An under-the-skin implant that makes credit card payments via radio signals is attracting widespread criticism from technologists, privacy lobbyists and security experts.
Advanced Digital Solutions in Palm Beach, Florida, announced a plan to turn its rice-grain-sized Verichips into a method of payment at ID World 2003 in Paris, France recently. The company’s previous proposal to implant GPS systems inside people also prompted scepticism.
But ADS claims its Veripay system, which is based on radio frequency identification (RFID) technology, would end the problems of identity theft and make it impossible to lose your credit card.
The injectable chip could also one day store PC and cellphone log-ins, medical information, and wireless car and building entry codes, says ADS’s Matthew Cossolotto, who is already “chipped up” with the device.
However, Veripay’s opponents say that it has technological limitations, would compromise the wearer’s privacy and could be less – not more – secure than a conventional credit card.
A RFID tag is a device that emits a unique identity number when queried by a radio frequency “reader”. The signal from the reader both activates and powers the tag. The tags are becoming increasingly popular, particularly with big companies managing their stock.
Thirty Mexican patients were implanted with RFID chips in July 2003, to allow instant access to their medical records and “sub-dermal” tags have been used to track pets and livestock for over 10 years.
The tags are also already used for making wireless credit card payments. For example, ExxonMobil has attached tags to key-rings, to speed up gas station transactions for its customers. But ADS is the first company to propose sub-dermal chips as a means to secure or make financial payments.
Matt Reynolds of ThingMagic, a company in Cambridge, Massachusetts specialising in “embedded intelligence”, including RFID, is sceptical. “If the security was one day cracked, who would want to go in and get another implant?” he says.
Richard Smith, an internet security and privacy consultant in Boston, Massachusetts, says the device poses a security risk. The implanted tag could potentially be accessed by a bogus reader, unknown to the owner, and the signal “cloned”.
Cossolotto argues that decoding and reproducing the signal would not be trivial. “Right now people walk around with all kinds if important information in their pockets,” he told New Scientist. “This is a step forward for security – Veripay is not easily lost or stolen.”
Yet this is precisely why Katherine Albrecht, the founder of the consumer advocacy group CASPIAN, finds Veripay frightening: “It’s a lot easier to cancel and credit card account than it is to gouge a chip out of your arm.” She worries that the chips will provide tracking opportunities for advertisers wishing to know the intimate shopping habits of particular consumers.
Farther ahead, she says that the tags will provide a determined person with the means to track your every move. Beth Given, of the Privacy Rights Clearinghouse in San Diego, California, agrees: “If we establish a robust credit card network based on RFID chips implanted under the skin, we are also creating the infra-structure for potential government surveillance.”
Courtesy Maria Wheatley