ISO 17367:2009

INTERNATIONAL ISO
STANDARD 17367
First edition
2009-11-15
Supply chain applications of RFID —
Product tagging
Applications de chaîne d'approvisionnements de RFID — Étiquetage de
produit
Reference number
©
ISO 2009
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but
shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In
downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat
accepts no liability in this area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation
parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In
the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.

©  ISO 2009
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means,
electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or
ISO's member body in the country of the requester.
ISO copyright office
Case postale 56 • CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.org
Web www.iso.org
Published in Switzerland
ii © ISO 2009 – All rights reserved

Contents Page
Foreword .iv
Introduction.v
1 Scope.1
2 Conformance and performance specifications.1
3 Normative references.1
4 Terms and definitions .3
5 Concepts .3
6 Differentiation within the layer.6
7 Data Content .8
8 Data security .12
9 Identification of RFID labelled material.13
10 Backup in case of RF tag failure.13
11 Tag operation.14
12 Tag location and presentation .17
13 Interrogator and reader requirements.18
14 Interoperability, compatibility and non-interference with other RF systems.18
Annex A (informative) Proposed guidelines for the verification and qualification of design and
manufacture for RFID chips and transponders for tyres .19
Annex B (informative) Table of useful data elements for product life cycle management .39
Bibliography.40

Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies
(ISO member bodies). The work of preparing International Standards is normally carried out through ISO
technical committees. Each member body interested in a subject for which a technical committee has been
established has the right to be represented on that committee. International organizations, governmental and
non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the
International Electrotechnical Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2.
The main task of technical committees is to prepare International Standards. Draft International Standards
adopted by the technical committees are circulated to the member bodies for voting. Publication as an
International Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this document may be the subject of patent
rights. ISO shall not be held responsible for identifying any or all such patent rights.
ISO 17367 was prepared by Technical Committee ISO/TC 122, Packaging, in collaboration with Technical
Committee ISO/TC 104, Freight containers.

iv © ISO 2009 – All rights reserved

Introduction
The supply chain is a multi-level concept that covers all aspects of taking a product from raw materials to a
final product including shipping to a final place of sale, use and maintenance and potentially disposal. Each of
these levels covers many aspects of dealing with products and the business process for each level is both
unique and overlapping with other levels.
This International Standard has been created in order to ensure compatibility at the physical, command and
data levels with the four other International Standards under the general title: Supply chain applications of
RFID. Where possible, this compatibility takes the form of interchangeability. Where interchangeability is not
feasible, the International Standards within this suite are interoperable and non-interfering. The International
Standards within the complete series of Supply chain applications of RFID include
⎯ ISO 17363, Supply chain applications of RFID — Freight containers,
⎯ ISO 17364, Supply chain applications of RFID — Returnable transport items (RTIs),
⎯ ISO 17365, Supply chain applications of RFID — Transport units,
⎯ ISO 17366, Supply chain applications of RFID — Product packaging, and
⎯ ISO 17367, Supply chain applications of RFID — Product tagging.
These International Standards define the technical aspects and data hierarchy of information required in each
layer of the supply chain. The air-interface and communications protocol standards supported within the
Supply chain applications of RFID International Standards are ISO/IEC 18000; commands and messages are
specified by ISO/IEC 15961 and ISO/IEC 15962; semantics are defined in ISO/IEC 15418; syntax is defined in
ISO/IEC 15434.
Although not pertinent to this International Standard, the work of
⎯ ISO/IEC JTC 1, Information technology, SC 31, Automatic identification and data capture techniques, in
the areas of air interface, data semantic and syntax construction and conformance standards, and
⎯ ISO/TC 104, Freight containers, in the area of freight container security, including electronic seals
(e-seals) (i.e. ISO 18185) and container identification
is considered valuable.
INTERNATIONAL STANDARD ISO 17367:2009(E)

