Between iPhone and Android, 2010 should bring multiple announcements relating to RFID integration with smartphones. The conventional wisdom is that NFC will be the first RFID technology to see broad adoption, targeting mobile payments. But NFC has a range limit of just a few centimeters so I expect NFC to be a niche feature and a more fully-featured flavor of RFID will ultimately be what excites developers. For them, the current RF options on a smartphone — GPRS, WiFi, Bluetooth, GPS — are simply non-starters for the vast majority of RFID applications.
Much of the discussion about the capabilities of RFID is vague and in some cases, incorrect. One invaluable resource we can tap to avoid making poor long-term RFID platform decision is the past 10-20 years of RFID experience gained by enterprise customers like Walmart, Target, Metro, DoD, and others. Billions of dollars and lots of hype later, RFID’s success in the enterprise is mixed. Some customers, like the US Department of Defense, have reaped massive benefits, while others, like the legions of WalMart suppliers who were given an offer they couldn’t refuse around passive RFID, have mostly not been happy with the return on their RFID investments.
Many of the business reasons for RFID’s success or failure in the enterprise may not read directly on the applications for RFID and smartphones — how Walmart mandated that its suppliers tag pallets of pantyhose with passive RFID tags, for instance – there are nonetheless some fundamental lessons about RFID that are directly applicable to how RFID will be applied to smartphones.
First, a quick reading of the history of automatic identification technology suggests that enterprise will indeed show consumer markets the way for RFID similar to the way enterprise drove adoption of other ID technologies like barcodes. We’re printing around 10 trillion barcodes annually so there’s no debating the success of the technology. Similar analogs can be drawn from adoption of fax, email, and mobile telephony itself.
Second, the billions of dollars deployed against RFID projects in the enterprise over the past decade or so provide us with a rich portfolio of “lessons learned” about RFID that are ready to be applied to smartphones. My top five lessons learned as they apply to integrating RFID with smartphones are:
1. Buying, installing, and maintaining fixed RFID “reader” infrastructure can be expensive.
RFID “readers” — roughly similar in concept to a wifi access point or a cellular base station — acquire data from the RFID “tags” nearby. RFID tags can be passive (one-way, no battery, short range) or active (two-way comms capability, has a battery, long range, supports public key encryption and sensors). Historically, nearly all RFID readers were plugged into AC outlets and had ethernet cables for purposes of backhaul. Smartphones, however, have an opportunity to turn this infrastructure paradigm on its head and virtually eliminate the need for an AC outlet or an ethernet cable. (See this post for more background). Approaching RFID opportunities with this in mind should be at the forefront of any smartphone developer plans for RFID.
2. Open loop networks require global standards and low cost devices.
Mobile phones are part of open loop networks, in effect. Anyone with access to a phone can call someone with a mobile phone provided you have their number. Ditto internet email, SMS messaging, etc. All of these are based on global standards which allow someone in Japan to send an SMS message to someone in Brazil without the need for intermediary gateways to translate one protocol into another. Closed loop networks, on the other hand, are typically proprietary and only accessible to “members” of the network. Classified military communications networks, corporate VPN’s, and CompuServe are examples of closed loop networks. Basically, anyone can participate in an open loop network whereas closed loop networks are accessible to only some of us.
Enterprise experience with both passive RFID (e.g. NFC, EPC Gen2) and active RFID (DASH7) standards provides the smartphone community with global RFID standards from which to choose. For passive RFID, the market may have already spoken, as NFC deployments are well underway while operating with EPC Gen2 requires too much power for a smartphone battery to realistically handle. Since mobile payments apps will fail if NFC read ranges increase (due to heightened security/privacy fears), NFC appears locked into its current short-range paradigm for the foreseeable future.
So eliminating EPC Gen2 from contention and isolating NFC to extremely short range apps, the only serious RFID alternative for smartphones is active RFID. The global standard for active RFID is ISO 18000-7, aka “DASH7″, which provides the smartphone community with a robust two-way wireless platform for RFID applications that offers both long range (2 km+) and minimal power draw from the host batttery. (DASH7 battery life is routinely 5-10 years (!) in the enterprise, a huge attraction for developers.) Since DASH7 operates at 433 MHz, it can be deployed using the same 13.56 MHz silicon as NFC with minimal impact to the bill of materials.
Speaking of frequency, a corollary lesson to that of standards is the frequency itself. There is a great deal happening in the world of radio spectrum allocation and it’s not uniform from country to country or region to regionn. Some RFID technologies (and the distant cousins like ANT) selected 2.45 GHz as their “favorite” frequency because it’s a slice of spectrum that can accommodate high bandwidth apps like video, the spectrum does not require an FCC license, and 2.45GHz is globally available. The only problem with using “junk” bands like 2.45 GHz is that you are not the only one using it — 2.45GHz is a victim of something economists refer to as the “tragedy of the commons”, which means if the government provides free and unfettered public access to a valuable asset, eventually self-interested individuals will overwhelm the asset the point of making the asset useless. In pre-industrial revolution days, this resulted in the decimation of public lands by cattle owners who over-grazed on public lands, but today this results in the decimation of 2.45GHz by all sorts of applications including garage door openers, microwave ovens, WiFi, cordless phones, bluetooth, and more. 2.45GHz is full of interference and is really only safe for WiFi now. 433 MHz is the only globally available choice and besides, its signal propagation properties are simply terrific.
3. Attempts to re-purpose wireless broadband technologies like WiFi and Bluetooth for RFID have mostly gone nowhere. This will continue to be the case for smartphones.
