputed the security identifier.
  • Preferably, the tag includes a unique identifier written in a field 64 (it may also or alternatively be etched on to the tag or its packaging, or otherwise linked to the tag).
  • Preferably, the security identifier is linked to the unique identifier in the data repository 40. The data repository may be indexed by the unique identifier of tags, for example, and is arranged to receive communications specifying or requesting security identifiers by unique identifier.
  • The tag reader 20 is configured to read data from a memory of a presented programmable tag 60. A security identifier 60″ is generated from the read data (either by the reader or by a device or service to which the reader communicates the read data). The security identifier 60″ is then compared to a previously calculated security identifier 60′ for the tag 60 that is held in the data repository 40 to authenticate the data in the memory. if the data is manipulated, the tag 60# would have data such that a different security identifier 63# would be created when the function is next applied to the data 61#, 62#. Authentication would fail as the comparison to the identifier stored in the repository would report a mismatch, as shown in FIGS. 3 and 4.
  • In one example, the data repository may operate as a service, returning the previously calculated security identifier 60′ upon presentation of the corresponding unique identifier for the tag. In another example, the data repository may receive both the unique identifier and read data or the unique identifier and calculated security identifier and return an authentication result (thereby reducing calculations needed to be performed by the reader and also reducing risk that a stolen reader or writer could be reverse engineered to determine the function used to calculate security identifiers).
  • To further increase security, the function generating the security identifier need not necessarily operate on all of the data in the user memory area and may, for example, be configurable to operate on a selected bit pattern or the like. In such an arrangement, the bit pattern may be linked to the unique identifier and stored or otherwise referenced in the data repository.
  • The security identifier may be stored in the tag, either in its own field or at the start/end of or elsewhere in the user memory area. In the latter case, in a similar way to the bit pattern, a mask or other data identifying position of the security identifier could be stored to allow this to be recovered (or else dropped from the user memory area before the security identifier is re-computed at read time).
  • FIG. 5 is a schematic diagram of a control system according to another embodiment of the present invention.
  • The embodiment of FIG. 5 corresponds to that of FIGS. 1 and 2 but includes a backup data repository 100 to which the tag writer 30 writes data 60* that is used to generate the security identifier against the tag's unique identifier. Upon a tag failing authentication, the tag reader 20 triggers re-writing of the data in the tag based on the data 60* in the backup data repository 100. Optionally or alternatively, some or all of the data in the backup data repository may include default values for the tag.
  • The device performing the check of a tag (a kiosk for example) could reprogram the tag with the correct data. This may be automatic or subject to customer or staff approval via a user interface at the kiosk or at a remotely manned workstation or the like. Optionally, the security flag (which triggers alarms at exit to a building etc) may be set by default if the tag is reprogrammed, irrespective of whether it was previously enabled or disabled according to the backup data repository 100. This allows for detection of someone interfering with tags.
  • It is to be appreciated that certain embodiments of the invention as discussed below may be incorporated as code (e.g., a software algorithm or program) residing in firmware and/or on computer useable medium having control logic for enabling execution on a computer system having a computer processor. Such a computer system typically includes memory storage configured to provide output from execution of the code which configures a processor in accordance with the execution. The code can be arranged as firmware or software, and can be organized as a set of modules such as discrete code modules, function calls, procedure calls or objects in an object-oriented programming environment. If implemented using modules, the code can comprise a single module or a plurality of modules that operate in cooperation with one another.
  • Optional embodiments of the invention can be understood as including the parts, elements and features referred to or indicated herein, individually or collectively, in any or all combinations of two or more of the parts, elements or features, and wherein specific integers are mentioned herein which have known equivalents in the art to which the invention relates, such known equivalents are deemed to be incorporated herein as if individually set forth.
  • Although illustrated embodiments of the present invention have been described, it should be understood that various changes, substitutions, and alterations can be made by one of ordinary skill in the art without departing from the present invention which is defined by the recitations in the claims below and equivalents thereof.

Claims (20)

