The current invention relates to methods and devices for protecting privacy and countering fraud via proprietary data protection, by prevention of unauthorized extraction and unauthorized use of information. More particularly, the current invention pertains to non contact Radio frequency Identification (RFID) countermeasures & spoofing devices using different passive and active layers.
Cyber crime, cyber warfare and electronic warfare exhibit evolution from predominately military problems toward commercial and civilian problems. Cost effective solutions may be needed to protect military, industry and civilians from serious privacy and identity vulnerabilities in an increasingly complex communications and electronic surveillance environment. In environments where hackers can promulgate viruses and worms causing potentially serious damage to infrastructure, power generation and/or public transportation a multi-layered protection strategy may be of interest. Fraud may represent but one aspect of the security problems, but the fraudulent acquisition and misuse of privileged information warranting protection which may include, but not be limited to, personal, financial, and/or identity-related information may be among priority interest at least because of the ubiquity and frequency of use.
In addition, logistics networks, [commercial, military and government sectors], are significantly increasing the use of RFID inventory networks for warehouse, container staging areas, maritime shipping, commercial tools, department stores and tracking aerospace parts or even munitions or dangerous hazardous waste; all now vulnerable to electronic eavesdropping and hostile tracking & surveillance. Also, proprietary, personalized, and/or privileged information and data may be contained and supported by variety of commonly used objects and media including, but not limited to: identification cards and passes, personal identification documents and chips, credit and debit cards, department store cards, restricted access cards and chips, electronic keys, electronic passes and tickets, boarding cards and passes, luggage and parcel identification labels and chips, public transportation tickets and passes, parking tickets and passes, laundry labels and smart cards, electronically-enabled receipts, electronic toll passes, electronically-encoded objects and documents, and combination of the listed media,
Having in mind diverse and expending practice of incorporating a variety of electronically identifiable non-contact RFID technologies, chips, and pins in modern contactless credit cards, ID cards and passport, these contactless cards and passports may become vulnerable to fraud. For example, a simple mobile RFID reader and a laptop computer may interrogate a RFID card and obtain the users credit card information or encoded RFID data if not adequately protected.
Contactless technologies, including starboards, proximity cards, and RFID-based devices are constantly increasing in ubiquity in such applications as access control and payment systems. These contactless technologies are vulnerable to a class of relay attacks using NFC enabled mobile phones called “ghost-and-leech” or “relay-and-proxy” attacks. This is difficult to defend using encryption techniques because the relay does not change the encrypted card information or corrupt the EPC or UPC data,
This may be subsequently used to purchase items or steal personalized, protected, or identity-related information. A variety of spoofing devices in accordance with the current invention may provide a choice of countermeasures using, for example, an RFID chip, antenna and parasitic element, or multiple independent or array elements to enhance a spoofing signal in order to spoof the intruder signal who is trying to read the card unobtrusively. One feature of the RF spoofing device of the current invention may include a card number where the encoded preassigned numbers or encryption codes may be readily accessible by the protective entities including, but not limited to, United States government, credit card company fraud division, credit ratings agencies, major credit bureaus, banks, law enforcement, homeland security, medical privacy groups, and/or the fraud divisions of stores or credit card companies at the point of sale, on line, or in middleware,
Virtually all authorizing issuing agencies or organizations responsible for programming RFID devices may provide a preassigned spoof code that indicates when a fraudulent transaction may be occurring at the point of sale; allowing the user or the violator to be detained by security personnel, a security photo to be taken, alert store or mail security supporting service institutions, and/or the service provider who may need to testify that the incident took place. A passive deceptive spoofing device with pre assigned coded information may also be useful for tracking “on-line” fraudulent transaction attempts, and attempts at identity information misappropriation.