Intuitively, we would all prefer to use “what we’ve got” rather than add yet another RF component to a smartphone. WiFi and Bluetooth are already baked into many smartphones (except in China, where WiFi integration into smartphones is stalled) but for purposes of RFID applications, neither technology has ever been taken terribly seriously by the enterprise. Why? First, both technologies are power hogs. If you have a Jabra bluetooth headset or have ever tried to maximize the hours you get out of laptop battery while surfing the net using wifi, you know just how quickly those batteries burn out. Second, both wifi and bluetooth are session-based protocols, designed from the ground up to replace a wireline session — like a “session” of streamed YouTube videos or a session of streamed Led Zeppelin MP3’s. This is of course great if you are streaming large files but if you are doing anything remotely similar to RFID – reporting the location and/or condition of an object, these technologies are overkill. Not only do they drain your battery faster, but they won’t work if the “tagged” object is in motion or if the smartphone itself is moving — WiFi and Bluetooth are “high latency” technologies that fail when you ask them to connect to things that move. RFID is about short, bursty messages that are often only a few bytes in length. DASH7= squirt gun. WiFi, Bluetooth = firehose.
Note: the bluetooth folks are promoting a new flavor of bluetooth called “low energy bluetooth” which is still some years away from widespread adoption but regardless is still designed for high-bandwidth transactions at short ranges. Lower power than today’s bluetooth for sure, but still using 2.45 GHz and seeking to replace headset and mouse cables. Bluetooth for cable replacement – sure. Bluetooth for RFID and sensor networks — no so much.
4. Passive RFID tags are like a cheap hotel on a Friday night.
Passive RFID reminds me of the cheap “hotels” you stay in while backpacking around Europe. You get a room for the night with a bed, but because the walls are so thin, your neighbors can hear everything you say and do and vice versa … and the sleep is often not restful. With passive RFID, you get a cheap way of acquiring an ID wirelessly, but with the risk that with some modest effort any amateur hacker/voyeur could intercept any of your communications.
This is a principle challenge for NFC adoption today vis-a-vis mobile payments. Even though an NFC-enabled phone needs to be within just a few centimeters of the NFC reader panel, end users still remain concerned that their banking information is being transported over public airwaves, reminiscent of the early days of Amazon.com when many were loathe to share credit card information online. Given the short range of NFC, I think their privacy issue is ultimately solvable and I look forward to ditching my credit cards in favor of an NFC-enabled phone.
However, for longer range passive RFID — usually discussed in the context of EPC Gen2 tags — the privacy matter is more serious. While enterprise customers have found it easy to rationalize this concern away, consumer markets can’t be waved off so easily. In fact, in many of my conversations with analysts, end users, and others about the vast potential for the “internet of things”, privacy is one of the top questions I get, irrespective of income, education, industry expertise, or experience with cheap hotels. The concerns about surveillance, particularly in the U.S., are strongly felt and the smartphone RFID innovators ignore this issue at their peril.
If you don’t know the encryption business as it relates to RFID, a one-way wireless technology like passive RFID can theoretically encrypt its ID’s using a “private” key approach. However, enterprise RFID companies have learned the hard way that for customers who care about encryption, private key-based approaches (e.g. DES or Triple DES) are insufficient and unacceptable. Especially in open loop networks. If a bad guy gets his hands on your private key via your smartphone, your bank account could be toast. For reasons I won’t get into here, your one-way passive RFID tag with private key encryption can still be “hacked”, as it were. So in sum, if encryption and, by extension, privacy is as big a deal as I believe it already is — passive RFID is a non-starter.
For open loop environments like smartphones, two-way active RFID is the only serious RFID option where security and privacy is a concern. Technologies like DASH7, for instance, support the exchange of keys under public key encryption. Note: enterprise requests for public-key encryption via RFID have been limited to-date and I don’t have much to share in terms of reference implementations. There are reasons for the slow uptake of public key encryption in the enterprise that I can get into in a different post. Regardless, the implementation of RFID in open loop networks combined with the existing concerns from the privacy community will require us to take this issue more seriously in the near future if RFID is to be successfully integrated with smartphones.
5. The enterprise is deploying sensors and smartphones will need to talk to them.
A huge driver of RFID and smartphone integration now and in the future will be the proliferation of very low cost MEMS sensing devices that are coupled with sub-1GHz radios like DASH7. Thus a batteryless passive RFID tag cannot support transmitting sensor data (the sensor needs a battery, after all), so all passive RFID technologies are in effect eliminated from serious consideration for integration into mobile handsets as readers. Mobile handsets can still function as passive RFID tags — as they do with NFC — but as readers, there are too many negatives to envision passive RFID reader capability getting serious traction on the handset.
I’ll write more in the future about the potential of smartphones to serve as the “go to” acquisition tool for wireless sensor networks everywhere, but hopefully if you are still reading this windy post, you agree that sensors will play a central role in the internet of things. There will be so many different implementations of sensors — traffic sensors, mildew sensors in your building, power meters, radiation in your warehouse, moisture sensors in your lawn — that the vast majority of sensors will be deployed not on smartphones themselves but as “tags” that a smartphone “reads”. Enterprise customers have been deploying sensors with RFID for years (e.g. the US DoD) and with the current and coming cost reductions in both MEMS devices and DASH7 systems-on-a-chip, nearly every semiconductor company I speak with sees an obvious path for accelerated sensor/RFID adoption.
Putting image recognition aside for a moment, the way we will acquire data about an indoor environments like this in the short term is via active RFID like 