Supply chain applications of RFID — Product tagging
1 Scope
This International Standard defines the basic features of RFID for the use in the supply chain when applied to
product tagging. In particular it
⎯ provides specific recommendations about the encoded identification of the product,
⎯ makes recommendations about additional information about the product on the RF tag,
⎯ makes recommendations about the semantics and data syntax to be used,
⎯ makes recommendations about the data protocol to be used to interface with business applications and
the RFID system, and
⎯ makes recommendations about the air interface standards between the RF interrogator and RF tag.
This International Standard only addresses product tagging and does not address product packaging.
2 Conformance and performance specifications
All of the devices and equipment that claim conformance with this International Standard shall also conform to
the appropriate sections and parameters specified in ISO/IEC TR 18046 for performance and
ISO/IEC TR 18047-6 (for ISO/IEC 18000-6, Type C) and ISO/IEC TR 18047-3 (for the ASK interface of
ISO/IEC 18000-3, Mode 3) for conformance.
NOTE Annex A gives an illustrative example of an industry-specific conformance/quality document.
3 Normative references
The following referenced documents are indispensable for the application of this document. For dated
references, only the edition cited applies. For undated references, the latest edition of the referenced
document (including any amendments) applies.
ISO 445, Pallets for materials handling — Vocabulary
ISO 830, Freight containers — Vocabulary
ISO/IEC 15418, Information technology — Automatic identification and data capture techniques — GS1
Application Identifiers and ASC MH10 Data Identifiers and maintenance
ISO/IEC 15434, Information technology — Automatic identification and data capture techniques — Syntax for
high-capacity ADC media
ISO/IEC 15459-4, Information technology — Unique identifiers — Part 4: Individual items
ISO/IEC 15961, Information technology — Radio frequency identification (RFID) for item management — Data
protocol: application interface
ISO/IEC 15962, Information technology — Radio frequency identification (RFID) for item management — Data
protocol: data encoding rules and logical memory functions
ISO/IEC 15963, Information technology — Radio frequency identification for item management — Unique
identification for RF tags
ISO/IEC 16022, Information technology — Automatic identification and data capture techniques — Data
Matrix bar code symbology specification
ISO 17364, Supply chain applications of RFID — Returnable transport items (RTIs)
ISO/IEC 18000-3, Information technology — Radio frequency identification for item management — Part 3:
Parameters for air interface communications at 13,56 MHz
ISO/IEC 18000-6, Information technology — Radio frequency identification for item management — Part 6:
Parameters for air interface communications at 860 MHz to 960 MHz
ISO/IEC 18004, Information technology — Automatic identification and data capture techniques — QR
Code 2005 bar code symbology specification
ISO/IEC TR 18046, Information technology — Automatic identification and data capture techniques — Radio
frequency identification device performance test methods
ISO/IEC TR 18047-3, Information technology — Radio frequency identification device conformance test
methods — Part 3: Test methods for air interface communications at 13,56 MHz
ISO/IEC TR 18047-6, Information technology — Radio frequency identification device conformance test
methods — Part 6: Test methods for air interface communications at 860 MHz to 960 MHz
ISO/IEC 19762-1, Information technology — Automatic identification and data capture (AIDC) techniques —
Harmonized vocabulary — Part 1: General terms relating to AIDC
ISO/IEC 19762-3, Information technology — Automatic identification and data capture (AIDC) techniques —
Harmonized vocabulary — Part 3: Radio frequency identification (RFID)
ISO 21067, Packaging — Vocabulary
ISO/IEC TR 24729-1, Information technology — Radio frequency identification for item management —
Implementation guidelines — Part 1: RFID-enabled labels and packaging supporting ISO/IEC 18000-6C
ANS MH10.8.2, Data Identifiers and Application Identifiers
EPCglobal, Tag Data Standards, Version 1.3
GS1 General Specifications
ICNIRP Guidelines, Guidelines for limiting exposure to time-varying electric, magnetic, and electromagnetic
fields (up to 300 GHz)
IEEE 1451.7, Smart Transducer Interface for Sensors and Actuators — Transducers to Radio Frequency
Identification (RFID) Systems Communication Protocols and Transducer Electronic Data Sheet Formats
IEEE C95-1, IEEE Standard for Safety Levels with Respect to Human Exposure to Radio Frequency
Electromagnetic Fields, 3 kHz to 300 GHz
2 © ISO 2009 – All rights reserved

