Moscow-based global security firm Kaspersky Lab used IFA 2015 to vividly demonstrate a world where microchips are implanted into humans, connecting people to their devices, before highlighting the security and privacy issues that could arise.
At its IFA press conference, a Kaspersky representative inserted a microchip inside a volunteer's hand in front of the audience. Such bio-chips can be used to connect people to their cars, front door locks, banks or any other connected object.
While chipping live creatures is not entirely new - people have been putting RFID chips into their pets for years - the first human adopters of bio-chips (approximately the size of a rice grain) began to emerge more recently. The smart implants allow users to control door locks, make bank payments and access gadgets such as a laptop with just the wave of a hand.
More and more people are now trying them out, because people’s curiosity is a strong factor, says Hannes Sjoblad of Swedish bio-hacking community BioNyfiken. As more of us become ‘upgraded,’ should we be worried about being hacked, tracked or otherwise exploited, just like our machine counterparts can be?
Kaspersky Lab, together with BioNyfiken, raised this question at IFA, convening a panel of four experts, including Sjoblad, University of Würzburg psychologist Astrid Carolus, alongside Marco Preuss, head of Kaspersky’s European research team GReAT, and Evgeny Chereshnev, chief mobile business officer at Kaspersky Lab and one of the early users of the technology.
Today, bio-chips can be bought online for about £60 and “you can implant it yourself in your kitchen,” says Chereshnev. Of course, if you’re not so keen on sticking a needle into your palm to get a chip under the skin, usually in the soft webbing between the thumb and forefinger, you can ask a professional piercer, who would do it for about £50, Chereshnev suggests.
Earlier this year, BioNyfiken teamed up with Kaspersky Lab to research the technology and the implications of connecting our bodies to the Internet. At the moment there are only a few hundred enthusiasts around the world who have actually gone ahead with a microchip implant, although more and more are willing to do it. At IFA, in a room of around 60 journalists, five people raised their hands when asked if they’d like to be microchipped.
A few months ago, BioNyfiken started microchipping as many volunteers as possible to see how people react to being upgraded, before the chips become truly mainstream. “We have chipped about 500 people in the last few months, so it’s really becoming a trend,” says Sjoblad. And it’s not just geeks and nerds who want to try it out, he adds. “About 30-40 per cent who asked to get the implants are women. And these women are just ordinary women, wearing normal clothes, working at normal jobs.”
Sjoblad says that although the chips are now very limited in their use, BioNyfiken wants “to contribute to the development of the [extended IoT] platform, to create the user cases for this tech.” He adds that he regards such smart implants as similar to having a tattoo.
So what are the benefits and the risks of getting a chip under your skin? “After a couple of weeks, I started to forget what it’s like to carry a badge or to open a door with a key,” says Chereshnev. “With the chip in my hand, I can enter the building, use the office printer and go to the gym without a membership card.”
The benefits are still limited, but there could be more in the future, says Preuss, but only once bio-chips get more powerful and ‘active’, instead of being passive. Another big limiting factor is memory: right now, a chip can store only about 880 bytes. “That’s not enough even for an empty word document, but it can store contact details, information for authentication for web services, for unlocking your door and your smartphone,” says Preuss. “It can also offer offline storage for bitcoin wallet.”
In the future though, besides using the chips to make payments, the implants could play the role of today’s fitness bracelets, tracking your pulse and body temperature. It should also be possible to use them as encryption and logging device, for secure communication. “I would use it for my physical self to retake some control of my digital self,” says Sjoblad.
Security and privacy
The obvious risk, however, is the implication for invasion of privacy and the danger that we could all be tracked. However, “people already own so many trackable devices – like one or more mobile phones – and so on that it’s totally possible to track us now if one wants to,” says Preuss.
Another concern is someone hacking a bio-chip and stealing personal data. For that to happen, the hacker would have to get “really, uncomfortably close” to your hand, to then download the data onto their smartphone wirelessly, Preuss argues. It has not yet been tested or proved whether someone could discreetly place their smartphone or RFID/NFC reader close to another person's bio-chipped hand and download the data without them noticing.
The existing bio-chips also have a four-digit pin that can be cracked in a short period of time. Crashes and data corruption are further unknowns, so a chip used to authenticate oneself when unlocking a smartphone could prove problematic if that chip dies.
Preuss says that all these problems simply mean that now is the perfect time to explore and research all potential security issues of the future by working with current chips. “It’s all at the very early stages at the moment and we have to think about the evolution of this technology to protect the data on the chip. The current research helps us influence the future development of the chip.”
One way to address the security issue would be to encrypt the information on the chip. However, as soon as processing power is required, you need a battery, which also means charging.
“I don't understand how you would charge me,” says Chereshnev. “We’re now talking to scientists to understand how far we can go to use body energy to power something within. After all, we eat a lot more calories than we need, so perhaps we could use that extra energy to power the chips”.
Once the encryption problem is solved, the chip could even replace your passport, your driving license, and so forth: “It has fantastic potential,” he says.
If microchips were to become mainstream, they would take their place alongside other implants already routinely used by humans, such as pacemakers, hearing aids and deep-brain stimulation systems.
“We understand the pros and cons of the technology and the threats out there,” says Chereshnev. “At the moment, I’m not ready to go to, say, my sister and tell her that it’s safe to use. But it’s getting there.”