Thank you for inviting me to speak to you today. It’s always a pleasure to come to Cal State San Marcos and the Southern California Innovative Users Group meeting is always a valuable place to learn new things. All slides and handouts are available from this website, so don’t feel like you need to rush to take notes. I don’t plan on taking more than 30-45 minutes, so there will be ample time for discussion at the end. I do want to encourage you to stop me at any time, however, if you don’t understand anything or if you do have a question. Survey: How many of you have heard of today’s topic? How many of you know what the acronym is for?
And no. It’s not pronounced ARFID. R F I D stands for Radio Frequency Identification.
Essentially, RFID tags are barcodes on steroids. They act as a unique identifier for an object to aid in workflow and inventory management. Libraries have lots of workflow and lots of inventory and librarians are always looking for ways to improve service. It seems like a natural match.
I’m going to split the talk into three sections. First – an overview of the technology so you can understand how it works Next – a discussion of why libraries may, or may not, want to use RFID Then – an idea of the big picture RFID issues outside the library world which will have an impact
Components of a complete system: Tags,Tag readers (wands, gates, circ units),Tag programming stations, Sorting equipment, Servers (some systems) Active vs. passive tags: active has internal battery, typically read/write, greater read range and higher transmission rate than less expensive passive tags. A tag, in a passive RFID system, is a little transceiver waiting to be turned on (and no, that doesn't happen by seeing a tag of the opposite sex). Passive tags get their power from the field generated by the reader, Tags: 13.56 MHz, this is high-frequency band defined by ISO 156930-2 international standard, but vendors put proprietary data on top so no interoperability. New standard ISO 18000-3 has been published. (Checkpoint, TAGSYS [proprietary], T.I.[I.S.O 156930-2]) 64-128 bits of memory 3 types: read, write-once/read many, read-write. Typical size: couple of inches square, 500 microns thick. Special media tags Readers: 16” for most, gates usually about 48” - multiple tags can be read simultaneously. Further range requires more power. Security bit or ILS query for checkout. Interface with ILS using SIP2 communication protocol MAJOR VENDORS: 3M, Bibliotecha,Checkpoint, Libramation, Vernon, VTLS, Flashscan,
The technology of RFID is not new. Electromagnetic radio waves are a fundamental element of the universe. Humans learned how began sending each other radio waves in the late 1800s. In the twentieth century technology developments such as radar, transistors, integrated circuits, microprocessors, and communication networks made RFID systems possible. Indeed, our current systems were predicted by as early as 1948. Commercial applications, such as anti-theft devices, developed in the 1960s. Checkpoint, one of today’s leading library RFID vendors was founded during this time. During the seventies and eighties scientific research and commercial development grew. Applications such as animal tracking, vehicle tracking, factory automation, personnel access, inventory supply chain management, and toll roads developed. The 1990s saw the beginning of interoperability as states cooperated on toll collection and faster read times as cars could pass through booths at highway speeds. Tags have become smaller, needing only a single circuit and new uses for the technology continue to be invented such as gaming chips, ski passes and the SpeedPass for purchasing gasoline. Innovation and commercial development continue to grow in the twenty-first century. [i] [i] Jerry Landt. (2001). Shrouds of Time: The History of RFID . Pittsburgh, PA: Association for Automatic Identification and Data Capture Technologies. http://www.aimglobal.org/technologies/rfid/resources/shrouds_of_time.pdf <6 August 2004>.
The use of RFID in libraries is a more recent development. The professional literature makes no mention of it until 1998 when American Libraries reported on Checkpoint RFID installations at Rockefeller University in New York City and “a public library in Gloucester County, New Jersey.” [i] Stefan Niesner, who researched the history of library RFID use for his thesis, says that Bukit Batok Community Library in Singapore launched the first installation in the world on November 21, 1998. The Chronicle of Higher Education reports that there are now over 300 libraries in the United States now using the technology. The number continues to grow, notwithstanding the ongoing controversy over their use. [i] American Libraries (?) 1: Sept 1998, p.80.