4 Terms and definitions
For the purposes of this document, the terms and definitions given in ISO 445, ISO 830, ISO 17364,
ISO/IEC 19762-1, ISO/IEC 19762-3 and ISO 21067 apply.
5 Concepts
5.1 Differentiation between this layer and the preceding layers
Figure 1 gives a graphical representation of the supply chain. It shows a conceptual model of possible supply
chain relationships, not a one-for-one representation of physical things. Although several layers in Figure 1
have clear physical counterparts, some common supply chain physical items fit in several layers depending on
the use case. For example, a repetitively used pallet under constant ownership would be covered by
ISO 17364 as an RTI; a pallet that is part of a consolidated unit load would be covered by ISO 17365 as a
transport unit; and a pallet that is integral to a single item would be covered by ISO 17366 as product
packaging.
Layers 0 to 4 are addressed within the series of International Standards Supply chain applications of RFID
(see Introduction). Layer 5 is addressed by the work of ISO/TC 204/WG 7.
Layer 0 in Figure 1 and the definition of a product in ISO 17364:2009, 4.8 are the subject of this International
Standard.
Figure 1 — Supply chain layers
Once tagged, product layer tags can be distinguished from following or preceding layer tags by use of a group
select methodology contained in the RFID interrogator/reader. This group select function allows the
interrogator and supporting automated information systems (AIS) to quickly identify product layer tags. As
indicated in 5.2.2, the group select methodology is further elaborated in ISO/IEC 15961.
5.2 Unique item identifier
5.2.1 General
Unique item identification is a process that assigns a unique data string to an individual item, or in this case to
an RFID tag that is associated to the item. The unique data string is called the unique item identifier. Unique
item identification of items allows data collection and management at a granular level. The benefits of granular
level data are evident in such areas as maintenance, retail warranties and enabling electronic transactions of
record. This granularity is possible only if each tagged item has a unique identification. Items that are not
uniquely identified would not normally be tagged at the item level. Items to which unique item identifiers have
been assigned are said to be serialized items. Low cost consumable items would normally be tagged at the
package level or higher as a standard assortment.
Product layer tagging can uniquely identify items, thus providing differentiation between like items and
between like and unlike items. Product layer tagging can also be used to identify items by differentiating unlike
items but not differentiating between like items. This is used for commodity where individualization is not
practical or desired.
The unique product identifier described above is a unique identifier as described in ISO/IEC 15459-4. The
unique item identifier (UII) provides granular discrimination between like items that are identified with RFID
tags. The unique tag ID (as defined by ISO/IEC 15963) is a mechanism to uniquely identify RFID tags and is
not the unique product identifier defined in this International Standard.
The minimum data elements required for unique identification are an enterprise identifier and a serial number
that is unique within that enterprise identifier. Commonly, a part or model number is also required to achieve
unique identification.
This International Standard uses the following identification mechanisms for unique product identification:
⎯ unique identifiers for supply chain items (ISO/IEC 15459-4);
⎯ GS1 Serialized Global Trade Item Number (SGTIN).
5.2.2 International unique identification for items
The unique identifier of ISO/IEC 15459 provides identification schemes for various layers of the supply chain,
from layer 0 (products) up to layer 3 (returnable transport items). The unique identification of product
packages shall use ISO/IEC 15459-4. Unique identification is provided by three components:
a) issuing agency code (IAC),
b) company identification number (CIN),
c) serial number (SN),
preceded by an AFI and Data Identifier (DI). The AFI code assignments table in ISO/IEC 15961:2004,
Annex B, permits identification of the supply chain layer, i.e. product = A1 , transport unit = A2 ,
HEX HEX
returnable transport item = A3 and product package = A5 .
HEX HEX
The Data Identifier shall be “25S”. The ISO/IEC 15459 registration authority assigns the IAC. The CIN is
assigned by the issuing agency. The company registered with the issuing agency assigns the serial number.
The serial number shall be no longer than 20 alphanumeric characters.
4 © ISO 2009 – All rights reserved

Table 1 — 1736x AFI Assignments
AFI
Assignment International Standard
(HEX)
A1 17367_Non-EPC ISO 17367 — Supply chain applications of RFID — Product tagging
A2 17365_Non-EPC ISO 17365 — Supply chain applications of RFID — Transport units
A3 17364_Non-EPC ISO 17364 — Supply chain applications of RFID — Returnable transport items (RTIs)
A4 17367_HazMat ISO 17367 — Supply chain applications of RFID — Product tagging (HazMat)
A5 17366_Non-EPC ISO 17366 — Supply chain applications of RFID — Product packaging
A6 17366_HazMat ISO 17366 — Supply chain applications of RFID — Product packaging (HazMat)
A7 17365_HazMat ISO 17365 — Supply chain applications of RFID — Transport units (HazMat)
A8 17364_HazMat ISO 17364 — Supply chain applications of RFID — Returnable transport items (RTIs) (HazMat)
A9 17363_Non-EPC ISO 17363 — Supply chain applications of RFID — Freight containers
AA 17363_HazMat ISO 17363 — Supply chain applications of RFID — Freight containers (HazMat)
When stored on a tag with a technology that supports AFIs, the unique identifier shall also be associated with
an AFI. EPC does not use AFIs; consequently, there are no AFIs used for products employed in retail
applications using EPCglobal.
To define its class (in the ISO/IEC 15459 sense), the unique identifier shall have an associated class identifier,
which is the Data Identifier “25S”. For the purposes of this International Standard, a unique identifier of
products can be up to 35 alphanumeric characters in length, including the Data Identifier (an3+an.32). See
Table 2.
Table 2 — UII element string
Format of the license plate
Data Identifier IAC, company identification number (CIN), serial number
N N N N N N N N N N N N N N N N N . . . N
25S
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 32

