Office complex implants RFID chips in employees' hands

A Swedish high-tech office complex has been offering RFID chip implants to employees of corporate tenants to access security doors, use photocopiers and even pay for food in the cafeteria.

The corporate tenants of a Swedish high-tech office complex are having RFID NFC chips implanted in their hands, enabling access through security doors, as well as services such as copy machines, all without PIN codes or swipe cards.

The employees working at Epicenter, a 15,000-square-foot building in Stockholm, can even pay for lunch using their implants -- just as they would with the swipe of a credit card.

The owners of Epicenter say they want the facility to be a "magnet for fast growing digital companies and cutting-edge creative corporate initiatives."

"The fact that some people at the Epicenter office have chosen to replace their key fobs with NFC implants is their own personal choice," said Hannes Sjöblad, founder of Bionyfiken, a Swedish association of Biohackers. "It's a small, but indeed fast-growing, fraction which has chosen to try it out."

Sjöblad said there are also several other offices, companies, gyms and education institutions in Stockholm where people access the facilities with implanted RFID chips with NFC (near field communication).

The RFID implants are a bit larger than a grain of rice, and Sjöblad's group tested the chips last year. Bionyfiken has just launched a nationwide study on NFC/RFIC implants.

The goal of the Bionyfiken project is to create a user community of at least 100 people with NFC implants who experiment with and help develop possible uses.

For example, applications could expand beyond access and include employee ID and location tracking.

Participants in the Bionyfiken project normally pay for their own implants. There are even "implant parties," that involve from eight to 15 "implantees" and a bit of socializing around the experience.

BioNyfiken is also working to change public perception and educate people on the idea that subdermal implants are not only harmless but, in fact, useful in everyday life.

The fast-growing Bionyfiken RFID implant community is made up by a diverse group of people who see "experimenting with technology as a natural way of life," the organization's webpage states.

"The chips are easy to insert and just as easy to remove. The life length of a chip implant is long. I expect mine to last for 10-plus years, but likely I will want a newer model before that time," Sjöblad said.

Sjöblad believes getting an RFID implant is a highly personal choice "as it relates to individual integrity, which both I and my fellow Swedes consider highly important."

"However, I fundamentally believe that smart implants are a technology of the future," he added.

Not everyone is convinced inserting radio-transmitting chips with user ID information under your skin is a good idea.

John Kindervag, a principal security and privacy analyst at Forrester Research, said RFID implants are simply "scary" and pose a major threat to privacy and security.

While RFID chips, whether implanted or carried in a fob, are passive and not activated until they come within inches of an electronic reader, that reader can be hacked by impersonating another person's RFID chip to gain sensitive data.

Additionally, nefarious thieves can also set up readers in inconspicuous places (such as retail stores) to activate RFID chips, stealing access to the same information.

The difference between implants and popular mobile payment technologies, such as Apple Pay, is that an NFC implant would not typically be shielded.

External RFID chips, contained in smart phones, fobs or cards, can be placed in sleeves or protective wallets that block the radio signal until they're ready for use, Kindervag said.

Sjöblad, however, said implants have the potential to greatly increase efficiency and simplify mundane tasks. RFID chips are already used as car keys and membership cards, as well as be used as passwords and pin codes for logging into smartphones, tablets and computers.

"But this is really just a beginning. I believe it will be possible to use them for riding public transport within a year or two. (I believe it will be possible to facilitate payments with implants within two years," Sjöblad said. "I believe they will have the capacity to replace fitness trackers within 3 years. (And that, indeed, is still just the beginning."

RFID chips could also be used to control activity, Kindervag warned. For example, if a fob is used to enable a vehicle's ignition, a driver who is late with a car payment could have that device disabled by the bank.

"I think it's pretty scary that people would want to do that [implant chips]," Kindervag said. "That's a frightening apocalyptic vision, for sure."

Join the CSO newsletter!

Error: Please check your email address.

Tags mobile paymentssecuritydata privacyprivacy policyprivacy

More about AppleForrester ResearchindeedNFC

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Lucas Mearian

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts