57 comments

[ 2.0 ms ] story [ 109 ms ] thread
I feel like the question to ask here is why? What on Earth are the benefits to implanting RFID chips into an employee to begin with that cannot be achieved via traditional means like badges or smart cards?

This seems like a huge hassle for employees themselves, especially if they decide to change employers and both for whatever reason want you to be chipped - so now you have multiple chips implanted or have to remove one and replace it with another. Again, for what benefit?

I'm not even going to get into tinfoil hat privacy territory, because it's not like these are going to be active RFID chips so they'll need to be in close proximity of a reader to be picked up. Worries like that are as far fetched as the people who think the government is spying on you using RFID equipped credit cards or transit passes (which annoyingly has led to most wallets these days having a small faraday cage woven into them, I literally couldn't find a wallet I liked a couple months ago that didn't have some RFID-blocking feature and it drives me nuts).

I wouldn't think changing jobs requires changing the chip. The original employer can simply mark ID#x as being invalid for access, and the new employer can mark ID#x as being valid.

That's not to say I'm for this. I'm reading the article, and I'm going WTF UK? _1984_ and _Brave New World_ were warnings, not manuals!

Based on the many incompatible rfid badge technologies, I’m guessing a single standard for implanted microchips is unlikely.
Why? We have it for pets.
While there is an ISO standard for pet chips, there are several competing versions that are also in use. I think my vet said there were 3 or 4 different kinds and each had a different kind of reader.
There's three different frequencies commonly used in microchips for pets: 125, 128, and 134.2 KHz (the last being the ISO standard). Hope your local animal shelter has a universal chip reader, because I doubt your vet knows whether the chips they use are standards-compliant or not.
ISO standards would be the least of my concerns given how common it is for implanted pet chips to migrate around the body and end up in the dog's leg etc.
>> tinfoil hat privacy

I thought privacy concerns around RFID payment and identification were more to do with abuse by private parties, like recording, spoofing/replay attacks, or just private collection. I think I remember some emphasis in early press coverage of e-passports on the idea that they would only be scan-able when opened, (although I'm not sure if that is either true, or helpful). So I guess State Dept. was concerned enough to discuss it.

It is common knowledge that large scale industrial surveillance exists, and contributes to fraud as a side effect. In such an environment, privacy concerns about RFID in payment and govt. ID cards hardly seem so outlandish that they should be dismissed out of hand.

> I thought privacy concerns around RFID payment and identification were more to do with abuse by private parties, like recording, spoofing/replay attacks, or just private collection.

Those are all legitimate concerns, though ultimately a well designed solution would use NFC smartcard emulation with a properly designed applet to alleviate these issues.

Unfortunately, most of the time I see people online wanting to figure out how to block RFID signals from their cards it's because they think they can be read from a distance much greater than a couple mm away from the card.

> What on Earth are the benefits to implanting RFID chips into an employee to begin with that cannot be achieved via traditional means like badges or smart cards?

No fan of the technology per-se, but presumably they can't be lost or stolen.

> No fan of the technology per-se, but presumably they can't be lost or stolen.

Yep, just like fingerprints can't be stolen. Wait, what are you doing with that knife?!

You don't even need a knife for fingerprints, you can lift them off of whatever that person has touched.
(comment deleted)
Yeah but you can use a knife for biometrics and implanted chips.
As someone who has had to manage access cards before I would think it is a cost saving measure. The amount of users who lose their cards several times a year is surprisingly large. Not to mention that the users also tend to lend them out and swap them.
That's easily solved by charging $10 for a lost card.
You'd be surprised. They did this at my university, and the numbers did not change significantly over the course of the year.

Edit: University charged for lost cards. They did not implant chips.

I meant for the fees to cover the replacement costs, not that people would stop losing their cards.
So put it in a bracelet.
>> I feel like the question to ask here is why? What on Earth are the benefits to implanting RFID chips into an employee to begin with that cannot be achieved via traditional means like badges or smart cards?

They own you for the $200-$400! Like having an MS13 tattoo all over your face...what gang are you going to be with for life? Raises cost absolutely. https://www.businessinsider.com/economic-reason-for-gang-mem... "If you picture one of these gangs in El Salvador, where many of the members have tattoos, literally from head to toe, it's much much harder for those employees to go and find a job somewhere else,"

Probably easier. If the employee is willing to roll over so much to perform minor surgery, they have a mentality that would be adored in many other places.
A previous employer wanted me to investigate the possibilities of implanted RFID in order to:

- Track employee bathroom breaks

- Track employee hours of work

- Ensure building security

(in that order)

Cards/Tags were not sufficient because he was certain the employees would cheat him by swapping their cards/tags amongst themselves.

Fingerprint "auth" could not be used for sanitary reasons, retina scanning was too slow.

Passive RFID can be read about 10-15 metres with good enough reader tech.

I don’t think an employer who treats their staff like that or wishes to is worth working for.

Trust works both ways.

Yes there are people who tread water and do little, this happens in any organisation past a certain size and they need to be encouraged or weeded out. But openly treating your staff like cattle is a sure fire way to kill any good will your staff have towards you.

An interesting question to ask is - would the executives submit to this? And would they be happy being judged by those criteria?

I’m not even going to be polite about it, any employer who feels the need to micromanage and audit their employees to this degree can go right to hell.

If anyone wanted to know the exact time I was in the bathroom and when I would tell them to go screw themselves and turn in my resignation.