5.2.3 Serialized global trade identification number (SGTIN)
The EPCglobal serialized global trade identification number (SGTIN) is a unique item identifier (UII) capable of
providing unique item identification of product packages.
Table 3 — SGTIN element string
Header Filter Value Partition Company Prefix Item Reference Serial Number
Number of bits 8 3 3 20 to 40 24 to 4 38
999 999 to
a b b c d
Reference 0011 0000 — — 9 999 999 to 9 274 877 906 943
c
999 999 999 999
NOTE Maximum decimal value range of Company Prefix and Item Reference fields vary according to the contents of the partition

field.
a
Binary value.
b
Refer to EPCglobal, Tag Data Standards, Version 1.3 for values.
c
Maximum decimal range.
d
Maximum decimal value.
The SGTIN consists of the following information elements:
a) The Header, which is defined in EPCglobal, Tag Data Standards, Version 1.3. It is eight (8) bits long and
for an SGTIN-96 is the value 30 .
HEX
b) The Filter Value, which is defined in EPCglobal, Tag Data Standards, Version 1.3. It is three (3) bits long
and identifies whether an EPC is for a retail trade item, a standard trade item grouping, or a single
shipping/consumer trade item.
c) The Partition, which is defined in EPCglobal, Tag Data Standards, Version 1.3. It is three (3) bits long,
carries one of seven (7) values, and identifies where the subsequent Company Prefix and Item Reference
numbers are divided.
d) The Company Prefix, assigned by GS1 to an organization. The Company Prefix is the same as the
Company Prefix digits within a GS1 GTIN decimal code. The combined Company Prefix and Item
Reference are 44 bits long (13 decimal digits).
e) The Item Reference, assigned by the “Company” entity to a particular product package. The combined
Company Prefix and Item Reference are 44 bits long (13 decimal digits).
f) The Serial Number assigned by the managing entity to an individual object. The EPC representation is
only capable of representing a subset of serial numbers allowed in the GS1 General Specifications.
Specifically, only those Serial Numbers consisting of one or more digits, with no leading zeros, are
permitted. The length of the Serial Number is 38 bits.
5.3 Other identification requirements
This International Standard does not supersede or replace any applicable safety or regulatory marking or
labelling requirements.
This International Standard is meant to satisfy the minimum product identification requirements of numerous
applications and industry groups. As such, its applicability is to a wide range of industries, each of which may
have specific implementation guidelines for this International Standard. This International Standard is to be
applied in addition to any other mandated labelling requirements.
6 Differentiation within the layer
6.1 Business processes
Business processes such as those described below are illustrative of the applications envisioned by this
International Standard.
⎯ Acquisition: ordering, including the identification of relevant specifications and requirements, can be
facilitated by referencing the item's original acquisition data using the RFID tag's unique ID as a database
key.
⎯ Shipping: where items can have different configurations or capabilities, such as with computer software
loads that differentiate items with otherwise identical form, fit and function, such items can be issued and
shipped with the tag read providing assurance that the correct item was shipped. This level of non-
intrusive tracking and tracing can serve as a front end to higher level in-transit visibility RFID applications
detailed in the other standards of this series.
⎯ Receiving: non-intrusive collection of receipt data can shorten data collection times, in support of
automated inventory management systems and provide an electronic transaction of record much earlier
in the process. Earlier knowledge of on-hand inventory can reduce stock outs and the need for expedited
premium transportation.
6 © ISO 2009 – All rights reserved