Possible applications of different embodiments of the current invention may be in domains of supply chain management, automated payment, physical access control, counterfeit prevention, airline baggage management, smart homes and/or offices. The RFID tags may also be implanted in different kinds of personal and consumer goods, partially assembled cars, sidewalks, wails, frozen meals, ski-lift passes, laundry smart-cards, clothing, E-ZPass® toll collection devices, and/or public transportation tickets, even in individuals or animals for a variety of anti eavesdropping applications, Law enforcement firearms, expensive tools, merchandise, high value aerospace parts are a partial listing.
Implantable RFID tags for human and animals [pets & livestock] that include security and health information may represent significant growth potential. Integration of spoof chip information as protection in existing animal libraries provides anonymity for valuable animals or in the future protection for human beings or prescription drugs with. RFID implanted information. As a current example, some implantable identification RFID device from PositiveID Corporation of Delray Beach, Fla. (formerly known as VeriChip™) may be reduced to approximately the size of a grain of rice. Protective devices and methods in accordance with the current invention may be implemented, to protect implantable RFID devices, inter alia, in a passive configuration as adhesive multilayered covers implemented on the body surfaces, incorporated in protective garments or wearable items, or incorporated into external obscuring shielding assemblies. In an active form embodiments, protective spoofing devices may include multichannel emitters arranged appropriately to radiate protective signals into a protected volume, for example using distributed and/or mutually correlated antenna configurations including but not limited to loop antennas, rod antennas, disc-cone antennas, end fire arrays, E-Plane notches, meander line antennas, spiral antennas, printed log periodic antennas, dish antennas, slot arrays, surface-mounted antennas and arrays, dipole and multipole antennas, antennas including reflectors, directors, horns, waveguides, strip lines, laser antennas, fluid components (incorporating conductive, semi-conductive or dielectric solids, liquids, gasses or plasmas).
It may be noted that particular antenna configurations or combination may vary in accordance with particular embodiment but should still be understood by practitioners as a variation of devices and methods under the scope of the current invention.
A method for prevention of unauthorised acquisition and use of privileged information including steps of: generating a spoof signature and associating the signature with the privileged information such that the spoof signature can be acquired during the unauthorized acquisition of the privileged information; establishing an identifying processor arranged to identify the at least one spoof signature, to classify attempts of unauthorized use of the privileged information, and generates at least one authorization for at least one predetermined set of actions organized to prevent the unauthorized use of the privileged information; and communicating authorizations to a party proximal to the at least one unauthorised use of the privileged information in time sufficient for interruption of the unauthorized use of the privileged information.
The current Invention may be better understood by referring to the following description, which should be read in conjunction with the accompanying drawings of particular exemplary embodiments. This description of the illustrated embodiment, set out below to enable one to build and use an implementation of the invention, is not intended to limit the invention, but to serve as a particular example thereof. Those skilled in the art should appreciate that they may readily use the conception and specific embodiments disclosed as a basis for modifying or designing other methods and systems for carrying out the same purposes of the present invention. Those skilled in the art may also understand that such equivalent assemblies do not depart from the spirit and scope of the invention in its broadest form.
An exemplary schematic representation of a prior art (one of many possible) unauthorized extractions and criminal misuse of information stored on unprotected RFIDs is illustrated in
In
Alternatively, uses of “Relay-and-Proxy” or “Leech-and-Ghost” attack schemes are also known. For example, using an NFC enabled, mobile smart phone using one “Leech” or “Relay” phone for skimming and a “Ghost” or “Proxy” phone for purchase in another location (e.g. different city) are also known. Similar basic scam may used to contact by a mobile phone 120, a thief 209 operating a computer terminal to place a product order on line or via telephone, When the products are delivered to a drop location thieves or stringer 103 may be used to deliver the product to a fence for cash.
