Microchip / RFID Implants: Issues, Concerns & Ramifications

[Timble2]

A bit off-thread perhaps........

Something else for you conspiracy fans who know that THEY are watching you. Don't even need implanted devices to track you if this becomes widespread...

The Grauniad

Payment at your fingertips as Co-op tests checkout scanners
Bobbie Johnson, technology correspondent
Thursday March 9, 2006

Guardian

Shoppers in Oxford are being offered the chance to ditch their cash cards in favour of their fingertips. Three shops in the area yesterday launched a system allowing customers to pay using fingerprint identification, as part of a pilot scheme by the Midcounties Co-operative.
Buyers can choose to register their fingerprint with the chain, allowing their identity to be linked to their bank account and store loyalty card. Customers will be able to pay by placing their fingers against a scanner at the checkout.

"It offers us a slight edge over the competition," said a Co-op spokesman. "It's a very tough retail world and anything we can do to encourage more people to shop with us gives us a commercial benefit."

The scheme is run by the biometrics company Pay by Touch, which is looking to spread further into Europe after enjoying modest success in the US. Representatives say the main benefit is speed, not just security. "The idea behind our system is that it's based on convenience," said Tom Fischer, vice-president for Europe. "Nobody particularly enjoys standing in a queue, but with this system the transaction can be quite a lot quicker."

The cost of installation is being funded by the Co-op. The system uses similar technology to that employed at US immigration checkpoints, and it is likely that the same systems will eventually be used in the proposed national ID card scheme which the government is trying to force through parliament.

But a spokesman for Apacs, the association for the UK's payment industry, remained sceptical that fingerprinting systems would ever be adopted into the mainstream. "At the moment this is only in three shops, which means that it won't be particularly convenient unless you only need to shop there."

Apacs has just forced through national adoption of the chip and pin security scheme, estimated to have cost British business £1.1bn. But it seems to be delivering results, as credit and debit card fraud fell for the first time in a decade last year.

Pay by Touch says the Oxford pilot is intended as another option for retailers, not as a replacement for existing systems. But it accepts that the scheme's success will ultimately rely on building up trust with shoppers. "A few years ago people had the same worries about storing credit card details with internet companies like Amazon or eBay. People used to perceive that as a high risk, but now most people see it as a low risk," said Mr Fischer.

Guardian Unlimited © Guardian Newspapers Limited 2006

 

[techybloke666]

Speed through the checkout with just a wave of your arm
By Valerie Elliot

Shoppers could soon pay for goods using a microchip implanted under the skin


IT MAY sound like a sci-fi fantasy but shoppers may one day be able to pay their grocery bills using a microchip implanted in their body.
The idea is already catching on with today’s iPod generation. According to research released today by the Institute for Grocery Distribution (IGD), a retail think-tank, almost one in ten teenagers and one in twenty adults are willing to have a microchip implanted to pay shop bills and help to prevent card or identity fraud and muggings.



A quick scan of the arm would connect immediately to bank details and payments could be made swiftly. Such microchips are already used in cats, dogs and horses. They are used in cattle and sheep so that consumers can trace their food from farm to plate and are also being used to help to combat drugs counterfeiting.

But now the retail industry is looking at body chips among a range of biometric payment methods, including fingerprint and iris recognition. So far the only example of a human body chip being used is at the VIP Baja Beach Club in Barcelona, where people wear bikinis and shorts and there is nowhere to carry wallets and purses.

The club offers clients a microchip, injected in the arm, which gives them access to certain areas of the club and acts as a payment method at the bar. This chip, made by the VeriChip Corporation, is a glass capsule about the size of a grain of rice, which sits under the skin. It carries a ten-digit personal number that can be linked to a person’s bank account, and has been a success at the club.

Geraldine Padbury, senior business analyst at IGD, accepts that many consumers will have concerns about their privacy, but says that teenagers, the next generation of shoppers, will have far fewer concerns about using the body chips.

She said: “With teenagers happy to use MySpace (the networking website) and blogs to share details of their private lives, there may be less concern surrounding privacy than for other generations.”

However, she believes that supermarkets will look at using fingerprint and iris recognition for the immediate future. One in five teenagers and one in nine adults in the study made clear that they would like to pay using these biometric methods. These methods were more popular than paying by mobile phone because of concerns about the high level of mobile phone theft.

There is already a pay-by-touch experiment under way at the Midcounties Co-operative in Oxford, where a finger scan is linked to a bank account. This system is used by more than 2.3 million shoppers in the US and also allows them to cash cheques in stores. Fingerprint recognition is used at Ben-Gurion airport in Israel, rather than making passengers stand in a check-in queue.

The research also gives supermarket bosses a clear warning that they will have to speed up shopping trips. In the survey, 66 per cent of teenagers and 62 per cent of adults said that they wanted less staff involvement and more self-scanning of goods. They wanted staff only to help to pack bags or fetch forgotten items.

About 16 per cent of teenagers and 12 per cent of adults wanted navigation systems on trolleys to help them round the store. Such a system is already being used at the Metro Future store in Rheinberg, near Düsseldorf. Shoppers connect their loyalty card to a computer attached to the trolley. Details are then displayed of goods purchased last time as well as special offers and where to find the items.

http://technology.timesonline.co.uk/art ... 43,00.html

It may have been quiet but the idea is far from dead and buried

 

[crunchy5]

I hope this helps the fight back.

http://cq.cx/vchdiy.pl

Demo: Cloning a Verichip Yourself


I used a relatively sophisticated piece of electronics to clone a Verichip. This made things trivially easy. Even though I had never seen a Verichip before in my life, I just had to write a hundred lines of code; but because I used my proxmarkii, I've heard claims that it is impossible to talk to a Verichip without expensive equipment.

Also, I embarrassed myself in front of a documentary crew when I couldn't clone the Verichip that their presenter had had implanted. (He was a fairly big guy, and the chip was very deep beneath his skin, so I didn't have enough read range to do it with my proxmarkii. We tried shoving the antenna into his arm, but I think we just pushed the chip deeper. A proxmark3—which can read them at the correct operating frequency of 134 kHz, instead of 125 kHz—would have worked fine, and in fact I had brought two of them; but I destroyed both, through my own stupidity, before I got a chance to do the demo. If you build a proxmark3, then don't forget to populate D10/D11.)

I therefore wanted an inexpensive cloner, with decent read range and a simple user interface. It should be easy to build, and it should not require a PC to operate. This will make it easy for you to clone a Verichip yourself, even if you don't have a lot of money, or any knowledge of electronics. The device will also be simpler to use, and have fewer parts to fail; if more journalists have chips implanted, then this reduces the chance that I will screw up the demo for them as well.

This device can read and replay a Verichip's ID. If you can get the antenna close to your victim's shoulder, then your circuit board is electrically indistinguishable from their implanted chip forever after. Full schematics and documentation are given below.

It goes on to show you how in detail, I think :? 8)

 

[Pietro_Mercurios]

Every day it's a' getting closer, going faster than a ...

http://news.bbc.co.uk/2/hi/technology/6044310.stm

Air passengers 'could be tagged'
By Rebecca Morelle
BBC News: 12th october 2006

Electronically tagging passengers at airports could help the fight against terrorism, scientists have said.

The prototype technology is to be tested at an airport in Hungary, and could, if successful, become a reality "in two years".

The work is being carried out at a new research centre, based at University College London, set up to find technological solutions to crime.

Other projects include scanners for explosives and dirty bomb radiation.

Dr Paul Brennan, an electrical engineer, is leading the tagging project, known as Optag.

He said: "The basic idea is that airports could be fitted with a network of combined panoramic cameras and RFID (radio frequency ID) tag readers, which would monitor the movements of people around the various terminal buildings."

The plan, he said, would be for each passenger to be issued with a tag at check-in.

He said: "In our system, the location can be detected to an accuracy of 1m, and video and tag data could be merged to give a powerful surveillance capability."

Civil liberties

The tags do not store any data, but emit a signal containing a unique ID which could be cross-referenced with passenger identification information. In the future, added Dr Brennan, this could incorporate biometric data.

The project still needs to overcome some hurdles, such as finding a way of ensuring the tags cannot be switched between passengers or removed without notification.

The issue of infringement of civil liberties will also be key.

But potentially, said Dr Brennan, the tags could aid security by allowing airports to track the movement patterns of passengers deemed to be suspicious and prevent them from entering restricted areas.

It could also aid airports by helping evacuation in case of a fire, rapidly locating children, and finding passengers who are late to arrive at the gate.

The "proof of concept" of the system is about to be tested at Debrecen airport in Hungary. If successful, claimed Dr Brennan, it could be available elsewhere within two years.

...

 

[jefflovestone]

Speed through the checkout with just a wave of your arm
By Valerie Elliot

Shoppers could soon pay for goods using a microchip implanted under the skin


IT MAY sound like a sci-fi fantasy but shoppers may one day be able to pay their grocery bills using a microchip implanted in their body.
The idea is already catching on with today’s iPod generation. According to research released today by the Institute for Grocery Distribution (IGD), a retail think-tank, almost one in ten teenagers and one in twenty adults are willing to have a microchip implanted to pay shop bills and help to prevent card or identity fraud and muggings.

The emboldened point is exactly the point I've been repeatedly making myself on this thread. The "iPod generation" have been raised in an technological environment where they know don't know any different from being 'plugged into the network'.

 

[techybloke666]

More bad news for them lol

RFID worm created in the lab
17:57 15 March 2006

Researchers have discovered a way to infect Radio Frequency Identification (RFID) tags with a computer worm, raising the disturbing prospect that products, ID cards, and even pets could be used to spread malicious code.

http://www.newscientist.com/article.ns? ... news_rss20

Now thats just the type of device we don't need in an ID card

Take note Mr Blair

 

[lupinwick]

Speed through the checkout with just a wave of your arm
By Valerie Elliot

Shoppers could soon pay for goods using a microchip implanted under the skin


IT MAY sound like a sci-fi fantasy but shoppers may one day be able to pay their grocery bills using a microchip implanted in their body.
The idea is already catching on with today’s iPod generation. According to research released today by the Institute for Grocery Distribution (IGD), a retail think-tank, almost one in ten teenagers and one in twenty adults are willing to have a microchip implanted to pay shop bills and help to prevent card or identity fraud and muggings.

The emboldened point is exactly the point I've been repeatedly making myself on this thread. The "iPod generation" have been raised in an technological environment where they know don't know any different from being 'plugged into the network'.

Agreed. If the government or whoever were to stress what advantages an RFID implant could give to folks, and lets face it there could well be plenty - medical information etc. etc. constant locational information may well make kidnapping and similar offenses a rarity as they would be more difficult to carry out, then I'd guess that the potential pitfalls will be ignored on the basis of the chances of it happening being quite small.

Time will tell. However, the system has to be secure and unhackable.

 

[lupinwick]

And now we have the RFID firewall....

Tag Spoofing Demystified
RFID readers produce an electromagnetic field that powers up RFID tags, and provides them with a reference signal (e.g. 13.56 MHz) that they can use for internal timing purposes. Once an RFID tag decodes a query from an RFID reader (using its internal circuitry), it encodes its response by turning on and off a resistor in synchronization with the reader’s clock signal. This so-called “load modulation” of the carrier signal results in two sidebands, which are tiny peaks of radio energy, just higher and lower than the carrier frequency. Tag response information is transmitted solely in these sidebands2, rather than in the carrier signal. Figure 5 (from the RFID Handbook[6]) illustrates how these sidebands look, in relation to the reader-generated carrier frequency. The comparatively tiny sidebands have approximately 90 decibels less power than the reader-generated carrier signal, and this is the reason why RFID tag responses often have such a limited transmission range.

The secret to creating fake tag responses is to generate the two sideband frequencies, and use them to send back properly-encoded responses, that are synchronized with the RFID reader’s clock signal. The simplest way to generate these sidebands is to imitate an RFID tag, by turning on and off a load resistor with the correct timing. The disadvantage of this approach is that passive modulation of the reader signal will saddle our fake tag response with identical range limitations as real RFID tags (˜10 cm for our test setup).

Above is straight off BoingBoing, the link is to the PDF paper.

 

[lupinwick]

Discussion of RFID and CMD security from Los Alamos.

http://tinyurl.com/uv779

Which ends up with the following conclusion.

• RFID and Contact Memory Devices are great for
inventory applications.
• These devices should not be used for critical security
applications.
• If using either of these technologies, periodic
reassessments should be conducted to ensure mission
creep is not occurring.

Also check out the Chip&Pin hack at

http://www.lightbluetouchpaper.org/2006/12/

 

[lupinwick]

A detailed report on RFIDs etc. Bit of a long download (its a PDF) so be warned if on a dialup.


Report as a PDF

 

[ramonmercado]

There may be another thread regarding this but I can't find it. Anyway, the chipping of workers proceeds.

British companies are planning to microchip some of their employees in a bid to boost security and stop them accessing sensitive areas.

Biohax, a Swedish company that provides human chip implants, told the Daily Telegraph it is in talks with a number of major UK legal and financial firms, with employees numbering “in the hundreds of thousands”, to implant staff with the devices.

The microchips, which are about the size of a grain of salt and use the same near field communication (NFC) technology as contactless bank cards, are injected into the fleshy area between thumb and forefinger via syringe.

They take just a couple of seconds to activate and sit just below the skin, making them less likely to be hacked.

https://www.theweek.co.uk/97695/maj...letter&utm_medium=email&utm_source=newsletter

 

[Jonfairway]

they end of card systems and the beginning of the cashless society !!!

 

[Mythopoeika]

they end of card systems and the beginning of the cashless society !!!

And the end of freedom as we know it.

 

[markrkingston1]

British companies are planning to microchip some of their employees in a bid to boost security and stop them accessing sensitive areas.
[...]
They take just a couple of seconds to activate and sit just below the skin, making them less likely to be hacked.

What I can't believe is that any of the employees would actually agree to this. Who the frak would actually take this seriously?

For an employer to even request it would be an obscene abuse of the working relationship.

 

[Swifty]

What I can't believe is that any of the employees would actually agree to this. Who the frak would actually take this seriously?

For an employer to even request it would be an obscene abuse of the working relationship.

Absolutely. It was bad enough when I was last doing community care visits and our company issued us with smart phones with tracking devices on them. The fact that I/we had nothing to hide was irrelevant, it was an invasion of privacy, especially as we had to leave them switched on from our very first visit of the day to the very last visit but the company wasn't paying us for our time spent travelling between service users .. something that I pointed out to a tech guy who was sent from Norwich one day to fix mine because it had been playing up:

"Thanks for fixing it, I'm not too keen on it to be honest, I think it's a bit of an invasion of privacy."
"How do you mean?"
"It's not really any of the company's business where I am inbetween visits."
"Why?"
"Well what if I decided I wanted to cheat on my Mrs and have a fling? .. what if I decided I wasn't straight anymore and decided to have gay fling with ****** (one of my ex co workers who's gay)? ... "
"You don't want to be saying things like that to ME"

?

.. and that's when the penny dropped that this tech guy who was also one of my head office managers was gay and that he now thought I was being homophobic ..

I hated that tracking device, I mentioned it to a man I knew working in a local supermarket and he offered to swipe it over the uber magnet they had instore to wipe credit cards but obviously I just said thanks and refused. It would be even more of a pain in the arse with an implanted tracker unless the same strong magnet trick worked I suppose.

 

[markrkingston1]

It would be even more of a pain in the arse with an implanted tracker unless the same strong magnet trick worked I suppose.

Indeed. The only possible solution is never to accept the implant in the first place.

 

[escargot]

Absolutely. It was bad enough when I was last doing community care visits and our company issued us with smart phones with tracking devices on them. The fact that I/we had nothing to hide was irrelevant, it was an invasion of privacy, especially as we had to leave them switched on from our very first visit of the day to the very last visit but the company wasn't paying us for our time spent travelling between service users .. something that I pointed out to a tech guy who was sent from Norwich one day to fix mine because it had been playing up:

"Thanks for fixing it, I'm not too keen on it to be honest, I think it's a bit of an invasion of privacy."
"How do you mean?"
"It's not really any of the company's business where I am inbetween visits."
"Why?"
"Well what if I decided I wanted to cheat on my Mrs and have a fling? .. what if I decided I wasn't straight anymore and decided to have gay fling with ****** (one of my ex co workers who's gay)? ... "
"You don't want to be saying things like that to ME"

?

.. and that's when the penny dropped that this tech guy who was also one of my head office managers was gay and that he now thought I was being homophobic ..