⎯ Cross docking: in addition to recording inbound receipts and outbound shipments, tagged items can be
sorted. Many items will have exterior marking (tagging) that are used in lieu of reading the product tag.
⎯ Work in process: used to track individual components and the final assembly (bill of material) and to
monitor any item through a fabrication or manufacturing process.
⎯ Maintenance: related to work in progress and differentiated in that it covers functions prior to and
subsequent to the actual work. This includes fault analysis, identification, preparation of packing and
packaging.
⎯ Inventory control: item level serialization yields a granularity of visibility that supports the management of
individual items. This allows data collection, tracking and tracing of individual items and selection at point
of issue.
⎯ Disposal: identification of items that have recycling or other disposal requirements.
⎯ Picking and put-away: selection of items from a package or transport unit prior to placement into shelf
stock in a warehouse situation or other storage situation where a specific asset is desired or knowledge of
the specific item selected is required for issue.
⎯ Pick and place: selection of items from shelf stock in a warehouse situation or other storage situation
where a specific asset is desired or knowledge of the specific item selected is required incident to the
placement of the item into or onto another asset incident to a manufacturing or assembly process.
⎯ Sortation: process that places individual items into groups based upon some selection criteria, often
performed at speed.
⎯ Identification: process that is an inherent part of each of the functions set out above. It allows the positive
differentiation of an item consistent with the business process in use. Identification can be at the discrete
item level for serialized products or by commodity for non-serialized products. Identification is often the
underlying base process that enables the other uses of the tag.
⎯ Network topology: can be used to identify discrete nodes or locations on a network.
⎯ Configuration management: discrete identification of the individual component items that comprise a
higher assembly. This component data can be tiered to cover each of the multiple levels of configuration
(e.g. the circuit board inside the radio installed in the communications suite of an aircraft).
The multitude of different business processes circumscribed by the supply chain will employ distinctly different
groupings of functions and processes outlined above. The reading, writing or erasing of data to/from a tag is
intended to effect identification and data capture about the product and the process involved and shall be
integrated into business processes as required by the business process owner.
6.2 Lot/batch vs. serial number vs. product identification only
Just as different business processes have varying data requirements, different items will have varying
identification requirements. Use of structured or intelligent serialization schemes include additional data such
as part number or lot number in the serialization scheme and should be avoided whenever possible. This
means ideally that the serialization is unique within the enterprise.
The lowest level of identification would be product ID only. Lot and batch type items shall be marked with the
product ID of the item and the lot or batch of that item that this particular item belongs to. Serialized items
shall be marked with a unique serial number in conformance with the appropriate part of ISO/IEC 15459,
which details the differing methods of serialization that provide unique identification.
The need to identify an item at each level is not absolute. Many items are manufactured, sold, and used at the
commodity level. Examples are sand, coal and bulk liquids. These items may be marked at the lot level or
simply as a generic commodity.
Medicines are typical of the type of item that is manufactured and managed at the lot level but sold and used
at the item level. Thus a particular dosage of medicine will require unique identification of that dose and the
ability to reference that back to the original manufacturing lot. Looking up associated information on the
information system may accomplish this reference.
6.3 Consumer products vs. industrial/government
Personal privacy considerations present a unique set of considerations for consumer products as opposed to
products that remain exclusively in the industrial/government sectors. Consumer privacy regulations shall be
considered in the design and operation of every consumer level product scenario. Encryption and data
security are addressed in Clause 8.
7 Data Content
7.1 Introduction
Subclauses 7.2 to 7.7 describe the data content of RFID tags for the product layer. They identify, amongst
others,
⎯ the data elements that shall or may be present on the tag,
⎯ the way in which the data elements are identified (semantics),
⎯ the representation of data elements in tag memory, and
⎯ the placement of data elements in the memory of the tag.
7.2 System data elements
7.2.1 Unique product identification
The first data element on a compliant tag shall be the unique identification described in ISO/IEC 15459-4. The
length and nature of this unique identification is defined in this data element. For an ISO/IEC 18000-6, Type C
and ISO/IEC 18000-3, Mode 3 compliant tag, the “unique identification” data element is segregated from any
additional (user data) by the memory architecture. The unique identification data element shall be stored in UII
memory (Bank 01), with any additional data being stored in user memory (Bank 11). For the purposes of this
International Standard, a unique identifier of product packages can be up to 35 alphanumeric characters in
length, including the Data Identifier (an3+an.32).
7.2.2 Data semantics
Tags that only encode the unique product identity should conform to ISO/IEC 15961. Tags containing complex
data structures or larger data sets shall include semantics that conform to ISO/IEC 15418, ISO/IEC 15962,
and ISO/IEC 15961.
7.2.3 Data syntax
Tags that encode identity only are considered to have no syntax. Tags containing complex data structures or
larger data sets shall conform to ISO/IEC 15434 and should also conform to ISO/IEC 15962.
8 © ISO 2009 – All rights reserved