RFID scanners can read multiple items simultaneously . Barcode readers require a line-of-sight because they use light or laser to scan the code. This limits checking to one item at a time. Anti-collision algorithms ensure that each radio signal can be read accurately. More concurrent reads means faster checking. No more line-ups while somebody aligns every piece. Faster check-out could increase patron satisfaction with the library. The second benefit is faster, more accurate re-shelving. Automated sorters can reduce the time and labor involved in rough sorting returns. Fine sorting can be improved with inventory wands. The wands can indicate which books are out of order. Inventory management is a possibility. In house usage Decrease # of lost missing items. Labor savings – put people in public service instead of circulation Theft detection rates are claims – probably no better or worse than electromagnetic systems. Keeps honest people honest. Tags can be removed, gates can be subverted. Repetitive strain – SFPL consultants report less risky manouevers with RFID than with conventional circ (grasping, reaching, lifting)
Cost – 50-70 cents per plain tag. 70 cent tag * 400,000 items = $280,000 to convert collection w/o equipment or labor included. Special media tags cost around $1.00 -- and anecdotal evidence suggests that they don’t work that well. . Hardware costs in the thousands, sometimes tens of thousands of dollars. For example, self check machines can cost nearly $20,000. Inventory wands can cost between $4,000 and $8,000. Some vendors require the additional purchase of a computer server, or special software. And none of the prices includes ongoing maintenance contracts which can cost between eight and 15 per cent of the hardware price Also consider the cost of retrospective conversion. Return on investment currently anecdotal, more research needs to be done, hard numbers need to be crunched. Show me the money! Frequency blocking with tinfoil & with RSA technologies blocker tag. Sometimes need to alternate tags Caution is necessary when using sorters and wand readers. Users in the field have noticed that read times increase with the finest level of sorting. If you want accuracy within one book it will take longer than precision within three or four books. Also, some libraries have found it necessary to stagger the placement of tags on books to reduce signal interference with thinner books (such as children’s picture books) and sometimes items in a larger pile are missed going through the gate. The read accuracy declines when the number of items being simultaneous read increases. Items can be missed. This is because some RFID systems are based on a “reader talks first” type of communication, says Shai Robkin, president of Vernon Technology Solutions, an RFID vendor. “The security gates are attempting to read every tag in the field in order to determine if the designated security bit is either on or off, or to read the entire item identification number. Performance will suffer as there are more tags in the field. This degradation may not be apparent when there are only one or two tags in the field, but when you have five or more, the drop in detection is considerable, to the 70 per cent range.” Thus, the benefit of simultaneous reads is somewhat negated. The biggest concern getting media airplay is privacy/security.
You can see why there may be cause for concern with RFIG tags and privacy. Unauthorized reads -- hotlisting, hardware ID numbers, eavesdropping Unauthorized writes – DNS attacks possible if tags are writeable – security bits can be unlocked causing false alarms, item identifiers overwritten = confusion and lost books. Tracking reading habits – only if ILS gets hacked and that info routinely purged Geotracking – tracking movements Library Automation Technologies has developed encryption for the signals between tag and reader – not yet widely adopted. Kill and revive tags Security through obscurity is not good enough. Many of the risks are labor intensive and not practical but they are possible. Best practices and standards can mitigate the risk. These are a function of the wider RFID environment.
Legislation failed in California (twice), Utah. Massachusetts also considering it On federal level there have been calls for monitoring but these have also been unsuccessful to date. After the most recent bill died in California an industry-supported group is looking to introducing some new privacy legislation – even calling for a library representative to serve the concerns of libraries. No word yet on how it’s going.