Embodiments of protective methods and devices of the current invention for protection against certain unauthorized extractions and criminal misuse of information stored on unprotected RFIDs are schematically illustrated in
In
In the embodiment illustrated in
A different class of embodiment of the methods and devices in accordance with the present invention may be based on prevention of acquisition of electronic proprietary information and/or data from unauthorized reading. One such embodiment entitled “STOP A THIEF” [SAT] is descriptively illustrated in
One may note that the current invention is not limited to the illustrated sizes and may include layers of bank check size, various not buck sizes, or any other appropriate size arranged for convenient insertion into wallets, clothing, name tags, luggage, clothing, and even bandages for person, animal, and livestock privacy and/or proprietary data protection.
Yet another embodiment of the present invention entitled “CATCH A THIEF” CAT is schematically illustrated in
In addition, as illustrated in
Furthermore, in an embodiment related to one illustrated in
Yet another embodiment illustrated in
Shown in
Further embodiments are illustrated in
In some versions of the embodiment illustrated in
In particular embodiments, an accelerometer 720 may initiate, for example, a Gauss Espionage Trojan [GET] which may utilize basic encryption of the spoofing attack payload via plethora of hash iterations on attributes of a mobile phone or attacker host computer system. This spoof malware may, thereby, be surreptitiously introduced info a hostile attacker or eavesdroppers' cyber processing system on a computer or in a cloud.
Similarly,
Also, in the case of hostile intent or electronic eavesdropping on privacy or privileged information on Smart ID card microprocessor chips may be abed and programmed to control functions of separate Chips 310. As recited above, this class of embodiments may also use Remotely Accessible Trojans [RATs] and/or counter offensive polymorphism malware with automatic generation of code variants to defeat signature recognition by antivirus programs. Furthermore, with these variants it may be possible to inject malware; botware into hostile or fraud related electronic eavesdropping. Thereby, defensively using a Flashback Trojan [FT] with basic encryption to bind to downloaded module in an attackers computer or Over The Air [OTA] processing network. In particular, in exemplary embodiments pertinent to the illustrations in
In alternative embodiments an absorptive layer with matching slow wave ability a conductive ground plane or carbon nanotube film with embedded or etched parasitic reflective antenna elements on an anti static plastic or conductive sheet may be employed. Also, signals blocking combinations of additional layers (e.g. LAYER #3 & LAYER #4 may be used separately or layered with different embodiments of layers such are LAYERS #1 and #2.
Additionally, layer (or layers) corresponding to the additional layers may include electromagnetic layered flexible cloth or paper sheet embedded with a carbon base composite slow wave structured or RF absorptive coating. Even further, additional layers (e.g. corresponding to the LAYER #4) may include embedded reflective dielectric elements and may incorporate anti-static materials compounds, carbon nanotube films or layers, and/or combinations of the above materials.
In a particular embodiment, LAYER #3 may incorporate (but not limited to): an outside layer fine static free film, or sheet (e.g. 2.61 inches high×6.14 inches wide×0.0043 inches thick). In a different exemplary embodiment an inner sandwich layer may incorporate magnetic shield and electric field attenuative laminated, iron on, or adhesive-bonded as or, if required, absorptive layer of shielding and conductive film or fabric such are, but not limited to, polyester Nickel-Copper-Nickel-Ni cobalt alloy cloth, Aluminum or Copper foil, or sheet composite or carbon composite (CobalTex™, VeilShield™, RADIOSCREEN™, ARGENMESH™, STATICOT™, and/or similar commercially available materials and it's combinations.)
For example, 0.004″ to 0.058″ thick matching layer 1 outline or smart card 2.0″×3.25″ dimensions this layer may be imprintable stock and or Electro and Magnetic Field [EMF] absorptive and/or reflective (including high power Electromagnetic Pulses EMP), while the LAYER 14 (approximately 0.004″ to 0.058″) may be an imprintable protective layer of static free plastic on pure copper polyester taffeta, or imprintable laminated copper or aluminum sheet or foil laminated with imprintable polyester, polyethylene or customized metal paper. Such a layer also may contain any imprinting or advertising for a customer or instructional material useful to contact fraud protection organizations and emergency contact information. Such a layer may also be used for printing other instructive information on product use. In addition, LAYER #4, depending on particularities of different embodiments, could be a conductive thin or thick film suitable for printing multi color custom art or any information or instructions.