7.3 Tag structure
7.3.1 Tag header
Tag headers should contain either an ISO/IEC defined AFI or an EPCglobal defined NSI. The ISO/IEC 15961
AFI for product packages, i.e. A5 , in bits 18 to 1F as described in Tables 1 and 4. Support for
HEX HEX HEX
ISO standards (including AFIs) is indicated when bit 17 is set to “1”. Alternatively, such headers may
HEX
contain an EPC header as described in EPCglobal, Tag Data Standard, Version 1.3. Support for EPCglobal
coding is indicated when bit 17 is set to “0”.
HEX
NOTE A 96-bit SGTIN is represented by EPC header 30 .
HEX
7.3.2 Tag memory
Figure 2 provides a graphical representation of tag memory.
MSB LSB
Data Objects formatted:
Precursor, [OID], length,
-
object
RFU [7:0]
10 1F - Sensors/battery-assist
HEX HEX
DSFID [7:0]
00 0F
- See ISO/IEC 15961
HEX HEX
and ISO/IEC 15962
Memory bank
MSB LSB
Bank
- MDID
USER
- Tag model number
Bank
- Serial number
TID
TID [15:0]
10 HEX 1F
2 HEX
- Burned in or written
HEX TID [31:16] 0F
HEX and permalocked by
Bank
UII IC manufacturer
MSB LSB
Bank
RESERVED
220 22F
HEX
Optional XPC_W2 [15:0] HEX
210 21F
HEX Optional XPC_W1 [15:0] HEX
UII [15:0]
Memory bank is definedy
as follows UII (may be EPC)
-
UII [N:N-15]
20 2F
HEX
00 Reserved HEX
PC (Protocol Control) bits,
-
10 StoredPC [15:0] 1F
01 UII
HEX HEX
2 including UII length indicator
10 TID 00 StoredCRC-16 [15:0] 0F - CRC confirms content of
2 HEX
HEX
UII memory
11 User
MSB LSB
- Contains all write lock
and kill passwords
30 Access Password [15:0] 3F
HEX HEX
20 Access Password [31:16] 2F
HEX HEX
10 Kill Password [15:0] 1F
HEX
HEX
00 Kill Password [31:16] 0F
HEX HEX
Figure 2 — Segmented memory map
… … … … …
…
7.3.3 Tag memory banks
Tag memory shall be logically separated into four distinct banks, each of which may comprise one or more
memory words. A logical memory map is given in Figure 2. The memory banks are as follows.
a) Reserved memory: shall contain the kill and access passwords. The kill password shall be stored at
memory addresses 00 to 1F ; the access password shall be stored at memory addresses 20 to
HEX HEX HEX
3F . If a tag does not implement the kill and/or access password(s), the tag shall act as though it had
HEX
zero-valued password(s) that are permanently read/write locked and the corresponding memory locations
in reserved memory need not exist.
b) UII memory: shall contain a CRC-16 at memory addresses 00 to 0F , Protocol Control (PC) bits at
HEX HEX
memory addresses 10 to 1F and a code, i.e. a UII, that identifies the object to which the tag is or
HEX HEX
will be attached beginning at address 20 . The PC is subdivided into a UII length field in memory
HEX
locations 10 to 14 , an indication of user memory bit in memory location 15 , a PC extension
HEX HEX HEX
indicator bit in memory location 16 , an ISO/EPC bit in memory location 17 and a numbering
HEX HEX
system identifier (NSI) in memory locations 18 to 1F . The CRC-16, PC and UII shall be stored
HEX HEX
MSB first (the UII's MSB is stored in location 20 ).
HEX
c) TID memory: shall contain an 8-bit ISO/IEC 15963 allocation class identifier at memory locations 00 to
HEX
07 . TID memory shall contain sufficient identifying information above 07 for an interrogator to
HEX HEX
uniquely identify the custom commands and/or optional features that a tag supports.
For EPC tags whose ISO/IEC 15963 allocation class identifier is 11100010 , this identifying information
shall comprise a 12-bit tag mask-designer identifier at memory locations 08 to 13 and a 12-bit tag
HEX HEX
model number at memory locations 14 to 1F .
HEX HEX
For ISO/IEC 15459-4 tags operating conformant to ISO/IEC 18000-6, Type C and whose ISO/IEC 15963
allocation class identifier is 11100000 (E0 ), this identifying information shall comprise a 12-bit tag
HEX
mask-designer identifier at memory locations 08 to 13 and a 12-bit tag model number at memory
HEX HEX
locations 14 to 1F .
HEX HEX
For ISO/IEC 15459-4 tags operating conformant to ISO/IEC 18000-3, Mode 3, and whose ISO/IEC 15963
allocation class identifier is 11100000 (E0 ), this identifying information shall comprise a 12-bit tag
2 HEX
mask-designer identifier at memory locations 08 to 13 and a 12-bit tag model number at memory
HEX HEX
locations 14 to 1F .
HEX HEX
Tags may contain tag- and vendor-specific data (for example, a tag serial number) in TID memory above
1F .
HEX
d) User memory: allows user-specific data storage. The StorageFormat ID described in ISO/IEC 15961 and
ISO/IEC 15962 defines the memory organization. The presence of data in user memory in MB11 shall be
indicated by the presence of a 1 in the 15 PC bit. A zero in the 15 PC bit shall indicate that there is
HEX HEX
no user memory at MB11 or that there is no data in MB11.
7.4 Protocol Control (PC) bits
The PC bits contain physical-layer information that a tag backscatters with its UII during an inventory
operation. There are 16 PC bits, stored in UII memory at addresses 10 to 1F , with bit values defined as
HEX HEX
follows.
⎯ Bits 10 to 14 : The length of the (PC + UII) that a tag backscatters, in words:
HEX HEX
⎯ 00000 : one word (addresses 10 to 1F in UII memory).
2 HEX HEX
⎯ 00001 : two words (addresses 10 to 2F in UII memory).
2 HEX HEX
⎯ 00010 : three words (addresses 10 to 3F in UII memory).
2 HEX HEX
⎯ .11111 : 32 words (addresses 10 to 20F in UII memory).
2 HEX HEX
10 © ISO 2009 – All rights reserved

⎯ Bit 15 : User Memory; shall be set to “0” for tags without data in user memory (MB “11”) or tags without
HEX
User Memory and shall be set to “1” for tags with data in user memory.
⎯ Bit 16 : Shall be set to “0” if there are no extended PC (XPC) bits or the XPC bits have a zero value
HEX
and shall be set to “1” if the PC bits are extended by an additional 16 bits.
NOTE 1 If a tag implements XPC bits then PC bit 16 will be the logical OR of the XPC bits contents. The tag
HEX
computes this logical OR, and maps the result into PC bit 16 , at power up. Readers can select on this bit, and
HEX
tags will backscatter it.
NOTE 2 The XPC will be logically located at word 32 of UII memory. If a reader wants to select on the XPC bits,
then it issues a Select command targeting this memory location.
⎯ Bit 17 : Shall be set to “0” if encoding an EPC and shall be set to “1” if encoding an ISO/IEC 15961 AFI
HEX
in bits 18 to 1F .
HEX HEX
⎯ Bits 18 to 1F : A numbering system identifier (NSI) whose default value is 00000000 and which
HEX HEX 2
may include an AFI as defined in ISO/IEC 15961 (when encoding the tag pursuant to ISO standards).
The MSB of the NSI is stored in memory location 18 .
HEX
The default (unprogrammed) PC value shall be 0000 .
HEX
Table 4 summarizes the content.
Table 4 — Segmented memory: memory bank “01”
Protocol Control bits run from 10 to 1F

HEX HEX
0/1 0/1 0/1
10 11 12 13 14 15 16 17 18 19 1A 1B 1C 1D 1E 1F
Length indicator User memory XPC bit EPC/ISO Application family identifier (AFI)/ Haz
Numbering system identifier (NSI) Mat

