RFID Tag Data Security Infrastructure

By Joseph Pearson

For the pharmaceutical industry to create a secure supply chain using RFID technology at the item-level, it needs a broader and more flexible approach – one that encompasses all stakeholder requirements and provides a range of implementation options.

Raising consumer confidence about the authenticity of its prescription drugs is the end goal for the pharmaceutical industry, especially as the number of counterfeit, gray market and diverted products continues to climb. Radio Frequency Identification (RFID) technology, when combined with a secure tag and data infrastructure, can assure both package authenticity and pedigree while creating new revenue opportunities. And while manufacturers, distributors and retailers continue to expand collaborative RFID pilots and may agree on their goals, they’re not all on the same page when it comes to deployment methods.

Deploying RFID at the Item-Level
The industry is currently working toward the development of a new Item-Level Tagging (ILT) standard. The pharmaceutical industry is exploring RFID technology at the item-level because it offers external validation of a product’s authenticity and provenance. Determining if pharmaceutical products in the supply chain are genuine automatically and without human intervention is simply not economical without RFID. RFID tags applied to products within a secure infrastructure raise the level of confidence that the product is genuine on two fronts: by determining the authenticity of the packaging and by providing automated traceability to create an itemized electronic pedigree or record that an item has passed through authorized entities.

While all stakeholders in the pharmaceutical supply chain appreciate the value of these RFID benefits for item-level tagging, there are three essential elements necessary to move the industry from selective pilots to full-scale deployment:

1. participation by all segments – manufacturers, distributors and retailers
2. development of an item-level tagging specification
3. an information technology infrastructure that employs both centralized and decentralized applications.

Tag data security infrastructure
The ability to have deployment ‘options’ within a ‘standard’ ILT infrastructure is not an oxymoron. The Tag Data Security Infrastructure (TDSI) is a set of rules, specifications and common protocols that allow item-level tags and readers to work within and across the industry’s information technology ecosystem. First, it always supports network-based applications. Secondly, it bridges the centralized/decentralized infrastructure divide that exists among pharmaceutical sectors by augmenting network-based applications with the capability of anytime, anywhere authentication and product information.

The TDSI addresses the contentious points of whether or not to put product data (e.g. the National Drug Code (NDC)) on the tag; how to authenticate products; ways of ensuring consumer privacy and how to secure tagged products at the case, pallet and item level.

An ILT standard has yet to be defined, so the timing is right for RFID tag, reader and security technology providers to bring a fresh solution to the industry as it debates the specifications, rules, and methods of supply chain collaboration in the EPCglobal standards development process.

Functional requirements
An EPC number should be programmed onto the tag as the cornerstone for pharmaceutical product identification. The TDSI can be used to incorporate both network and off-network capabilities that support the available infrastructure in the pharmaceutical supply chain ecosystem. For example, to answer the question of where product data (NDC) should reside – on the tag or not – the TDSI can accommodate both scenarios by providing options as to how the EPC number contains product data: either encrypted on the tag or accessed through a network link. In the network scenario, a new version of an EPC numbering scheme is introduced which contains no product information in the data structure of the EPC. Here, the tag’s product data is held in a central database where it is referenced by the EPC number as a unique pointer.

For an EPC numbering scheme using SGTIN with encryption, the tag’s product data is digitally scrambled or signed using private key and cryptographic software in an RFID reader, and is only able to be decrypted by a reader with the appropriate corresponding public key and software. The product information can then be made available for local applications, such as smart shelves. And because the EPC number maintains its uniqueness, it can still be used as a unique pointer for network applications, like item-electronic pedigree.

The featured graphic illustrates how the TDSI works using encryption.

Elliptic Curve Cryptography (ECC) RFID security
A standardized cryptography method should be used as part of the TDSI for tag encryption and authentication. The Institute of Electrical and Electronic Engineers (IEEE) has developed the IEEE Standard 1363a ECC algorithm as a new standard for public-key cryptography. The US National Security Agency (NSA) has selected ECC as critical technology for protecting mission-critical national security information. NSA has defined two algorithm families for US Government communications: Suite A and Suite B. The Suite A family is secret algorithms. Suite B is a standardized set of algorithms designed to meet US Government requirements for sensitive but unclassified, secret and top-secret levels of security. Included in Suite B are ECC for the public key and key agreement protocols, and the Advanced Encryption Standard (AES). ECC security has many benefits in RFID applications because it allows:

• very fast signature creation ensuring no incremental delays in production line operation
• the equivalent level of security as 1,024-bit RSA encryption, while using considerably less tag memory
• the EPCglobal 96-bit product class information to be encrypted
• any standard reader to read the 96-bit number from an encrypted tag, and be able to forward it to the EPCglobal Network as a ‘pointer’
• readers equipped with the verification key to both authenticate the tag and decrypt the product class portion of the EPC number off-network

One of the primary advantages of ECC RFID security for ILT is that it employs conventional levels of Integrated Circuit (IC) processing capability used in supply chain RFID tags, thus achieving a higher level of security without increasing the chip’s complexity or cost. An ILT incorporating ECC RFID security requires a 64-bit Tag Identifier (TID) and 352 bits of user memory, which includes the EPC number, digital signature, and encrypted product information. It is expected that the new ILT air interface specification will incorporate faster data exchange rates, mitigating the time it takes to read and write to a tag when employing ECC RFID.

Achieving TDSI
As the definition of TDSI takes shape, its flexible approach is designed to support the important concerns of the various industry and government stakeholders. These concerns include product authentication, electronic pedigree, product information, consumer privacy, case, pallet and item-level security, supply chain data exchange, and a standards-based, interoperable infrastructure.

The TDSI is designed for flexible and secure ILT deployment throughout the supply chain. For it to become a reality, pharmaceutical manufacturers, distributors and retailers must agree on the rules, specifications and methods of deployment. The EPCglobal standards process provides a forum for both the pharmaceutical industry and the RFID technical community to share ideas and collaborate on a common course of action.

From a technical perspective, the various working groups currently in the process of defining the EPC ILT specification for HF and UHF should consider adopting the IEEE Standard 1363a ECC algorithm. To make the hardware infrastructure available to the industry, reader manufacturers and other RFID solution providers should incorporate the IEEE 1363a ECC standard into their devices as part of their product offerings.

In parallel with the introduction of the EPC Generation 2 specification, EPCglobal established a certification procedure to address both compliance and interoperability. EPC’s role in establishing an item-level specification should extend to the selection of a certifying authority for the public-key cryptographic infrastructure whose role it will be to issue certificates to authorized supply chain participants and manage the allocation of private and public keys.

Although outside the scope of the TDSI, additional security measures can be considered in the ILT standard such as password read/write and/or a kill command, which would completely deactivate the tag.

Prior to the availability of new ILT standard products, pharmaceutical supply chain participants can conduct TDSI pilots using ISO/IEC 15693 standard tags and readers because they have the required 64-bit TID user memory for deployment.

Joseph Pearson is a marketing manager for Texas Instruments (TI). He has led business development initiatives for TI’s authentication and pharmaceutical team, which is responsible for RFID asset tracking across a variety of industries. Throughout his 16 years within TI, Pearson has held a variety of instrumental positions in sales, marketing, and business development. Most notably he played a pivotal role in the technology and patent development for what became the ExxonMobil Speedpass. Pearson has been instrumental in the development of several RFID patents.