What is claimed is:
1. A tag writer for a programmable tag, the tag writer being operable to generate a security identifier during writing of data to the tag, the security identifier being dependent on one or more of the data written, data already on the tag, metadata associated with the data, the tag and/or the writing of the data.
2. The tag writer of claim 1, wherein the security identifier is a selected one of a checksum, hash or encrypted digest.
3. The tag writer of claim 1, wherein the tag writer is arranged to write the security identifier to a remote data repository for future authentication of the tag and security identifier.
4. The tag writer of claim 1, wherein the security identifier is derived from security status data held by the tag and/or content of a user memory area of the tag.
5. The tag writer of claim 1, wherein at least a part of the security identifier is written integrally to the data on the tag, wherein reprogramming of the tag changes or deletes the security identifier.
6. The tag writer of claim 3, wherein the tag includes a unique identifier, the tag writer being arranged to link the security identifier to the unique identifier in the remote repository.
7. The tag writer of claim 6, wherein the unique identifier is physically written on one or more of the tag and its packaging and is obtained from the tag and/or packaging for writing of the security identifier to the remote repository.
8. The tag writer of claim 1, wherein the tag writer is further arranged to write data on the tag from which the security identifier is derived to a backup data repository.
9. The tag writer of claim 1, wherein the tag writer is operable to use a subset of data on the tag to generate the security identifier.
10. The tag writer of claim 9, wherein a pattern to determine the subset is encoded for the tag in a remote data repository, the tag writer being arranged to retrieve the pattern and use it to determine the subset.
11. The tag writer of claim 1, wherein the tag is an RFID tag.
12. A tag reader operable to read data from a memory of a programmable tag and generate a security identifier from the read data, the tag reader being arranged to compare the security identifier to a previously calculated security identifier for the tag to authenticate the data in the memory.
13. The tag reader of claim 12, wherein the tag has a unique identifier, the tag reader being arranged to use the unique identifier to retrieve the previously calculated security identifier from a remote data repository.
14. The tag reader of claim 13, wherein the unique identifier is physically written on the tag or its packaging, the reader including a user interface to receive the unique identifier.
15. A method for writing to a programmable tag comprising:
generating a security identifier during writing of data to the tag, the security identifier being dependent on one or more of the data written, data already on the tag,
metadata associated with the data, the tag and/or the writing of the data; and,
storing the security identifier for future authentication of the tag and security identifier.
16. The method of claim 15, wherein the step of storing includes writing the security identifier to a remote data repository for future authentication of the tag and security identifier.
17. The method of claim 15, further comprising deriving the security identifier from security status data held by the tag and/or content of a user memory area of the tag.
18. The method of claim 15, further comprising writing at least a part of the security identifier integrally to the data on the tag, whereby reprogramming of the tag changes or deletes the security identifier.
19. The method of claim 16, wherein the tag includes a unique identifier, the step of writing including linking the security identifier to the unique identifier in the remote data repository.
20. The method of claim 19, wherein the unique identifier is physically written on one or more of the tag and its packaging, the method further comprising obtaining the unique identifier from the tag and/or packaging for writing of the security identifier to the remote repository.
US14/500,125 2013-09-30 2014-09-29 Reader, writer and method for programmable tags Abandoned US20150116095A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US15/378,496 US10152618B2 (en) 2013-09-30 2016-12-14 Reader, writer and method for programmable tags

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
GB201317292A GB201317292D0 (en) 2013-09-30 2013-09-30 Control system nad method for programmable tags
GB1317292.9 2013-09-30

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US15/378,496 Continuation US10152618B2 (en) 2013-09-30 2016-12-14 Reader, writer and method for programmable tags

Publications (1)

Publication Number Publication Date
US20150116095A1 true US20150116095A1 (en) 2015-04-30

Family

ID=49585065

Family Applications (2)

Application Number Title Priority Date Filing Date
US14/500,125 Abandoned US20150116095A1 (en) 2013-09-30 2014-09-29 Reader, writer and method for programmable tags
US15/378,496 Active US10152618B2 (en) 2013-09-30 2016-12-14 Reader, writer and method for programmable tags

Family Applications After (1)

Application Number Title Priority Date Filing Date
US15/378,496 Active US10152618B2 (en) 2013-09-30 2016-12-14 Reader, writer and method for programmable tags

Country Status (4)

Country Link
US (2) US20150116095A1 (en)
EP (1) EP2876582B8 (en)
DK (1) DK2876582T3 (en)
GB (2) GB201317292D0 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180076855A1 (en) * 2016-09-14 2018-03-15 Sony Corporation Nfc device, reader/writer device and methods for authorizing and performing an update
US20190077449A1 (en) * 2016-03-04 2019-03-14 Nidec Corporation Power conversion device, motor drive unit, electric power steering device, and relay module
US11488228B2 (en) * 2016-12-12 2022-11-01 Cacotec Corporation Electronic care and content clothing label

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9811697B2 (en) * 2015-09-04 2017-11-07 International Business Machines Corporation Object tracking using enhanced video surveillance through a distributed network

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5008661A (en) * 1985-09-27 1991-04-16 Raj Phani K Electronic remote chemical identification system
US6052062A (en) * 1997-08-20 2000-04-18 Micron Technology, Inc. Cards, communication devices, and methods of forming and encoding visibly perceptible information on the same
US20040134994A1 (en) * 2003-01-15 2004-07-15 Hewlett-Packard Development Company, L.P. Secure physical documents, and methods and apparatus for publishing and reading them
US6885288B2 (en) * 2001-08-08 2005-04-26 Ge Medical Technology Services, Inc. Method and apparatus for accessing medical asset data
US8049594B1 (en) * 2004-11-30 2011-11-01 Xatra Fund Mx, Llc Enhanced RFID instrument security