7.5 Data elements
7.5.1 Unique product identifier
The UII – Product package shall be present on all conformant product package tags. For non-retail tags, the
unique product package identifier shall conform to ISO/IEC 15459-4 and shall be used as described in 5.2.2.
For retail tags, the unique product package identifier shall conform to EPCglobal, Tag Data Standards,
Version 1.3 for the SGTIN-96 and shall be used as described in 5.2.3.
7.5.2 Hazardous goods
RFID tags for product packaging that is classified as hazardous for storage, transportation or use shall contain
a bit reference indicating that the item is hazardous. In addition, the tag, regulations and statutes may require
a more detailed categorization of the hazard. The setting of this bit (“1”) directs the material handler to the
included material safety data sheet. This additional categorization shall not be mandatory unless it provides an
approved replacement for hazard data otherwise required by the requiring authority.
The specific hazardous goods code shall include the appropriate Data Identifier and qualifier and shall be
reflected in the user data memory. The presence of hazardous material for EPC products is indicated by bit
“1F” of memory bank MB01 as defined in ISO/IEC 18000-6, Type C and ISO/IEC 18000-3, Mode 3. The
presence of hazardous material for ISO transport units is indicated by the AFI “A8” in bits “18” to “1F” of
memory bank MB01 as defined in ISO/IEC 18000-6, Type C and ISO/IEC 18000-3, Mode 3.
This International Standard does not supersede or replace any applicable safety or regulatory marking or
labelling requirements. This International Standard is meant to satisfy the minimum product identification
requirements of numerous applications and industry groups. As such, its applicability is to a wide range of
industries, each of which may have specific implementation guidelines for this International Standard. This
International Standard is to be applied in addition to any other mandated labelling requirements.
7.5.3 Optional data
Dependent upon the tag type and capacity, optional data may be written to tags as required. Agreement
between trading partners is not required. Optional data may be encrypted or otherwise secured at the
discretion of the tag writer. Note that encrypted or secured data may not be readable by subsequent
applications or users. Unless written in a read-only format or locked, optional data may be removed or
changed by subsequent applications. Optional data shall be contained in ISO/IEC 15434 syntax and
ISO/IEC 15418 semantics using ISO/IEC 15962.
7.6 Traceability
Unique identification enables traceability. Traceability can relate to specific items yielding the ability to
differentiate between like items and traceability can also relate to groups of like items differentiating them from
unlike items.
Serialization schemes shall comply with ISO/IEC 15459-4.
Traceability of commodity items may be achieved by concatenating data elements representing the
manufacturer, the part/model number and the lot or batch number assigned by the manufacturer.
7.7 Unique item serialization
Unique item identification can be assured by concatenating three elements of data: the issuing agency code
(IAC), an enterprise identifier (relating to the IAC), and a unique serialization as described in ISO/IEC 15459-3.
Product package-RFID tag data formats shall make a clear distinction in the leading eight bits of the tag
between unique product package identification and its contents, in addition to a ninth bit (at seventeenth HEX
position) indicating ISO (AFI) or EPCglobal.
8 Data security
8.1 Confidentiality
Tag users desiring to have their tags read only by authorized users shall have the ability to secure/protect
data written to a tag. The tag shall be capable of having secured/protected data written to it and read from it
without interference from the tag design or structure. Use of this feature shall be at the discretion of the user.
The type of security/protection to be utilized shall be commensurate with the degree of risk and vulnerability
associated with the tag data, and shall be agreed upon between the enterprise writing to the tag and any/all
authorized readers/users of the data.
8.2 Data integrity
Tags shall have the ability to prevent the alteration or erasure of data commonly known as locking data. This
shall be at the discretion of the user. Tag manufacturers shall have the option of locking a portion of the tag
data for identification and storage of data related to the manufacturer and not the user. A CRC-16 is required
to enhance the integrity of the data. The location of the CRC-16 shall be as per the memory map in Figure 2.
12 © ISO 2009 – All rights reserved

8.3 Interrogator authentication
A tag's data storage schemas for user memory and future data transfer protocols should provide for the user-
enabled option to require authentication of the interrogator's authorization prior to reading the tag data.
Reading of the tag ID alone shall not require authentication.
8.4 Non-repudiation/audit trail
Tags shall be capable of supporting non-repudiation when programmed to provide non-forgeable evidence
that a specific action occurred. Nothing in this non-repudiation feature shall interfere with or degrade the
performance of the tag or other tags in the field of view.
8.5 Product authentication/anti-counterfeiting
RFID devices by themselves do not prevent counterfeiting; the serialization of product and a secure chain of
custody can aid in anti-counterfeiting.
9 Identification of RFID labelled material
RF tags and RF label inlays compliant with this International Standard shall include one or more of the
internationally accepted RFID emblems. The accepted emblems are given in Figure 3.

NOTE 1 The above emblems only represent the 860 MHz to 960 MHz air interface for this application standard. Other
air i
...