Coming soon to an airport near you: the e-implant gates.
So the thing that is lacking here is the human user UI to go with this. What I mean is some sci-fi like vision overlay that allows you to approve someone reading the implant. If they had that and it means I never needed to carry an ID, credit cards, cash etc. it would be very interesting.
Yes please technology take over my agency! I've been squandering and handing it over for decades but please it's not been enough!! And since you're so listening technology can you make me into a flying buzzing drone, any size works!
A lot of the clothing you buy has RFID in tags sewn into the item. If you don't know this and don't remove these tags, you find that they will set off the exit/entry scanner at various stores unrelated to where the item was originally purchased.

I have a pair of shorts that this happens to on a regular basis. I cannot be bothered to remove the RFID tag at this point.

So if RFID tags are inserted into your body, how often will you trigger such scanners when you are doing your normal business?

What's the easiest way to detect this? Would an NFC phone app work in all cases?
If the NFC tag hasn't been locked, yes. On android I suggest using NFCTools, it's pretty good and gives you a lot of room for playing
Most likely it’s not NFC but a lower-frequency RFID (which as a side-effect gives it better range). You could use something like Proxmark3 (it’s an SDR and can speak many RFID standards in addition to NFC).
Easiest way to detect if there's an RFID tag is to put your shorts in the microwave for 10 seconds. Jokes aside, the only cases I know of where the RFID tag is sewn into the item permanently, is major Hotel chain towels.
> If you don't know this and don't remove these tags, you find that they will set off the exit/entry scanner at various stores unrelated to where the item was originally purchased.

Literally never happened to me, which makes me question the validity of both "a lot of the clothing you buy has RFID in tags sewn into the item" and "if you don't ... remove these tags, you find that they will set off the exit/entry scanner at various stores"

I've only heard of luxury brands bothering to sew them in, and with the purpose of identifying which items are authentic or not.
Right.

So, without the implant, someone who wants to break in to my place of work has to steal my card or convince me to give it to them.

With the implant, someone who wants to break in to my place of work has to cut it out of my finger/wrist/whatever.

Well, I think I'm done with this interview. Best of luck, chaps.

When I point out obvious problems such as that I'm told to stop being negative.
A bank of mine, years ago, proposed me to move to their biometric system on their ATMs. Faster, easiet, no PIN to remember.

They also said "safer". I told them that I much prefer to give the gentleman with a baseball bat my PIN then my hand.

They told me not to worry because it did not work with a detached hand. I asked them if the gentleman with the saw also knew it.

I am still with a PIN.

(comment deleted)
Fry: What if I don't want to be a delivery boy?

Leela: Then you'll be fired...

Fry: Fine.

Leela: ...out of a cannon, into the sun

Wouldn't implanting something in a human be considered surgery? I doubt getting a licensed medical staff to insert and remove the things will come cheap.
These procedures are mostly done by tattoo shops. From small RFID tags to matchbox sized electronics. It's just considered a form of piercing.
I'm sure there is some novel combination of technologies out there that would be a net positive to the employees. But rather than putting a bit of work into finding it, they propose the cheapest, privacy invasive, spookiest solution I can image. I guess we should be glad they didn't suggest a large tattoo on the forehead. With the right camera's you could verify your employees tattoo before they entered the building.

If they have of come up with something like FIDO2 embedded in the arm, something that allows multiple identities and allows me to select which identity is released by just thinking the right thing (perhaps move a muscle or two) it would be useful to all sorts of things. (Finally a real solution for the password problem.) Gee - I might even volunteer to pay for it myself.

Anyone who submits to this, and allows their employer to perform a surgical procedure upon them in order for them to work, needs their head examining. I'd personally be straight out of the door for a new job.
That's not how they get you though. They get desperate people to do it, then build momentum in the number of people with it. Then sooner or later everyone has one.
That's definitely how these things are played, no argument at all. But, this is one of the things I would never, ever compromise on. Allow my personal being to be violated for a job. Never.
You'd never sell this to people unless it was part of some bigger system that let you load your travel pass, building access, car access, maybe even contactless payment systems onto it. It'd have to be universal, completely reliable and completely risk-free.

And it'd have to come with some substantial therapy for my proper anxiety-disorder-level phobia of needles. I need that therapy anyway because I have to be given drugs before I'll let anybody stick a needle in me for any reason at all, but fortunately nobody's making a giant chip-inserting machine compulsory.

"think of the children" or "protect you from terrorists" or whatever the next cause to all our problems are will be used as an argument when it'll time to make this mainstream.
I have no issue with this. I work at a place where I carry a card and have to use fingerprint scanners. Fingerprint scanners are very moody. I suspect temperature is one factor, coming in from the cold with cold fingers. There are occasions where the things just won't allow me in. They're also revolting. Sometimes you put your finger on and it slides in some sort of oily goop. On other occasions you can feel a roughness of some dried crud. Undoubtedly a viral and bacterial hot spot.
I'd rather wash my hands than have some chip implanted in me.
Waste of time, waste of resources, inconvenient, intrusive - chips can be more easily removed than fingerprints.
... And this isn't even the Onion. I always have the feeling that the UK is obsessed with surveillance and security in an even creepier way than the US, but I can't quite put my finger on the reason. It's not like the US and other countries aren't trying very hard to control and monitor their citizens, it just feels a lot more dystopian in the UK. Maybe it's because movies/shows/stories that are dystopian are set in the UK more?