While the above embodiments (e.g.
In particular, some autonomous (“of the netted RFID grids or networks”) military or civilian embodiments may feature, as shown for example in
A class of embodiments utilizing local power elements and RF amplification is schematically illustrated in
A different active embodiment is illustrated in the schematic in
In another related embodiment the protection device may foe packaged in a 25 mm×12 mmx×10 mm wedge replicating known 12.0 mm×6.0 mm×3.0 mm wedge DST unit. Such fob wedge device [or similarly sized and configured device hung or adhesively fixed to a convenient precipitous location] may spoof the DST RFID hacker using an active group of frequency codes that may be factory installed or programmed off site. The active high level RFID signal may use a series of spoof encryption keys. These keys may use as defensive endless loop ciphers, faux ignition kill codes, and/or software viruses of worms to infect the fraudulent interrogation device. The software worm could be used defensively to damage the abusers interrogation tool or use a cipher that would squawk to another device monitoring the web at one of the world wide RSA encryption fraud monitoring centers. The defensive worms may only be activate when the interrogation device transmitted information, for example, via WIFI or internet connection below the level of awareness of the abuser, thereby providing and ID and GPS geolocation of the malevolent activity and fraudulent computer ID source.
Conceptually similar defensive devices of different embodiments may be associated with other portable electronic devices and prearranged to defend relatively extensive regions against the unauthorised data acquisition attempts. One such device 1210, associated with a cellular phone 1220, is schematically illustrated in
In a class of embodiments directed toward protection of information contained in a protected volume (e.g. stores, storage areas, storage terminals, airports, port facilities and similar) a plurality of interconnected active protective devices 1310 may be employed. In the illustrated embodiment, sensitive information on a protected cargo 1320 may be encoded on electronic media 1330 (e.g. RFID chips). This information may be protected by the active protective electronic devices 1310 either by continuous emission of a protective signal 1340 (spoofing and/or jamming), or may defensively react (either locally or by activation of portions of entire network) to attempt of unauthorised interrogation (e.g. by a portable hostile RFID reader 1350) by emission of the protective response signal 1340 as needed.
In some embodiments, the protective electronic devices may be controlled and information managed using an integrated management system 1355 operating remotely or globally and arranged to process information pertinent to the protected privileged information, attempts of unauthorized acquisition of such information, defensive actions of the active protective devices, optimization of spoofing and/or jamming activities, and initiation and execution of defensive actions and procedures intended to interrupt, prevent, or discourage current and future attempts of acquiring, distribution, and abusing the privileged information.
One may note that the entire protective system may foe integrated using a local WIFI network 1360, further connected, for example via the web 1370, with at least one enabling substantially global defensive strategies and capabilities of global defensive responses.
It may be of interest to also protect middleware and
cloud computers from viruses and worms. Virus infected tags can attack middleware and cause inventory control chaos. Internet and smart phones amplify risk of cyber attack, cost effective countermeasures are important to ensure the integrity of the readers, middleware and cloud authentication and fraud processing centers that exist for worldwide protection from major fraud. Malevolent software (malware) including worms and viruses may be of significant concern of homeland security where the malware has the potential of crashing and confusing industrial control systems [power plants, transportation, manufacturing lines] as well as warehouse and worldwide logistics operations [airport baggage, FedEx and ups] and emergency networks. There may be a need today to have industry incorporate countermeasure techniques in to RFID system applications. Worms and viruses may be designed to seriously effect and infect the current RFID system, population.
Many RFID tags may have limited amounts of storage; usually less than 1024bits. These may be regarded as small computers becoming federated worldwide as subsets to process control, transportation, retail, medical, manufacturing, and banking, credit, smart card and logistics networks. Threats may be countered using anti-hacker spoofing codes as pre initialized defensive viruses (or “antibodies” in an immunological analogy) or worms in an RFID tag. Recognition codes in middleware can recognize these signals giving a heads up to the system manager there is a hacker at work. Currently middleware is vulnerable to structured query language [SQL] attacks or bogus fags that can cause buffer overflows. Worms designed to self replicated and abuse the network and the cloud are practicable through overwhelming the system with data replicating copies of an RFID worm code. In addition a virus self replicating code that corrupts the RFID tags without requiring ad network be involve is also practicable. With a virus newly infected tags may infect the backend of the system and or shell to disrupt it.
Some of current data bases potentially vulnerable to infections may include (but not limited to): MY SQL [MY SQO-C-API], Oracle [OCI 10.2.0]; [SQL*PLUS], Postgresql [LIBPQAPI], SQL server [SQL distributed management objects].
Exploits may include:
a] Databases: simple SQL injection
b] Web based: client-side scription to exploit WMF bug
SSI exec commands
c] middleware: Glue code:
1] C and C* programmed memory may be vulnerable to buffer overflow.
2] Executing maleware shell commands
3] Buffer overflow, and others.
4] Randomly Accessible Trojan Horses [RAT's] and other malware including for example; [keylogger, screen capture, SHELL(command),password capture).
5] Malware targeted to compromise networks and access ID credentials.
Viruses, malvare, and worms may be written by hackers, cyber warfare organizations, sabotage, and terror attacks by using quines [that print their own source code] in conjunction with SQL commands using single and multiple quines. SQL virus can use quines for mysql and SQL injection may destroy part of a database by exploiting select query and executing shell commands. In addition polymorphic and metamorphic code variants with Trojans attached to freeware and AFP's are flooding the Banking and Financial cyber security platforms via SMS, downloading and human interface using thumbdrives. All in pursuit of Financial Fraud and Denial of Service attacks to disrupt commerce. In today's cyber world an attack on infrastructure and commerce is being examined as an act of war under international law.
Payloads may include:
destroy data using SQL injection,
denial of service using SQL injection,
reading data from the database,
execution shell commands using SQL injections,
client side scripting,
server side includes,
backdoors using shell commands,
executing code using shell commands,
binary code injections,
distributed denial of service [Ddos] saturation “zero day” attacks.
Other embodiments of the current invention may include devices and methods arranged to spoof HF, UHF or Microwave or multispectral RFID devices the same technology may be used to spoof optical devices: LED's or LCD's IR-LEDs, or lasers optical ID [OPID] devices; [there are developments in optical RFID at 333thz [900 nm], 380 THz [750 THz (400 nm) where layers 3 & 4 of the invention, would be effective]. In addition there are RFID antenna replacement alternatives using photovoltaic components and IR-LEDs or even LASER technology.
While specific values, relationships, materials and components have been set forth for purposes of describing concepts of the invention, it will be appreciated by persons skilled in the art that numerous variations and/or modifications may be made to the invention as shown in the specific embodiments without departing from the spirit or scope of the basic concepts and operating principles of the invention as broadly described. It should be recognized that, in the light of the above teachings, those skilled in the art can modify those specifics without departing from the invention taught herein. Having now fully set forth the embodiments and certain modifications of the concepts underlying the present invention, various other embodiments as well as certain variations and modifications of the embodiments herein shown and described will obviously occur to those skilled in the art upon becoming familiar with such underlying concepts. It is intended to include all such modifications, alternatives and other embodiments insofar as they come within the scope of the appended claims or equivalents thereof. It should be understood, therefore, that the invention may be practiced otherwise than as specifically set forth herein. Consequently, the present embodiments are to be considered in all respects as illustrative and not restrictive.
The current Application claims priority benefit of U.S. Provisional Application Ser. No. 61/598,572, filed Feb. 14, 2012, which is incorporated by reference herein in its entirety.
Number | Date | Country | |
---|---|---|---|
61598572 | Feb 2012 | US |