NIST issues RFID guidelines on security

Agencies deploying radio frequency identification systems now have a set of security and privacy best practices to follow.

In a recent report, 'Guidelines for Securing Radio Frequency Identification Systems,' the National Institute of Standards and Technology recommended steps for mitigating security or privacy risks when deploying RFID.

The guidelines focus specifically on the use of RFID technologies for asset management, tracking, matching, and process and supply chain control.
Although RFID has the potential to improve logistics, reduce expenses and increase safety, it carries a risk of eavesdropping and unauthorized use, the NIST report states.

NIST prepared the report to meet requirements of the Federal Information Security Management Act of 2002 that it assist federal agencies in adequately securing their information technology systems.

Although intended primarily for a federal audience, the recommendations apply equally to the private sector, NIST said.

NIST's list of best practices includes installing firewalls between RFID databases and an organization's other IT systems, encrypting RFID signals, authenticating systems to identify approved users, shielding RFID tags to prevent eavesdropping, auditing procedures such as logging and time stamping to detect breaches, and disabling or destroying used tags to protect sensitive data.


  • senior center (vuqarali/

    Bmore Responsive: Home-grown emergency response coordination

    Working with the local Code for America brigade, Baltimore’s Health Department built a new contact management system that saves hundreds of hours when checking in on senior care centers during emergencies.

  • man checking phone in the dark (Maridav/

    AI-based ‘listening’ helps VA monitor vets’ mental health

    To better monitor veterans’ mental health, especially during the pandemic, the Department of Veterans Affairs is relying on data and artificial intelligence-based analytics.

Stay Connected