RFID Inside

How Verichip Works¿and Doesn¿t

A shopper collapses at a grocery store. Alive but unresponsive, he is rushed to the emergency room of a local hospital. Seeing that the patient is emaciated and nearly hairless, doctors suspect that the man is undergoing an aggressive form of chemotherapy. But what drug is being used? Who is his personal physician? What other complications might be expected?

VeriChip, the first human implantable RFID chip approved for medical use in the United States, was intended for just such a situation. If the unfortunate fellow had been implanted with a VeriChip tag, and if he had the luck to be wheeled into a hospital that follows VeriChip’s suggested protocols, emergency room staff would scan his upper arm with a reader device while taking his vital signs.

The reader would then detect the unique 16-digit number the chip transmits and plug this identifier into a database, called VeriMed. Through VeriMed, the staff could obtain personal health information that the patient himself has provided, such as what drugs he is on and why, contact information for his physician, and possibly a link to the records at the hospital at which he is usually treated. Physicians in the emergency room would not have to waste time running unneeded diagnostic tests and could treat him faster and without fear of causing a deadly drug interaction.

The chip consists primarily of a coil of wire that acts as an antenna and a microchip capable of generating a radio signal that encodes 128 bits of information and is readable from, at most, centimeters away. The reading device emits a magnetic field that oscillates at a frequency of 134 kilohertz. The reader and the chip’s antenna basically form a transformer, turning the oscillating magnetic field into current in the implant.

Most of what’s known outside of VeriChip Corp. and its supplier, Raytheon’s Spanish subsidiary, comes from the RFID hobbyist Jonathan Westhues. In 2005, journalist Annalee Newitz approached Westhues and asked him to try to spoof—to create a tag that gives off an identical radio signal—the VeriChip that she’d had implanted for a story in Wired .

For a device that is marketed as part of an access-control and security application, VeriChip was distressingly easy to mimic. Westhues had already built a digital RFID reader, which he called the Proxmarkii, when Newitz contacted him. Using his reader, he was easily able to turn Newitz’s chip on, record and analyze the signal emitted, and then reproduce that signal—tricking an actual VeriChip reader into believing it was querying Newitz’s implant.

Westhues performed some further work with security expert Adam Stubblefield, an assistant research professor at Johns Hopkins University; with Ari Juels, head of security skunkworks at RSA Laboratories, in Bedford, Mass.; and with John Halamka, CIO of Beth Israel Deaconess Hospital, in Boston, and a VeriChip implantee.

Here’s what they found: when subjected to a 134-kHz magnetic field, the VeriChip will repeat a 128-bit message continuously for as long as the probe signal lasts. Although Westhues had only a handful of VeriChips to work with, among those few, only 32 of the bits varied. Those 32 existed in two chunks of 16 bits each. Westhues and his colleagues suppose that the remainder of the bits include a sequence that tells the reader when the 128-bit loop starts as well as some sort of error-checking or -correcting data.

The bits are encoded using what’s called Manchester-coded amplitude-shift keying. Amplitude-shift keying means simply that the bit is represented by a change in the amplitude of the radio wave. Manchester coding means that the direction of the amplitude change—low to high or high to low—is what counts, rather than the actual amplitude.

From a security standpoint, VeriChip’s only advantage over the RFID key that’s probably in your pocket right now is that you can’t lose it. Unlike some other RFID key signals, the radio signal the VeriChip emits does not change each time the tag is energized; so once you’ve read the chip, you can simply play back the signal you picked up and pretend to be in possession of the chip.

Westhues offered this analogy. Most security is achieved by putting a padlock on something. What security VeriChip offers is more akin to bolting something down with a five-sided bolt instead of a normal six-sided bolt. A standard wrench won’t be able to unbolt it, just as a standard reader won’t be able to understand a VeriChip. But a less specialized tool could easily unscrew the bolt, just as Westhues’s general RFID reader allowed him to detect and play back the chip’s signal.

Westhues is thus unimpressed with the chip. ”I’d say that in great part, everything about VeriChip has been sensationalism over reasonableness,” says Westhues. ”Once, instead of carrying a tag in your wallet, you implant it, things get funny. People stop thinking about the technical limits. People imagine that they’re more complex than they are.”

Though he confirms that the technical details are correct, Richard Seelig, VeriChip’s vice president for medical applications, is, naturally, critical of the group’s conclusions about the chip’s vulnerability. He argues that although these outsiders were able to spoof chips in the lab, they did not attempt to steal a VeriChip radio signal in the field, and so did not prove that such an attack is possible. He adds that when used as part of a security and access-control system, the signal from a VeriChip would not be the only authentication. A key code or some other kind of PIN would also be required.

VeriChip vice president for government and international affairs Keith Bolton, who handles the company’s security business, says there is a plan to add more security to VeriChip, but would not elaborate.

RSA’s Juels counters that the tests he and his colleagues carried out ”were sufficient to demonstrate a fundamental vulnerability to cloning attacks.” Even if they’d tried such attacks in the field, the only information they might gain would have to do with how far away you could be from the scanner and still clone a VeriChip signal. Also, Juels says that none of his implant-spoofing pals are antenna designers, so the information might not be the best anyway.

Juels is equally dismissive of Seelig’s argument that the VeriChip would never act as a key on its own. ”That the VeriChip may be secure when buttressed with another authenticator is, in my view, cold comfort,” says Juels. ”Parachute manufacturers do not justify defects in their products by arguing that skydivers generally carry two parachutes.” That said, he acknowledges that many common secondary authentication devices, such as four-digit PINs used in many automated bank teller machines, are known to be insufficient on their own. But, he adds, at least their users recognize the limits and try to compensate for them.

Only time will tell whether VeriChip Corp. has a future in the access-control market, but the company is certainly working to advance its medical business. This past October, Digital Angel Corp., a separate firm within the holding company that owns VeriChip Corp., was granted a U.S. patent on an implantable RFID chip that reads and transmits blood glucose levels. That would free many diabetics from having to lance their fingertips to keep track of their blood glucose levels and insulin needs. The company says such a device could enter clinical trials as early as November. ”It would take VeriMed to a completely different level,” says Seelig. ”…what the biosensing would do is let us not just tell who you are and some things about you, but tell how you are as well.”

—K.R.F. & J.J.