Change search
ReferencesLink to record
Permanent link

Direct link
Privacy in RFID Transit Systems: A case study of SL - Storstockholms Lokaltrafik
KTH, School of Information and Communication Technology (ICT).
2015 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Radio Frequency Identification (RFID) is a technology that facilitates wirelesscommunication. It is being widely used for access control purposes to aid administration ofservices. As with most wireless technologies, RFID has its challenges, due to its medium (radio waves) of communication, which makes it susceptible to signal interception and other possible attacks. The goal of this project is to investigate the insecurities in the implementation of the RFID system in transit (Storstockholms Lokaltrafik, Stockholm) systems. Due to the nature of the system, spatial information about consumers are accumulated over time thereby attracting some level of interests either legitimate or illegitimate, and raising some concerns. This thesis, takes into consideration the vulnerabilities of the RFID system and the potential security risks consumers of the system are exposed to, a detailed analysis is carried out on the existing infrastructure with the goal of exposing the shortcomings of the systems and proposing mitigating solutions.

After an extensive work, seven (7) threats to privacy and security of RFID users were elaborated. Also discussion, about how different legislations around the world enforced data handling regulations in relation to commuter data, is carried out. Finally, most recent threats to consumer privacy are taken into consideration, as well as security in the mass transit field to put together a list of recommended safe practices.

The work shows that RFID does pose significant threat to consumer privacy. One might argue that RFID has its benefits in its various implementations. However the fact remains that there are issues with regards to privacy that must to be addressed.

Place, publisher, year, edition, pages
2015. , 55 p.
TRITA-ICT-EX, 2015:155
Keyword [en]
RFID (radio frequency identification), Consumer Profiling, Data mining, Behavioral targeting, Data protection, Privacy
National Category
Computer and Information Science
URN: urn:nbn:se:kth:diva-177584OAI: diva2:873452
Available from: 2015-11-25 Created: 2015-11-24 Last updated: 2016-11-14Bibliographically approved

Open Access in DiVA

fulltext(1048 kB)11 downloads
File information
File name FULLTEXT02.pdfFile size 1048 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 11 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 72 hits
ReferencesLink to record
Permanent link

Direct link