I hated that tracking device, I mentioned it to a man I knew working in a local supermarket and he offered to swipe it over the uber magnet they had instore to wipe credit cards but obviously I just said thanks and refused. It would be even more of a pain in the arse with an implanted tracker unless the same strong magnet trick worked I suppose.

I did that sort of work and have also had housebound relations who relied on carers so I know exactly what you mean.

A few years ago an elderly relation was being messed about by carers (not visiting, not staying for long enough, falsifying records, stealing drugs etc) which we knew about but couldn't prove. Eventually the council installed electronic surveillance which noted when people went between rooms and especially when the front door opened, which immediately proved what the carers were up to. They were busted big-time. Police were involved.

So yeah, that was a great use of technology, centered on the vulnerable person's house rather than on individuals. I was able to monitor it from my iPad so it wasn't about the company snooping on workers and it proved the slacking etc irrefutably.

OTOH when I did that work nobody was issued with phones because the technology was new and the companies were too tight.
I bet the company doing my relation's care wish they'd invested in them after the shitstorm I drew down upon their heads!

 

[escargot]

What I can't believe is that any of the employees would actually agree to this. Who the frak would actually take this seriously?

For an employer to even request it would be an obscene abuse of the working relationship.

My industry would be interested in tracking but my famously militant trade union wouldn't allow it.

The way people might be persuaded to accept tracking is to give it a spin of convenience. If you could pay your bills or start your car with it* you might reconsider the loss of personal privacy.

It's worked with debit cards, where many people hardly carry cash any more.

*Although ULs have it that thieves will steal your finger to access your 'fingerprint' car security.

 

[markrkingston1]

The way people might be persuaded to accept tracking is to give it a spin of convenience. If you could pay your bills or start your car with it* you might reconsider the loss of personal privacy.

This is a possible vector. I think people are foolishly willingly to give up too much for the sake of convenience.

However, even the USP of convenience might be a bit too much for people to accept bodily implants. One would hope so, anyway.

 

[Papa Human]

"1 National Railway system is currently using the Biohax install as a paper-ticket replacement to create efficient and sustainable travel experiences."

"The future is technology moving into the body"

"Biohax aggressive move towards replacing plastic cards for a sustainable future is acted upon everyday with our efforts to educate society and the connected citizen."


From the Biohax website.
This is a company in Sweden. Can I move from here, please?!

 

[Swifty]

I did that sort of work and have also had housebound relations who relied on carers so I know exactly what you mean.

A few years ago an elderly relation was being messed about by carers (not visiting, not staying for long enough, falsifying records, stealing drugs etc) which we knew about but couldn't prove. Eventually the council installed electronic surveillance which noted when people went between rooms and especially when the front door opened, which immediately proved what the carers were up to. They were busted big-time. Police were involved.

So yeah, that was a great use of technology, centered on the vulnerable person's house rather than on individuals. I was able to monitor it from my iPad so it wasn't about the company snooping on workers and it proved the slacking etc irrefutably.

OTOH when I did that work nobody was issued with phones because the technology was new and the companies were too tight.
I bet the company doing my relation's care wish they'd invested in them after the shitstorm I drew down upon their heads!

All the above you mentioned goes on without a doubt, a chef I used to work with's Mrs was caught using a service user's check book and ended up going to prison for it (that made the papers) .. but then I remember one woman I was only supposed to check up on, make her a sandwich and a cup of tea and the time she asked me to also go into her bedroom to fetch a cardigan for her. I can't help wondering now that if the door to her bedroom was somehow rigged, I could have been under suspicion on entering a room that I shouldn't have needed to under her care plan .. and the woman who wasn't home when she always was so I entered her property because my phone gave me the key code to do so .. I'd entered the larger building first and her other elderly mate and me couldn't find the care home manager .. but ****** was paranoid so didn't want anyone to enter her home .. I'd called the police at this stage and then entered her home, the officer helped me with the second search (turns out, she'd had a tumble in Cromer and had been take to the Norfolk & Norwich Hospital I later found out) .. but my area manager still tried to tell me off. My response on the phone: "So why is her home access code on my phone then?" .. sometimes you can't win .. she was OK in the end btw.

If I ever do care work again, it'll only ever be with a team.