Applied Digital Solutions of Palm Beach, Fla., is hoping that Americans can be persuaded to implant RFID chips under their skin to identify themselves when going to a cash machine or in place of using a credit card. The surgical procedure, which is performed with local anesthetic, embeds a 12-by-2.1mm RFID tag in the flesh of a human arm.
ADS Chief Executive Scott Silverman, in a speech at the ID World 2003 conference in Paris last Friday, said his company had developed a "VeriPay" RFID technology and was hoping to find partners in financial services firms.
Matthew Cossolotto, a spokesman for ADS who says he's been "chipped," argues that competing proposals to embed RFID tags in key fobs or cards were flawed. "If you lose the RFID key fob or if it's stolen, someone else could use it and have access to your important accounts," Cossolotto said. "VeriPay solves that problem. It's subdermal and very difficult to lose. You don't leave it sitting in the backseat of the taxi."
RFID tags are miniscule microchips, which some manufacturers have managed to shrink to half the size of a grain of sand. They listen for a radio query and respond by transmitting a unique ID code, typically a 64-bit identifier yielding about 18 thousand trillion possible values. Most RFID tags have no batteries. They use the power from the initial radio signal to transmit their response.
When embedded in human bodies, RFID tags raise unique security concerns. First, because they broadcast their ID number, a thief could rig up his or her own device to intercept and then rebroadcast the signal to an automatic teller machine. Second, sufficiently dedicated thieves may try to slice the tags out of their victims.
"We do hear concerns about this from a privacy point of view," Cossolotto said. "Obviously, the company wants to do all it can to protect privacy. If you don't want it anymore...you can go to a doctor and have it removed. It's not something I would recommend people do at home. I call it an opt-out feature."
Chris Hoofnagle, a lawyer at the Electronic Privacy Information Center, said implanted RFID tags cause an additional worry. "When your bank card is compromised, all you have to do is make a call to the issuer," Hoofnagle said. "In this case, you have to make a call to a surgeon.
"It doesn't make sense to go from a card, which is controlled by an individual, to a chip, which you cannot control."
ADS shares have slid from a high of about $12 in 2000 to 40 cents, and the company is now fighting to stay listed on the Nasdaq. "Our common stock did not regain the minimum bid price requirement and on Oct. 28, 2003, the Nasdaq Stock Market informed us by letter that our securities would be delisted from the SmallCap," ADS said in a Nov. 14 filing with the U.S. Securities and Exchange Commission. The company also warned that its implantable microchips are manufactured solely by Raytheon without a "formal written agreement," and any price increases or supply disruptions would have serious negative consequences.
MasterCard has been testing an RFID technology called PayPass. It looks like any other credit card but is outfitted with an RFID tag that lets it be read by a receiver instead of scanned through a magnetic stripe. "We're certainly looking at designs like key fobs," MasterCard Vice President Art Kranzley told USA Today last week. "It could be in a pen or a pair of earrings. Ultimately, it could be embedded in anything--someday, maybe even under the skin."