Real time authentication system for RFID applications

Abstract

Currently, the RFID (Radio\Frequency Identification) applications, such as banking (card payment), toll cards, access cards and package delivery do not use location information for authentication. These applications depend only on the informa- tion available in the RFID card to authenticate. This results in various security issues, such as unauthorized reading and relay attacks on RFID systems. Using the location information, a new level of security layer can be introduced into the authentication mechanism. The location information can be used by a back end server, such as a bank server to analysee the current location and compare it with predefined authorized locations for that particular card. In case of positive match, authorization is granted to the payment gateway to proceed with the transaction. This approach protects the tag owners from unauthorized transactions or misusage of RFID card. The location information can also be used by payment gateway to authenticate the card payment machines to be legal and in the registered premises. In case the machine is not in the registered premises, then the machine can be blocked. This makes the machine steal proof, as the machine would be useless in any other location.