Feds find RFID uses

“Information Security: Radio Frequency Identification Technology in the Federal Government

Thirteen federal agencies are using or plan to use radio frequency identification (RFID), a technology that federal auditors say poses information security and privacy risks that must be mitigated.

Government Accountability Office auditors issued a 36-page research report last week in which they warn that, without effective security controls, data stored in microprocessor chips on RFID tags can be read by any compatible RFID reader.

The report also states that security measures are necessary to protect data as it is transmitted from being intercepted by unauthorized RFID readers. Other security measures must be taken to secure databases that store data collected from RFID readers, the auditors wrote.

In their survey, GAO auditors found that federal agencies have diverse uses for RFID tags, readers and databases. Energy Department officials are interested in detecting prohibited articles and tracking the movement of materials. Homeland Security Department officials cited border control, immigration and customs uses for the technology. Labor Department officials want RFID for tracking and locating case files. The State Department is putting RFID chips into e-passports.

Smart cards will be issued by federal agencies as secure identity credentials under a mandatory Homeland Security Presidential Directive 12 program will not use RFID chips, the report states.