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8185744B2 (en) * 2006-09-08 2012-05-22 Certicom Corp. Aggregate signature schemes
KR100834701B1 (en) * 2006-11-30 2008-06-02 주식회사 케이티프리텔 Rfid tag issue system and method, rfid tag authorization system and method
US8422398B2 (en) * 2008-01-23 2013-04-16 Zebra Enterprise Solutions Corp. Media access control (MAC) for an active RFID system
KR101023558B1 (en) * 2008-02-27 2011-03-21 (주) 씨이엔 Method for Accessing Dynamic Split RFID Memory, RFID Tag, RFID Terminal and Recording Medium
JP5337582B2 (en) * 2009-06-01 2013-11-06 株式会社日立製作所 Validity-guaranteed ID generation method and validity-guaranteed RFID tag
JP2012194943A (en) * 2011-03-18 2012-10-11 Mitsubishi Electric Corp Reader writer device
FR2982688B1 (en) * 2011-11-16 2013-11-22 Schneider Electric Ind Sas METHOD AND SYSTEM FOR SECURELY DETECTING AN RFID ELECTRONIC LABEL
CN103473592B (en) * 2013-09-25 2016-05-11 成都市易恒信科技有限公司 A kind of label off-line authenticating method and device based on CPK system

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5008661A (en) * 1985-09-27 1991-04-16 Raj Phani K Electronic remote chemical identification system
US6052062A (en) * 1997-08-20 2000-04-18 Micron Technology, Inc. Cards, communication devices, and methods of forming and encoding visibly perceptible information on the same
US6885288B2 (en) * 2001-08-08 2005-04-26 Ge Medical Technology Services, Inc. Method and apparatus for accessing medical asset data
US20040134994A1 (en) * 2003-01-15 2004-07-15 Hewlett-Packard Development Company, L.P. Secure physical documents, and methods and apparatus for publishing and reading them
US8049594B1 (en) * 2004-11-30 2011-11-01 Xatra Fund Mx, Llc Enhanced RFID instrument security

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20190077449A1 (en) * 2016-03-04 2019-03-14 Nidec Corporation Power conversion device, motor drive unit, electric power steering device, and relay module
US20180076855A1 (en) * 2016-09-14 2018-03-15 Sony Corporation Nfc device, reader/writer device and methods for authorizing and performing an update
US10277283B2 (en) * 2016-09-14 2019-04-30 Sony Corporation NFC device, reader/writer device and methods for authorizing and performing an update
US20190215033A1 (en) * 2016-09-14 2019-07-11 Sony Corporation Nfc device, reader/writer device and methods for authorizing and performing an update
US11336333B2 (en) * 2016-09-14 2022-05-17 Sony Corporation NFC device, reader/writer device and methods for authorizing and performing an update
US11488228B2 (en) * 2016-12-12 2022-11-01 Cacotec Corporation Electronic care and content clothing label

Also Published As

Publication number Publication date
US20170103238A1 (en) 2017-04-13
GB201417266D0 (en) 2014-11-12
EP2876582A3 (en) 2015-07-29
US10152618B2 (en) 2018-12-11
EP2876582B1 (en) 2018-04-11
EP2876582A2 (en) 2015-05-27
DK2876582T3 (en) 2018-07-16
EP2876582B8 (en) 2018-05-23
GB2520607A (en) 2015-05-27
GB201317292D0 (en) 2013-11-13

Similar Documents

Publication Publication Date Title
US10152618B2 (en) Reader, writer and method for programmable tags
US7482929B2 (en) Point-of-sale activation of consumer electronics
US20110068893A1 (en) Rfid fingerprint creation and utilization
US9007214B2 (en) Security tag with display and price changing system
US20130169413A1 (en) Method and system for detecting an item being removed from an establishment without authorization using radio frequency identification
US20090273450A1 (en) Object Tracking
CN103324962B (en) electronic article surveillance
US20080128498A1 (en) System, method, and apparatus for high value product management and tracking
US11521156B2 (en) Trustable product delivery with RFID and smart chip
CN103955839A (en) Anti-fake traceability system, method and platform based on RFID
EP2854072B1 (en) Device and method for bulk encoding tags
CN104951819A (en) Method for checking information by radio frequency identification
Liu et al. The application of RFID technology in production control in the discrete manufacturing industry
US20190325178A1 (en) Monitoring apparatus and method for casino chip management
US20080162167A1 (en) Commodity logistics service system and a counterfeit-impeding method thereof
KR101143729B1 (en) Method for preventing reproduction of nfc tag and system thereof
US11854020B2 (en) Multi-dimensional approach to anti-counterfeiting across different industries
JP4713379B2 (en) Apparatus and method for ownership verification
KR101041217B1 (en) System for Electronic Article Surveillance based on Radio Frequency IDentification
US20180184144A1 (en) Apparatus and method for asset-based video access
US7374086B2 (en) Protection of items within stores
KR100705953B1 (en) Method and system for preserving goods from counterfieting by using rfid
RU2008112161A (en) RF IDENTIFICATION SYSTEM AND SECURITY SYSTEM
EP2495690B1 (en) Transponder and method for monitoring access to application data in the transponder
JP2011008308A (en) Individual-item information management device and method

Legal Events

Date Code Title Description
AS Assignment

Owner name: BIBLIOTHECA LIMITED, UNITED KINGDOM

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:CHADBOURNE, ANDREW;REEL/FRAME:034725/0058

Effective date: 20141209

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION