Chip Implants Allow You to Leave Your Keys Behind
Software engineer Miana Windall, who has approximately 25 implants embedded in her skin, including magnets and RFID technology, shared her experience and fascination with these implants at the DEF CON security conference. Despite the potential discomfort it may cause to some, Windall assured that these implants are hardly noticeable. She also discussed how she programmed them for personal purposes, such as using them to gain access to her previous workplace.
RFID technology enables scannable technology such as metro cards or tap-to-pay. The relatively simple technology was first patented in the 1970s, and frame modification dates back thousands of years. Despite this, RFID implants still haven’t reached their full potential and are still a gimmick for many people, Windall said. But if you want to go clubbing and don’t bring a bag, you can buy the right type of lock and implant a sensor that you can’t miss to scan in and out of your home.
Still, they are not magic. “Chip implants don’t work like Hollywood movies,” Amal Graafstra, founder of biohacking and implant service Dangerous Things, told ReturnByte. “They’re not even active or alive or energetic when you’re not very close to the reader”
This means that the range of applications for RFID implants is pretty limited, and it’s mostly basic technology that you need to be able to hack in order to be useful. There are limited deployment cases, such as the Tesla key card implant that allows you to start your car, but usually the user needs to be able to copy certain key configurations into it themselves. “When we sell a transponder, we sell a key, but not a lock,” Graafstra said. The user must have some technical skill to make the “lock”.
It’s good to know that before you go to a body artist or piercer to get one, otherwise you might end up with a chip you can’t use. “Do your research and be sure of what you want as much as possible before surgery,” Windall said. However, Windall himself has some passives that are safe to keep under his skin.
Companies are now looking for ways to use RFID implants also as security devices. RFID technology has an inherent vulnerability in that it requires access information in order to be stolen. But using these credentials as an implant at least prevents anyone from easily stealing your access card or data.
“The likelihood of someone coming along and being able to scan your credentials without you knowing is probably not that great,” Windall said. “Your hand can’t be stolen, at least not without a machete.”
Also, as authentication becomes more important to prevent unauthorized account access, these implants can be used to prove your identity. When companies want to replace two-factor authentication with passwords, putting these credentials under the skin may be possible. Your password can be loaded into a chip implant that can confirm your identity, unlike a hardware key that can be lost or a text message verification that can be spoofed, according to Graafstra.
RFID implants do not require FDA approval because they are not medical devices. While they generally seem safe, there are risk factors to consider, says Harsha Gangadharbatla, PhD, a professor at the University of Colorado School of Media in Boulder.
“Consumers should be fully aware of the ‘hidden’ costs (privacy, risk and advertising) associated with such technology, not just the cost of acquiring such implants,” he said in an email to ReturnByte.