The main standards pertaining to library RFID are SIP2 and ISO 15693 and 18000-3. SIP stands for Session Initiation Protocol. SIP2 manages the communication between the RFID system and the automated library system. All RFID vendors are SIP2 compliant but some tweaking may be necessary to get things working smoothly. Vendors have added proprietary modifications to the protocol. Librarians have to investigate how well their vendor plays with their particular library system. The deficiencies of SIP2 led the National Information Standards Organization (NISO) to develop a protocol to encourage better interoperability. The result was Z39.83-2002, the National Circulation Interchange Protocol (NCIP), approved as a ANSI/NISO standard in 2002. This standard is not yet implemented by all library RFID vendors. The ISO standards are used for the communication between tags and tag readers. ISO 15693 was originally designed for access control cards. It defines the physical chrematistics, air interface and communication protocol but doesn’t “account for what data is on the chip, how that data is formatted, or the read/write requirements of the RFID equipment.” [i] The ISO 18000 series of standards establishes RFID specific communication protocols. ISO 18000-3 is the standard which will be used for the 13.56 MHz RFID tags used in libraries. All of the vendors are ISO 15693 compliant but there is no interoperability between them because proprietary protocols are also added to the tags. ISO 18000-3 was recently approved and will be published in fall 2004. It should improve the ability to read a variety of vendor tags with one reader but there can still be differences in how each RFID system writes data to the tag. This means that vendors could say that their tags are ISO 18000-3 compliant while writing their own identifier to the tag. That means only tags with their identifier can be read by their readers. Thus, you are forced to use their tags. This is an issue for forward compatibility and interlibrary operations. If a vendor goes out of business or no longer works within the library market, then it is difficult to recoup the investment if another vendor’s tags or equipment won’t work with your legacy RFID system. The lack of interoperability will also be an issue for sharing materials if different libraries have different RFID systems, or if other libraries don’t use RFID at all. There may be a need to use a both barcode and RFID until the industry achieves mutual compatibility within its systems. Dual systems are, of course, an added expense. Librarians need to ask vendors if their equipment will read all tags and if their tags can be read by other vendors machines. One does not necessarily equate to the other. A related issue is the growing trend for jobbers and publishers to attach preprogrammed RFID tags to books. What if the book industry decides to use tags with a different standard? It is good to question vendors currently using ISO 15693 on their migration plans to ISO 18000-3. These standards also impact the security of the RFID system. For example, the ISO 18000 standards specify how signal collision avoidance works, how data is written to the tags and whether that data can be write protected. ISO 18000-3 comes in three different modes which do these tasks differently and have different security vulnerabilities. [i] Librarians can not require vendors to address the threats unless they understand the privacy implications of the standards upon which their solution is based. [i] Molnar and Wagner (2004). [i] David Dorman. “Technically Speaking: New Vendors Heating Up Radio Frequency ID Market,” American Libraries 33(3) Sept. 2002, p. 76
We went over how the technology works How it works in libraries and the pros/cons of using it Some of the bigger picture issues like privacy and interoperability and how they relate to legislative and standards environment. Complicated. No easy solution for any librarian. Keep asking questions of vendors, stay on top of the news. Get creative in using it if you do. Demonstrate the impact. What about finding aids cell phones +maps? In the end, limited only by your imagination but above all keep the users and their privacy in mind
Library RFID Laura J. Smart [email_address] http://www.libraryrfid.net/wordpress
AR EF EYE DEE <ul><li>R adio </li></ul><ul><li>F requency </li></ul><ul><li>ID entification </li></ul>
Uh-oh! <ul><li>Cost </li></ul><ul><li>Return on investment </li></ul><ul><li>Interoperability </li></ul><ul><li>Blocking </li></ul><ul><li>Security?? </li></ul>
RFID environment <ul><li>Legislation </li></ul><ul><li>Best practices </li></ul><ul><ul><ul><li>Standards </li></ul></ul></ul>
Best practices <ul><li>Planning </li></ul><ul><li>Policy </li></ul><ul><li>Notification </li></ul><ul><li>Review </li></ul><ul><li>Audit </li></ul>
Play well with others <ul><li>SIP2 / Z39.83-2002 NCIP </li></ul><ul><li>ISO 15693 / ISO 18000-3 </li></ul><ul><li>Implications </li></ul><ul><ul><li>Interoperability </li></ul></ul><ul><ul><li>Security </li></ul></ul>
Key points <ul><li>The horse is out of the barn – choose wisely how you will cope </li></ul><ul><li>Policies are necessary </li></ul><ul><li>RFID has big potential how will you make it different? (Imagine scenarios good & bad) </li></ul><ul><li>http://www.libraryrfid.net/wordpress </li></ul>